1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. NetworkFirewall
  5. getNetworkFirewallPolicyDecryptionProfile
Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi

oci.NetworkFirewall.getNetworkFirewallPolicyDecryptionProfile

Explore with Pulumi AI

oci logo
Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi

    This data source provides details about a specific Network Firewall Policy Decryption Profile resource in Oracle Cloud Infrastructure Network Firewall service.

    Get Decryption Profile by the given name in the context of network firewall policy.

    Example Usage

    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    Coming soon!
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.oci.NetworkFirewall.NetworkFirewallFunctions;
    import com.pulumi.oci.NetworkFirewall.inputs.GetNetworkFirewallPolicyDecryptionProfileArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var testNetworkFirewallPolicyDecryptionProfile = NetworkFirewallFunctions.getNetworkFirewallPolicyDecryptionProfile(GetNetworkFirewallPolicyDecryptionProfileArgs.builder()
                .decryptionProfileName(ociNetworkFirewallNetworkFirewallPolicyDecryptionProfileName)
                .networkFirewallPolicyId(testNetworkFirewallPolicy.id())
                .build());
    
        }
    }
    
    variables:
      testNetworkFirewallPolicyDecryptionProfile:
        fn::invoke:
          Function: oci:NetworkFirewall:getNetworkFirewallPolicyDecryptionProfile
          Arguments:
            decryptionProfileName: ${ociNetworkFirewallNetworkFirewallPolicyDecryptionProfileName}
            networkFirewallPolicyId: ${testNetworkFirewallPolicy.id}
    

    Using getNetworkFirewallPolicyDecryptionProfile

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getNetworkFirewallPolicyDecryptionProfile(args: GetNetworkFirewallPolicyDecryptionProfileArgs, opts?: InvokeOptions): Promise<GetNetworkFirewallPolicyDecryptionProfileResult>
    function getNetworkFirewallPolicyDecryptionProfileOutput(args: GetNetworkFirewallPolicyDecryptionProfileOutputArgs, opts?: InvokeOptions): Output<GetNetworkFirewallPolicyDecryptionProfileResult>
    def get_network_firewall_policy_decryption_profile(name: Optional[str] = None,
                                                       network_firewall_policy_id: Optional[str] = None,
                                                       opts: Optional[InvokeOptions] = None) -> GetNetworkFirewallPolicyDecryptionProfileResult
    def get_network_firewall_policy_decryption_profile_output(name: Optional[pulumi.Input[str]] = None,
                                                       network_firewall_policy_id: Optional[pulumi.Input[str]] = None,
                                                       opts: Optional[InvokeOptions] = None) -> Output[GetNetworkFirewallPolicyDecryptionProfileResult]
    func GetNetworkFirewallPolicyDecryptionProfile(ctx *Context, args *GetNetworkFirewallPolicyDecryptionProfileArgs, opts ...InvokeOption) (*GetNetworkFirewallPolicyDecryptionProfileResult, error)
    func GetNetworkFirewallPolicyDecryptionProfileOutput(ctx *Context, args *GetNetworkFirewallPolicyDecryptionProfileOutputArgs, opts ...InvokeOption) GetNetworkFirewallPolicyDecryptionProfileResultOutput

    > Note: This function is named GetNetworkFirewallPolicyDecryptionProfile in the Go SDK.

    public static class GetNetworkFirewallPolicyDecryptionProfile 
    {
        public static Task<GetNetworkFirewallPolicyDecryptionProfileResult> InvokeAsync(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions? opts = null)
        public static Output<GetNetworkFirewallPolicyDecryptionProfileResult> Invoke(GetNetworkFirewallPolicyDecryptionProfileInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetNetworkFirewallPolicyDecryptionProfileResult> getNetworkFirewallPolicyDecryptionProfile(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: oci:NetworkFirewall/getNetworkFirewallPolicyDecryptionProfile:getNetworkFirewallPolicyDecryptionProfile
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Name string
    Unique Name of the decryption profile.
    NetworkFirewallPolicyId string
    Unique Network Firewall Policy identifier
    Name string
    Unique Name of the decryption profile.
    NetworkFirewallPolicyId string
    Unique Network Firewall Policy identifier
    name String
    Unique Name of the decryption profile.
    networkFirewallPolicyId String
    Unique Network Firewall Policy identifier
    name string
    Unique Name of the decryption profile.
    networkFirewallPolicyId string
    Unique Network Firewall Policy identifier
    name str
    Unique Name of the decryption profile.
    network_firewall_policy_id str
    Unique Network Firewall Policy identifier
    name String
    Unique Name of the decryption profile.
    networkFirewallPolicyId String
    Unique Network Firewall Policy identifier

    getNetworkFirewallPolicyDecryptionProfile Result

    The following output properties are available:

    AreCertificateExtensionsRestricted bool
    Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
    Id string
    IsAutoIncludeAltName bool
    Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
    IsExpiredCertificateBlocked bool
    Whether to block sessions if server's certificate is expired.
    IsOutOfCapacityBlocked bool
    Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
    IsRevocationStatusTimeoutBlocked bool
    Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
    IsUnknownRevocationStatusBlocked bool
    Whether to block sessions if the revocation status check for server's certificate results in "unknown".
    IsUnsupportedCipherBlocked bool
    Whether to block sessions if SSL cipher suite is not supported.
    IsUnsupportedVersionBlocked bool
    Whether to block sessions if SSL version is not supported.
    IsUntrustedIssuerBlocked bool
    Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
    Name string
    Unique Name of the decryption profile.
    NetworkFirewallPolicyId string
    ParentResourceId string
    OCID of the Network Firewall Policy this decryption profile belongs to.
    Type string
    Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
    AreCertificateExtensionsRestricted bool
    Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
    Id string
    IsAutoIncludeAltName bool
    Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
    IsExpiredCertificateBlocked bool
    Whether to block sessions if server's certificate is expired.
    IsOutOfCapacityBlocked bool
    Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
    IsRevocationStatusTimeoutBlocked bool
    Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
    IsUnknownRevocationStatusBlocked bool
    Whether to block sessions if the revocation status check for server's certificate results in "unknown".
    IsUnsupportedCipherBlocked bool
    Whether to block sessions if SSL cipher suite is not supported.
    IsUnsupportedVersionBlocked bool
    Whether to block sessions if SSL version is not supported.
    IsUntrustedIssuerBlocked bool
    Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
    Name string
    Unique Name of the decryption profile.
    NetworkFirewallPolicyId string
    ParentResourceId string
    OCID of the Network Firewall Policy this decryption profile belongs to.
    Type string
    Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
    areCertificateExtensionsRestricted Boolean
    Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
    id String
    isAutoIncludeAltName Boolean
    Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
    isExpiredCertificateBlocked Boolean
    Whether to block sessions if server's certificate is expired.
    isOutOfCapacityBlocked Boolean
    Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
    isRevocationStatusTimeoutBlocked Boolean
    Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
    isUnknownRevocationStatusBlocked Boolean
    Whether to block sessions if the revocation status check for server's certificate results in "unknown".
    isUnsupportedCipherBlocked Boolean
    Whether to block sessions if SSL cipher suite is not supported.
    isUnsupportedVersionBlocked Boolean
    Whether to block sessions if SSL version is not supported.
    isUntrustedIssuerBlocked Boolean
    Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
    name String
    Unique Name of the decryption profile.
    networkFirewallPolicyId String
    parentResourceId String
    OCID of the Network Firewall Policy this decryption profile belongs to.
    type String
    Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
    areCertificateExtensionsRestricted boolean
    Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
    id string
    isAutoIncludeAltName boolean
    Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
    isExpiredCertificateBlocked boolean
    Whether to block sessions if server's certificate is expired.
    isOutOfCapacityBlocked boolean
    Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
    isRevocationStatusTimeoutBlocked boolean
    Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
    isUnknownRevocationStatusBlocked boolean
    Whether to block sessions if the revocation status check for server's certificate results in "unknown".
    isUnsupportedCipherBlocked boolean
    Whether to block sessions if SSL cipher suite is not supported.
    isUnsupportedVersionBlocked boolean
    Whether to block sessions if SSL version is not supported.
    isUntrustedIssuerBlocked boolean
    Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
    name string
    Unique Name of the decryption profile.
    networkFirewallPolicyId string
    parentResourceId string
    OCID of the Network Firewall Policy this decryption profile belongs to.
    type string
    Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
    are_certificate_extensions_restricted bool
    Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
    id str
    is_auto_include_alt_name bool
    Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
    is_expired_certificate_blocked bool
    Whether to block sessions if server's certificate is expired.
    is_out_of_capacity_blocked bool
    Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
    is_revocation_status_timeout_blocked bool
    Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
    is_unknown_revocation_status_blocked bool
    Whether to block sessions if the revocation status check for server's certificate results in "unknown".
    is_unsupported_cipher_blocked bool
    Whether to block sessions if SSL cipher suite is not supported.
    is_unsupported_version_blocked bool
    Whether to block sessions if SSL version is not supported.
    is_untrusted_issuer_blocked bool
    Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
    name str
    Unique Name of the decryption profile.
    network_firewall_policy_id str
    parent_resource_id str
    OCID of the Network Firewall Policy this decryption profile belongs to.
    type str
    Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.
    areCertificateExtensionsRestricted Boolean
    Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
    id String
    isAutoIncludeAltName Boolean
    Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
    isExpiredCertificateBlocked Boolean
    Whether to block sessions if server's certificate is expired.
    isOutOfCapacityBlocked Boolean
    Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
    isRevocationStatusTimeoutBlocked Boolean
    Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
    isUnknownRevocationStatusBlocked Boolean
    Whether to block sessions if the revocation status check for server's certificate results in "unknown".
    isUnsupportedCipherBlocked Boolean
    Whether to block sessions if SSL cipher suite is not supported.
    isUnsupportedVersionBlocked Boolean
    Whether to block sessions if SSL version is not supported.
    isUntrustedIssuerBlocked Boolean
    Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
    name String
    Unique Name of the decryption profile.
    networkFirewallPolicyId String
    parentResourceId String
    OCID of the Network Firewall Policy this decryption profile belongs to.
    type String
    Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

    Package Details

    Repository
    oci pulumi/pulumi-oci
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the oci Terraform Provider.
    oci logo
    Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi