1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. Core
  5. NetworkSecurityGroupSecurityRule
Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi

oci.Core.NetworkSecurityGroupSecurityRule

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi

    This resource provides the Network Security Group Security Rule resource in Oracle Cloud Infrastructure Core service.

    Adds up to 25 security rules to the specified network security group. Adding more than 25 rules requires multiple operations.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as oci from "@pulumi/oci";
    
    const testNetworkSecurityGroupSecurityRule = new oci.core.NetworkSecurityGroupSecurityRule("test_network_security_group_security_rule", {
        networkSecurityGroupId: testNetworkSecurityGroup.id,
        direction: networkSecurityGroupSecurityRuleDirection,
        protocol: networkSecurityGroupSecurityRuleProtocol,
        description: networkSecurityGroupSecurityRuleDescription,
        destination: networkSecurityGroupSecurityRuleDestination,
        destinationType: networkSecurityGroupSecurityRuleDestinationType,
        icmpOptions: {
            type: networkSecurityGroupSecurityRuleIcmpOptionsType,
            code: networkSecurityGroupSecurityRuleIcmpOptionsCode,
        },
        source: networkSecurityGroupSecurityRuleSource,
        sourceType: networkSecurityGroupSecurityRuleSourceType,
        stateless: networkSecurityGroupSecurityRuleStateless,
        tcpOptions: {
            destinationPortRange: {
                max: networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMax,
                min: networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMin,
            },
            sourcePortRange: {
                max: networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMax,
                min: networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMin,
            },
        },
        udpOptions: {
            destinationPortRange: {
                max: networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMax,
                min: networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMin,
            },
            sourcePortRange: {
                max: networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMax,
                min: networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMin,
            },
        },
    });
    
    import pulumi
    import pulumi_oci as oci
    
    test_network_security_group_security_rule = oci.core.NetworkSecurityGroupSecurityRule("test_network_security_group_security_rule",
        network_security_group_id=test_network_security_group["id"],
        direction=network_security_group_security_rule_direction,
        protocol=network_security_group_security_rule_protocol,
        description=network_security_group_security_rule_description,
        destination=network_security_group_security_rule_destination,
        destination_type=network_security_group_security_rule_destination_type,
        icmp_options={
            "type": network_security_group_security_rule_icmp_options_type,
            "code": network_security_group_security_rule_icmp_options_code,
        },
        source=network_security_group_security_rule_source,
        source_type=network_security_group_security_rule_source_type,
        stateless=network_security_group_security_rule_stateless,
        tcp_options={
            "destination_port_range": {
                "max": network_security_group_security_rule_tcp_options_destination_port_range_max,
                "min": network_security_group_security_rule_tcp_options_destination_port_range_min,
            },
            "source_port_range": {
                "max": network_security_group_security_rule_tcp_options_source_port_range_max,
                "min": network_security_group_security_rule_tcp_options_source_port_range_min,
            },
        },
        udp_options={
            "destination_port_range": {
                "max": network_security_group_security_rule_udp_options_destination_port_range_max,
                "min": network_security_group_security_rule_udp_options_destination_port_range_min,
            },
            "source_port_range": {
                "max": network_security_group_security_rule_udp_options_source_port_range_max,
                "min": network_security_group_security_rule_udp_options_source_port_range_min,
            },
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/Core"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := Core.NewNetworkSecurityGroupSecurityRule(ctx, "test_network_security_group_security_rule", &Core.NetworkSecurityGroupSecurityRuleArgs{
    			NetworkSecurityGroupId: pulumi.Any(testNetworkSecurityGroup.Id),
    			Direction:              pulumi.Any(networkSecurityGroupSecurityRuleDirection),
    			Protocol:               pulumi.Any(networkSecurityGroupSecurityRuleProtocol),
    			Description:            pulumi.Any(networkSecurityGroupSecurityRuleDescription),
    			Destination:            pulumi.Any(networkSecurityGroupSecurityRuleDestination),
    			DestinationType:        pulumi.Any(networkSecurityGroupSecurityRuleDestinationType),
    			IcmpOptions: &core.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs{
    				Type: pulumi.Any(networkSecurityGroupSecurityRuleIcmpOptionsType),
    				Code: pulumi.Any(networkSecurityGroupSecurityRuleIcmpOptionsCode),
    			},
    			Source:     pulumi.Any(networkSecurityGroupSecurityRuleSource),
    			SourceType: pulumi.Any(networkSecurityGroupSecurityRuleSourceType),
    			Stateless:  pulumi.Any(networkSecurityGroupSecurityRuleStateless),
    			TcpOptions: &core.NetworkSecurityGroupSecurityRuleTcpOptionsArgs{
    				DestinationPortRange: &core.NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeArgs{
    					Max: pulumi.Any(networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMax),
    					Min: pulumi.Any(networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMin),
    				},
    				SourcePortRange: &core.NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeArgs{
    					Max: pulumi.Any(networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMax),
    					Min: pulumi.Any(networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMin),
    				},
    			},
    			UdpOptions: &core.NetworkSecurityGroupSecurityRuleUdpOptionsArgs{
    				DestinationPortRange: &core.NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeArgs{
    					Max: pulumi.Any(networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMax),
    					Min: pulumi.Any(networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMin),
    				},
    				SourcePortRange: &core.NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeArgs{
    					Max: pulumi.Any(networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMax),
    					Min: pulumi.Any(networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMin),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Oci = Pulumi.Oci;
    
    return await Deployment.RunAsync(() => 
    {
        var testNetworkSecurityGroupSecurityRule = new Oci.Core.NetworkSecurityGroupSecurityRule("test_network_security_group_security_rule", new()
        {
            NetworkSecurityGroupId = testNetworkSecurityGroup.Id,
            Direction = networkSecurityGroupSecurityRuleDirection,
            Protocol = networkSecurityGroupSecurityRuleProtocol,
            Description = networkSecurityGroupSecurityRuleDescription,
            Destination = networkSecurityGroupSecurityRuleDestination,
            DestinationType = networkSecurityGroupSecurityRuleDestinationType,
            IcmpOptions = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs
            {
                Type = networkSecurityGroupSecurityRuleIcmpOptionsType,
                Code = networkSecurityGroupSecurityRuleIcmpOptionsCode,
            },
            Source = networkSecurityGroupSecurityRuleSource,
            SourceType = networkSecurityGroupSecurityRuleSourceType,
            Stateless = networkSecurityGroupSecurityRuleStateless,
            TcpOptions = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleTcpOptionsArgs
            {
                DestinationPortRange = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeArgs
                {
                    Max = networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMax,
                    Min = networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMin,
                },
                SourcePortRange = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeArgs
                {
                    Max = networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMax,
                    Min = networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMin,
                },
            },
            UdpOptions = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleUdpOptionsArgs
            {
                DestinationPortRange = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeArgs
                {
                    Max = networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMax,
                    Min = networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMin,
                },
                SourcePortRange = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeArgs
                {
                    Max = networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMax,
                    Min = networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMin,
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.Core.NetworkSecurityGroupSecurityRule;
    import com.pulumi.oci.Core.NetworkSecurityGroupSecurityRuleArgs;
    import com.pulumi.oci.Core.inputs.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs;
    import com.pulumi.oci.Core.inputs.NetworkSecurityGroupSecurityRuleTcpOptionsArgs;
    import com.pulumi.oci.Core.inputs.NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeArgs;
    import com.pulumi.oci.Core.inputs.NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeArgs;
    import com.pulumi.oci.Core.inputs.NetworkSecurityGroupSecurityRuleUdpOptionsArgs;
    import com.pulumi.oci.Core.inputs.NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeArgs;
    import com.pulumi.oci.Core.inputs.NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var testNetworkSecurityGroupSecurityRule = new NetworkSecurityGroupSecurityRule("testNetworkSecurityGroupSecurityRule", NetworkSecurityGroupSecurityRuleArgs.builder()
                .networkSecurityGroupId(testNetworkSecurityGroup.id())
                .direction(networkSecurityGroupSecurityRuleDirection)
                .protocol(networkSecurityGroupSecurityRuleProtocol)
                .description(networkSecurityGroupSecurityRuleDescription)
                .destination(networkSecurityGroupSecurityRuleDestination)
                .destinationType(networkSecurityGroupSecurityRuleDestinationType)
                .icmpOptions(NetworkSecurityGroupSecurityRuleIcmpOptionsArgs.builder()
                    .type(networkSecurityGroupSecurityRuleIcmpOptionsType)
                    .code(networkSecurityGroupSecurityRuleIcmpOptionsCode)
                    .build())
                .source(networkSecurityGroupSecurityRuleSource)
                .sourceType(networkSecurityGroupSecurityRuleSourceType)
                .stateless(networkSecurityGroupSecurityRuleStateless)
                .tcpOptions(NetworkSecurityGroupSecurityRuleTcpOptionsArgs.builder()
                    .destinationPortRange(NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeArgs.builder()
                        .max(networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMax)
                        .min(networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMin)
                        .build())
                    .sourcePortRange(NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeArgs.builder()
                        .max(networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMax)
                        .min(networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMin)
                        .build())
                    .build())
                .udpOptions(NetworkSecurityGroupSecurityRuleUdpOptionsArgs.builder()
                    .destinationPortRange(NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeArgs.builder()
                        .max(networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMax)
                        .min(networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMin)
                        .build())
                    .sourcePortRange(NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeArgs.builder()
                        .max(networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMax)
                        .min(networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMin)
                        .build())
                    .build())
                .build());
    
        }
    }
    
    resources:
      testNetworkSecurityGroupSecurityRule:
        type: oci:Core:NetworkSecurityGroupSecurityRule
        name: test_network_security_group_security_rule
        properties:
          networkSecurityGroupId: ${testNetworkSecurityGroup.id}
          direction: ${networkSecurityGroupSecurityRuleDirection}
          protocol: ${networkSecurityGroupSecurityRuleProtocol}
          description: ${networkSecurityGroupSecurityRuleDescription}
          destination: ${networkSecurityGroupSecurityRuleDestination}
          destinationType: ${networkSecurityGroupSecurityRuleDestinationType}
          icmpOptions:
            type: ${networkSecurityGroupSecurityRuleIcmpOptionsType}
            code: ${networkSecurityGroupSecurityRuleIcmpOptionsCode}
          source: ${networkSecurityGroupSecurityRuleSource}
          sourceType: ${networkSecurityGroupSecurityRuleSourceType}
          stateless: ${networkSecurityGroupSecurityRuleStateless}
          tcpOptions:
            destinationPortRange:
              max: ${networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMax}
              min: ${networkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeMin}
            sourcePortRange:
              max: ${networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMax}
              min: ${networkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeMin}
          udpOptions:
            destinationPortRange:
              max: ${networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMax}
              min: ${networkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeMin}
            sourcePortRange:
              max: ${networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMax}
              min: ${networkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeMin}
    

    Create NetworkSecurityGroupSecurityRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new NetworkSecurityGroupSecurityRule(name: string, args: NetworkSecurityGroupSecurityRuleArgs, opts?: CustomResourceOptions);
    @overload
    def NetworkSecurityGroupSecurityRule(resource_name: str,
                                         args: NetworkSecurityGroupSecurityRuleArgs,
                                         opts: Optional[ResourceOptions] = None)
    
    @overload
    def NetworkSecurityGroupSecurityRule(resource_name: str,
                                         opts: Optional[ResourceOptions] = None,
                                         direction: Optional[str] = None,
                                         network_security_group_id: Optional[str] = None,
                                         protocol: Optional[str] = None,
                                         description: Optional[str] = None,
                                         destination: Optional[str] = None,
                                         destination_type: Optional[str] = None,
                                         icmp_options: Optional[_core.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs] = None,
                                         source: Optional[str] = None,
                                         source_type: Optional[str] = None,
                                         stateless: Optional[bool] = None,
                                         tcp_options: Optional[_core.NetworkSecurityGroupSecurityRuleTcpOptionsArgs] = None,
                                         udp_options: Optional[_core.NetworkSecurityGroupSecurityRuleUdpOptionsArgs] = None)
    func NewNetworkSecurityGroupSecurityRule(ctx *Context, name string, args NetworkSecurityGroupSecurityRuleArgs, opts ...ResourceOption) (*NetworkSecurityGroupSecurityRule, error)
    public NetworkSecurityGroupSecurityRule(string name, NetworkSecurityGroupSecurityRuleArgs args, CustomResourceOptions? opts = null)
    public NetworkSecurityGroupSecurityRule(String name, NetworkSecurityGroupSecurityRuleArgs args)
    public NetworkSecurityGroupSecurityRule(String name, NetworkSecurityGroupSecurityRuleArgs args, CustomResourceOptions options)
    
    type: oci:Core:NetworkSecurityGroupSecurityRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args NetworkSecurityGroupSecurityRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args NetworkSecurityGroupSecurityRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args NetworkSecurityGroupSecurityRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args NetworkSecurityGroupSecurityRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args NetworkSecurityGroupSecurityRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var networkSecurityGroupSecurityRuleResource = new Oci.Core.NetworkSecurityGroupSecurityRule("networkSecurityGroupSecurityRuleResource", new()
    {
        Direction = "string",
        NetworkSecurityGroupId = "string",
        Protocol = "string",
        Description = "string",
        Destination = "string",
        DestinationType = "string",
        IcmpOptions = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs
        {
            Type = 0,
            Code = 0,
        },
        Source = "string",
        SourceType = "string",
        Stateless = false,
        TcpOptions = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleTcpOptionsArgs
        {
            DestinationPortRange = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeArgs
            {
                Max = 0,
                Min = 0,
            },
            SourcePortRange = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeArgs
            {
                Max = 0,
                Min = 0,
            },
        },
        UdpOptions = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleUdpOptionsArgs
        {
            DestinationPortRange = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeArgs
            {
                Max = 0,
                Min = 0,
            },
            SourcePortRange = new Oci.Core.Inputs.NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeArgs
            {
                Max = 0,
                Min = 0,
            },
        },
    });
    
    example, err := Core.NewNetworkSecurityGroupSecurityRule(ctx, "networkSecurityGroupSecurityRuleResource", &Core.NetworkSecurityGroupSecurityRuleArgs{
    	Direction:              pulumi.String("string"),
    	NetworkSecurityGroupId: pulumi.String("string"),
    	Protocol:               pulumi.String("string"),
    	Description:            pulumi.String("string"),
    	Destination:            pulumi.String("string"),
    	DestinationType:        pulumi.String("string"),
    	IcmpOptions: &core.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs{
    		Type: pulumi.Int(0),
    		Code: pulumi.Int(0),
    	},
    	Source:     pulumi.String("string"),
    	SourceType: pulumi.String("string"),
    	Stateless:  pulumi.Bool(false),
    	TcpOptions: &core.NetworkSecurityGroupSecurityRuleTcpOptionsArgs{
    		DestinationPortRange: &core.NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeArgs{
    			Max: pulumi.Int(0),
    			Min: pulumi.Int(0),
    		},
    		SourcePortRange: &core.NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeArgs{
    			Max: pulumi.Int(0),
    			Min: pulumi.Int(0),
    		},
    	},
    	UdpOptions: &core.NetworkSecurityGroupSecurityRuleUdpOptionsArgs{
    		DestinationPortRange: &core.NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeArgs{
    			Max: pulumi.Int(0),
    			Min: pulumi.Int(0),
    		},
    		SourcePortRange: &core.NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeArgs{
    			Max: pulumi.Int(0),
    			Min: pulumi.Int(0),
    		},
    	},
    })
    
    var networkSecurityGroupSecurityRuleResource = new NetworkSecurityGroupSecurityRule("networkSecurityGroupSecurityRuleResource", NetworkSecurityGroupSecurityRuleArgs.builder()
        .direction("string")
        .networkSecurityGroupId("string")
        .protocol("string")
        .description("string")
        .destination("string")
        .destinationType("string")
        .icmpOptions(NetworkSecurityGroupSecurityRuleIcmpOptionsArgs.builder()
            .type(0)
            .code(0)
            .build())
        .source("string")
        .sourceType("string")
        .stateless(false)
        .tcpOptions(NetworkSecurityGroupSecurityRuleTcpOptionsArgs.builder()
            .destinationPortRange(NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeArgs.builder()
                .max(0)
                .min(0)
                .build())
            .sourcePortRange(NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeArgs.builder()
                .max(0)
                .min(0)
                .build())
            .build())
        .udpOptions(NetworkSecurityGroupSecurityRuleUdpOptionsArgs.builder()
            .destinationPortRange(NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeArgs.builder()
                .max(0)
                .min(0)
                .build())
            .sourcePortRange(NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeArgs.builder()
                .max(0)
                .min(0)
                .build())
            .build())
        .build());
    
    network_security_group_security_rule_resource = oci.core.NetworkSecurityGroupSecurityRule("networkSecurityGroupSecurityRuleResource",
        direction="string",
        network_security_group_id="string",
        protocol="string",
        description="string",
        destination="string",
        destination_type="string",
        icmp_options={
            "type": 0,
            "code": 0,
        },
        source="string",
        source_type="string",
        stateless=False,
        tcp_options={
            "destination_port_range": {
                "max": 0,
                "min": 0,
            },
            "source_port_range": {
                "max": 0,
                "min": 0,
            },
        },
        udp_options={
            "destination_port_range": {
                "max": 0,
                "min": 0,
            },
            "source_port_range": {
                "max": 0,
                "min": 0,
            },
        })
    
    const networkSecurityGroupSecurityRuleResource = new oci.core.NetworkSecurityGroupSecurityRule("networkSecurityGroupSecurityRuleResource", {
        direction: "string",
        networkSecurityGroupId: "string",
        protocol: "string",
        description: "string",
        destination: "string",
        destinationType: "string",
        icmpOptions: {
            type: 0,
            code: 0,
        },
        source: "string",
        sourceType: "string",
        stateless: false,
        tcpOptions: {
            destinationPortRange: {
                max: 0,
                min: 0,
            },
            sourcePortRange: {
                max: 0,
                min: 0,
            },
        },
        udpOptions: {
            destinationPortRange: {
                max: 0,
                min: 0,
            },
            sourcePortRange: {
                max: 0,
                min: 0,
            },
        },
    });
    
    type: oci:Core:NetworkSecurityGroupSecurityRule
    properties:
        description: string
        destination: string
        destinationType: string
        direction: string
        icmpOptions:
            code: 0
            type: 0
        networkSecurityGroupId: string
        protocol: string
        source: string
        sourceType: string
        stateless: false
        tcpOptions:
            destinationPortRange:
                max: 0
                min: 0
            sourcePortRange:
                max: 0
                min: 0
        udpOptions:
            destinationPortRange:
                max: 0
                min: 0
            sourcePortRange:
                max: 0
                min: 0
    

    NetworkSecurityGroupSecurityRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The NetworkSecurityGroupSecurityRule resource accepts the following input properties:

    Direction string
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    NetworkSecurityGroupId string
    The OCID of the network security group.
    Protocol string
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    Description string
    An optional description of your choice for the rule.
    Destination string
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    DestinationType string
    Type of destination for the rule. Required if direction = EGRESS.
    IcmpOptions NetworkSecurityGroupSecurityRuleIcmpOptions
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    Source string
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    SourceType string
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    Stateless bool
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    TcpOptions NetworkSecurityGroupSecurityRuleTcpOptions
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    UdpOptions NetworkSecurityGroupSecurityRuleUdpOptions
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    Direction string
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    NetworkSecurityGroupId string
    The OCID of the network security group.
    Protocol string
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    Description string
    An optional description of your choice for the rule.
    Destination string
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    DestinationType string
    Type of destination for the rule. Required if direction = EGRESS.
    IcmpOptions NetworkSecurityGroupSecurityRuleIcmpOptionsArgs
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    Source string
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    SourceType string
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    Stateless bool
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    TcpOptions NetworkSecurityGroupSecurityRuleTcpOptionsArgs
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    UdpOptions NetworkSecurityGroupSecurityRuleUdpOptionsArgs
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    direction String
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    networkSecurityGroupId String
    The OCID of the network security group.
    protocol String
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    description String
    An optional description of your choice for the rule.
    destination String
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    destinationType String
    Type of destination for the rule. Required if direction = EGRESS.
    icmpOptions NetworkSecurityGroupSecurityRuleIcmpOptions
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    source String
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    sourceType String
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    stateless Boolean
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    tcpOptions NetworkSecurityGroupSecurityRuleTcpOptions
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    udpOptions NetworkSecurityGroupSecurityRuleUdpOptions
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    direction string
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    networkSecurityGroupId string
    The OCID of the network security group.
    protocol string
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    description string
    An optional description of your choice for the rule.
    destination string
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    destinationType string
    Type of destination for the rule. Required if direction = EGRESS.
    icmpOptions NetworkSecurityGroupSecurityRuleIcmpOptions
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    source string
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    sourceType string
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    stateless boolean
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    tcpOptions NetworkSecurityGroupSecurityRuleTcpOptions
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    udpOptions NetworkSecurityGroupSecurityRuleUdpOptions
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    direction str
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    network_security_group_id str
    The OCID of the network security group.
    protocol str
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    description str
    An optional description of your choice for the rule.
    destination str
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    destination_type str
    Type of destination for the rule. Required if direction = EGRESS.
    icmp_options core.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    source str
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    source_type str
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    stateless bool
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    tcp_options core.NetworkSecurityGroupSecurityRuleTcpOptionsArgs
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    udp_options core.NetworkSecurityGroupSecurityRuleUdpOptionsArgs
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    direction String
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    networkSecurityGroupId String
    The OCID of the network security group.
    protocol String
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    description String
    An optional description of your choice for the rule.
    destination String
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    destinationType String
    Type of destination for the rule. Required if direction = EGRESS.
    icmpOptions Property Map
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    source String
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    sourceType String
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    stateless Boolean
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    tcpOptions Property Map
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    udpOptions Property Map
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the NetworkSecurityGroupSecurityRule resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    IsValid bool
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    TimeCreated string
    The date and time the security rule was created. Format defined by RFC3339.
    Id string
    The provider-assigned unique ID for this managed resource.
    IsValid bool
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    TimeCreated string
    The date and time the security rule was created. Format defined by RFC3339.
    id String
    The provider-assigned unique ID for this managed resource.
    isValid Boolean
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    timeCreated String
    The date and time the security rule was created. Format defined by RFC3339.
    id string
    The provider-assigned unique ID for this managed resource.
    isValid boolean
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    timeCreated string
    The date and time the security rule was created. Format defined by RFC3339.
    id str
    The provider-assigned unique ID for this managed resource.
    is_valid bool
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    time_created str
    The date and time the security rule was created. Format defined by RFC3339.
    id String
    The provider-assigned unique ID for this managed resource.
    isValid Boolean
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    timeCreated String
    The date and time the security rule was created. Format defined by RFC3339.

    Look up Existing NetworkSecurityGroupSecurityRule Resource

    Get an existing NetworkSecurityGroupSecurityRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: NetworkSecurityGroupSecurityRuleState, opts?: CustomResourceOptions): NetworkSecurityGroupSecurityRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            description: Optional[str] = None,
            destination: Optional[str] = None,
            destination_type: Optional[str] = None,
            direction: Optional[str] = None,
            icmp_options: Optional[_core.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs] = None,
            is_valid: Optional[bool] = None,
            network_security_group_id: Optional[str] = None,
            protocol: Optional[str] = None,
            source: Optional[str] = None,
            source_type: Optional[str] = None,
            stateless: Optional[bool] = None,
            tcp_options: Optional[_core.NetworkSecurityGroupSecurityRuleTcpOptionsArgs] = None,
            time_created: Optional[str] = None,
            udp_options: Optional[_core.NetworkSecurityGroupSecurityRuleUdpOptionsArgs] = None) -> NetworkSecurityGroupSecurityRule
    func GetNetworkSecurityGroupSecurityRule(ctx *Context, name string, id IDInput, state *NetworkSecurityGroupSecurityRuleState, opts ...ResourceOption) (*NetworkSecurityGroupSecurityRule, error)
    public static NetworkSecurityGroupSecurityRule Get(string name, Input<string> id, NetworkSecurityGroupSecurityRuleState? state, CustomResourceOptions? opts = null)
    public static NetworkSecurityGroupSecurityRule get(String name, Output<String> id, NetworkSecurityGroupSecurityRuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Description string
    An optional description of your choice for the rule.
    Destination string
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    DestinationType string
    Type of destination for the rule. Required if direction = EGRESS.
    Direction string
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    IcmpOptions NetworkSecurityGroupSecurityRuleIcmpOptions
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    IsValid bool
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    NetworkSecurityGroupId string
    The OCID of the network security group.
    Protocol string
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    Source string
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    SourceType string
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    Stateless bool
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    TcpOptions NetworkSecurityGroupSecurityRuleTcpOptions
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    TimeCreated string
    The date and time the security rule was created. Format defined by RFC3339.
    UdpOptions NetworkSecurityGroupSecurityRuleUdpOptions
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    Description string
    An optional description of your choice for the rule.
    Destination string
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    DestinationType string
    Type of destination for the rule. Required if direction = EGRESS.
    Direction string
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    IcmpOptions NetworkSecurityGroupSecurityRuleIcmpOptionsArgs
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    IsValid bool
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    NetworkSecurityGroupId string
    The OCID of the network security group.
    Protocol string
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    Source string
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    SourceType string
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    Stateless bool
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    TcpOptions NetworkSecurityGroupSecurityRuleTcpOptionsArgs
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    TimeCreated string
    The date and time the security rule was created. Format defined by RFC3339.
    UdpOptions NetworkSecurityGroupSecurityRuleUdpOptionsArgs
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    description String
    An optional description of your choice for the rule.
    destination String
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    destinationType String
    Type of destination for the rule. Required if direction = EGRESS.
    direction String
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    icmpOptions NetworkSecurityGroupSecurityRuleIcmpOptions
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    isValid Boolean
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    networkSecurityGroupId String
    The OCID of the network security group.
    protocol String
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    source String
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    sourceType String
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    stateless Boolean
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    tcpOptions NetworkSecurityGroupSecurityRuleTcpOptions
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    timeCreated String
    The date and time the security rule was created. Format defined by RFC3339.
    udpOptions NetworkSecurityGroupSecurityRuleUdpOptions
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    description string
    An optional description of your choice for the rule.
    destination string
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    destinationType string
    Type of destination for the rule. Required if direction = EGRESS.
    direction string
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    icmpOptions NetworkSecurityGroupSecurityRuleIcmpOptions
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    isValid boolean
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    networkSecurityGroupId string
    The OCID of the network security group.
    protocol string
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    source string
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    sourceType string
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    stateless boolean
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    tcpOptions NetworkSecurityGroupSecurityRuleTcpOptions
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    timeCreated string
    The date and time the security rule was created. Format defined by RFC3339.
    udpOptions NetworkSecurityGroupSecurityRuleUdpOptions
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    description str
    An optional description of your choice for the rule.
    destination str
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    destination_type str
    Type of destination for the rule. Required if direction = EGRESS.
    direction str
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    icmp_options core.NetworkSecurityGroupSecurityRuleIcmpOptionsArgs
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    is_valid bool
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    network_security_group_id str
    The OCID of the network security group.
    protocol str
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    source str
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    source_type str
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    stateless bool
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    tcp_options core.NetworkSecurityGroupSecurityRuleTcpOptionsArgs
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    time_created str
    The date and time the security rule was created. Format defined by RFC3339.
    udp_options core.NetworkSecurityGroupSecurityRuleUdpOptionsArgs
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.
    description String
    An optional description of your choice for the rule.
    destination String
    Conceptually, this is the range of IP addresses that a packet originating from the instance can go to.
    destinationType String
    Type of destination for the rule. Required if direction = EGRESS.
    direction String
    Direction of the security rule. Set to EGRESS for rules to allow outbound IP packets, or INGRESS for rules to allow inbound IP packets.
    icmpOptions Property Map
    Optional and valid only for ICMP and ICMPv6. Use to specify a particular ICMP type and code as defined in:

    isValid Boolean
    Whether the rule is valid. The value is True when the rule is first created. If the rule's source or destination is a network security group, the value changes to False if that network security group is deleted.
    networkSecurityGroupId String
    The OCID of the network security group.
    protocol String
    The transport protocol. Specify either all or an IPv4 protocol number as defined in Protocol Numbers. Options are supported only for ICMP ("1"), TCP ("6"), UDP ("17"), and ICMPv6 ("58").
    source String
    Conceptually, this is the range of IP addresses that a packet coming into the instance can come from.
    sourceType String
    Type of source for the rule. Required if direction = INGRESS.

    • CIDR_BLOCK: If the rule's source is an IP address range in CIDR notation.
    • SERVICE_CIDR_BLOCK: If the rule's source is the cidrBlock value for a Service (the rule is for traffic coming from a particular Service through a service gateway).
    • NETWORK_SECURITY_GROUP: If the rule's source is the OCID of a NetworkSecurityGroup.
    stateless Boolean
    A stateless rule allows traffic in one direction. Remember to add a corresponding stateless rule in the other direction if you need to support bidirectional traffic. For example, if egress traffic allows TCP destination port 80, there should be an ingress rule to allow TCP source port 80. Defaults to false, which means the rule is stateful and a corresponding rule is not necessary for bidirectional traffic.
    tcpOptions Property Map
    Optional and valid only for TCP. Use to specify particular destination ports for TCP rules. If you specify TCP as the protocol but omit this object, then all destination ports are allowed.
    timeCreated String
    The date and time the security rule was created. Format defined by RFC3339.
    udpOptions Property Map
    Optional and valid only for UDP. Use to specify particular destination ports for UDP rules. If you specify UDP as the protocol but omit this object, then all destination ports are allowed.

    Supporting Types

    NetworkSecurityGroupSecurityRuleIcmpOptions, NetworkSecurityGroupSecurityRuleIcmpOptionsArgs

    Type int
    The ICMP type.
    Code int
    The ICMP code (optional).
    Type int
    The ICMP type.
    Code int
    The ICMP code (optional).
    type Integer
    The ICMP type.
    code Integer
    The ICMP code (optional).
    type number
    The ICMP type.
    code number
    The ICMP code (optional).
    type int
    The ICMP type.
    code int
    The ICMP code (optional).
    type Number
    The ICMP type.
    code Number
    The ICMP code (optional).

    NetworkSecurityGroupSecurityRuleTcpOptions, NetworkSecurityGroupSecurityRuleTcpOptionsArgs

    NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRange, NetworkSecurityGroupSecurityRuleTcpOptionsDestinationPortRangeArgs

    Max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    Min int
    The minimum port number, which must not be greater than the maximum port number.
    Max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    Min int
    The minimum port number, which must not be greater than the maximum port number.
    max Integer
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min Integer
    The minimum port number, which must not be greater than the maximum port number.
    max number
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min number
    The minimum port number, which must not be greater than the maximum port number.
    max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min int
    The minimum port number, which must not be greater than the maximum port number.
    max Number
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min Number
    The minimum port number, which must not be greater than the maximum port number.

    NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRange, NetworkSecurityGroupSecurityRuleTcpOptionsSourcePortRangeArgs

    Max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    Min int
    The minimum port number, which must not be greater than the maximum port number.
    Max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    Min int
    The minimum port number, which must not be greater than the maximum port number.
    max Integer
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min Integer
    The minimum port number, which must not be greater than the maximum port number.
    max number
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min number
    The minimum port number, which must not be greater than the maximum port number.
    max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min int
    The minimum port number, which must not be greater than the maximum port number.
    max Number
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min Number
    The minimum port number, which must not be greater than the maximum port number.

    NetworkSecurityGroupSecurityRuleUdpOptions, NetworkSecurityGroupSecurityRuleUdpOptionsArgs

    NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRange, NetworkSecurityGroupSecurityRuleUdpOptionsDestinationPortRangeArgs

    Max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    Min int
    The minimum port number, which must not be greater than the maximum port number.
    Max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    Min int
    The minimum port number, which must not be greater than the maximum port number.
    max Integer
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min Integer
    The minimum port number, which must not be greater than the maximum port number.
    max number
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min number
    The minimum port number, which must not be greater than the maximum port number.
    max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min int
    The minimum port number, which must not be greater than the maximum port number.
    max Number
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min Number
    The minimum port number, which must not be greater than the maximum port number.

    NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRange, NetworkSecurityGroupSecurityRuleUdpOptionsSourcePortRangeArgs

    Max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    Min int
    The minimum port number, which must not be greater than the maximum port number.
    Max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    Min int
    The minimum port number, which must not be greater than the maximum port number.
    max Integer
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min Integer
    The minimum port number, which must not be greater than the maximum port number.
    max number
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min number
    The minimum port number, which must not be greater than the maximum port number.
    max int
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min int
    The minimum port number, which must not be greater than the maximum port number.
    max Number
    The maximum port number, which must not be less than the minimum port number. To specify a single port number, set both the min and max to the same value.
    min Number
    The minimum port number, which must not be greater than the maximum port number.

    Import

    NetworkSecurityGroupSecurityRule can be imported using the id, e.g.

    $ pulumi import oci:Core/networkSecurityGroupSecurityRule:NetworkSecurityGroupSecurityRule test_network_security_group_security_rule "networkSecurityGroups/{networkSecurityGroupId}/securityRules/{securityRuleId}"
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi