Oracle Cloud Infrastructure v2.17.0 published on Friday, Nov 15, 2024 by Pulumi
oci.NetworkFirewall.getNetworkFirewallPolicySecurityRules
Explore with Pulumi AI
This data source provides the list of Network Firewall Policy Security Rules in Oracle Cloud Infrastructure Network Firewall service.
Returns a list of Security Rule for the Network Firewall Policy.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testNetworkFirewallPolicySecurityRules = oci.NetworkFirewall.getNetworkFirewallPolicySecurityRules({
networkFirewallPolicyId: testNetworkFirewallPolicy.id,
displayName: networkFirewallPolicySecurityRuleDisplayName,
securityRulePriorityOrder: networkFirewallPolicySecurityRuleSecurityRulePriorityOrder,
});
import pulumi
import pulumi_oci as oci
test_network_firewall_policy_security_rules = oci.NetworkFirewall.get_network_firewall_policy_security_rules(network_firewall_policy_id=test_network_firewall_policy["id"],
display_name=network_firewall_policy_security_rule_display_name,
security_rule_priority_order=network_firewall_policy_security_rule_security_rule_priority_order)
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/NetworkFirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := NetworkFirewall.GetNetworkFirewallPolicySecurityRules(ctx, &networkfirewall.GetNetworkFirewallPolicySecurityRulesArgs{
NetworkFirewallPolicyId: testNetworkFirewallPolicy.Id,
DisplayName: pulumi.StringRef(networkFirewallPolicySecurityRuleDisplayName),
SecurityRulePriorityOrder: pulumi.IntRef(networkFirewallPolicySecurityRuleSecurityRulePriorityOrder),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testNetworkFirewallPolicySecurityRules = Oci.NetworkFirewall.GetNetworkFirewallPolicySecurityRules.Invoke(new()
{
NetworkFirewallPolicyId = testNetworkFirewallPolicy.Id,
DisplayName = networkFirewallPolicySecurityRuleDisplayName,
SecurityRulePriorityOrder = networkFirewallPolicySecurityRuleSecurityRulePriorityOrder,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.NetworkFirewall.NetworkFirewallFunctions;
import com.pulumi.oci.NetworkFirewall.inputs.GetNetworkFirewallPolicySecurityRulesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var testNetworkFirewallPolicySecurityRules = NetworkFirewallFunctions.getNetworkFirewallPolicySecurityRules(GetNetworkFirewallPolicySecurityRulesArgs.builder()
.networkFirewallPolicyId(testNetworkFirewallPolicy.id())
.displayName(networkFirewallPolicySecurityRuleDisplayName)
.securityRulePriorityOrder(networkFirewallPolicySecurityRuleSecurityRulePriorityOrder)
.build());
}
}
variables:
testNetworkFirewallPolicySecurityRules:
fn::invoke:
Function: oci:NetworkFirewall:getNetworkFirewallPolicySecurityRules
Arguments:
networkFirewallPolicyId: ${testNetworkFirewallPolicy.id}
displayName: ${networkFirewallPolicySecurityRuleDisplayName}
securityRulePriorityOrder: ${networkFirewallPolicySecurityRuleSecurityRulePriorityOrder}
Using getNetworkFirewallPolicySecurityRules
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getNetworkFirewallPolicySecurityRules(args: GetNetworkFirewallPolicySecurityRulesArgs, opts?: InvokeOptions): Promise<GetNetworkFirewallPolicySecurityRulesResult>
function getNetworkFirewallPolicySecurityRulesOutput(args: GetNetworkFirewallPolicySecurityRulesOutputArgs, opts?: InvokeOptions): Output<GetNetworkFirewallPolicySecurityRulesResult>
def get_network_firewall_policy_security_rules(display_name: Optional[str] = None,
filters: Optional[Sequence[_networkfirewall.GetNetworkFirewallPolicySecurityRulesFilter]] = None,
network_firewall_policy_id: Optional[str] = None,
security_rule_priority_order: Optional[int] = None,
opts: Optional[InvokeOptions] = None) -> GetNetworkFirewallPolicySecurityRulesResult
def get_network_firewall_policy_security_rules_output(display_name: Optional[pulumi.Input[str]] = None,
filters: Optional[pulumi.Input[Sequence[pulumi.Input[_networkfirewall.GetNetworkFirewallPolicySecurityRulesFilterArgs]]]] = None,
network_firewall_policy_id: Optional[pulumi.Input[str]] = None,
security_rule_priority_order: Optional[pulumi.Input[int]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetNetworkFirewallPolicySecurityRulesResult]
func GetNetworkFirewallPolicySecurityRules(ctx *Context, args *GetNetworkFirewallPolicySecurityRulesArgs, opts ...InvokeOption) (*GetNetworkFirewallPolicySecurityRulesResult, error)
func GetNetworkFirewallPolicySecurityRulesOutput(ctx *Context, args *GetNetworkFirewallPolicySecurityRulesOutputArgs, opts ...InvokeOption) GetNetworkFirewallPolicySecurityRulesResultOutput
> Note: This function is named GetNetworkFirewallPolicySecurityRules
in the Go SDK.
public static class GetNetworkFirewallPolicySecurityRules
{
public static Task<GetNetworkFirewallPolicySecurityRulesResult> InvokeAsync(GetNetworkFirewallPolicySecurityRulesArgs args, InvokeOptions? opts = null)
public static Output<GetNetworkFirewallPolicySecurityRulesResult> Invoke(GetNetworkFirewallPolicySecurityRulesInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetNetworkFirewallPolicySecurityRulesResult> getNetworkFirewallPolicySecurityRules(GetNetworkFirewallPolicySecurityRulesArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: oci:NetworkFirewall/getNetworkFirewallPolicySecurityRules:getNetworkFirewallPolicySecurityRules
arguments:
# arguments dictionary
The following arguments are supported:
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Display
Name string - A filter to return only resources that match the entire display name given.
- Filters
List<Get
Network Firewall Policy Security Rules Filter> - Security
Rule intPriority Order - Unique priority order for Security Rules in the network firewall policy.
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Display
Name string - A filter to return only resources that match the entire display name given.
- Filters
[]Get
Network Firewall Policy Security Rules Filter - Security
Rule intPriority Order - Unique priority order for Security Rules in the network firewall policy.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- display
Name String - A filter to return only resources that match the entire display name given.
- filters
List<Get
Policy Security Rules Filter> - security
Rule IntegerPriority Order - Unique priority order for Security Rules in the network firewall policy.
- network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- display
Name string - A filter to return only resources that match the entire display name given.
- filters
Get
Network Firewall Policy Security Rules Filter[] - security
Rule numberPriority Order - Unique priority order for Security Rules in the network firewall policy.
- network_
firewall_ strpolicy_ id - Unique Network Firewall Policy identifier
- display_
name str - A filter to return only resources that match the entire display name given.
- filters
Sequence[networkfirewall.
Get Network Firewall Policy Security Rules Filter] - security_
rule_ intpriority_ order - Unique priority order for Security Rules in the network firewall policy.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- display
Name String - A filter to return only resources that match the entire display name given.
- filters List<Property Map>
- security
Rule NumberPriority Order - Unique priority order for Security Rules in the network firewall policy.
getNetworkFirewallPolicySecurityRules Result
The following output properties are available:
- Id string
- The provider-assigned unique ID for this managed resource.
- Network
Firewall stringPolicy Id - Security
Rule List<GetSummary Collections Network Firewall Policy Security Rules Security Rule Summary Collection> - The list of security_rule_summary_collection.
- Display
Name string - Filters
List<Get
Network Firewall Policy Security Rules Filter> - Security
Rule intPriority Order
- Id string
- The provider-assigned unique ID for this managed resource.
- Network
Firewall stringPolicy Id - Security
Rule []GetSummary Collections Network Firewall Policy Security Rules Security Rule Summary Collection - The list of security_rule_summary_collection.
- Display
Name string - Filters
[]Get
Network Firewall Policy Security Rules Filter - Security
Rule intPriority Order
- id String
- The provider-assigned unique ID for this managed resource.
- network
Firewall StringPolicy Id - security
Rule List<GetSummary Collections Policy Security Rules Security Rule Summary Collection> - The list of security_rule_summary_collection.
- display
Name String - filters
List<Get
Policy Security Rules Filter> - security
Rule IntegerPriority Order
- id string
- The provider-assigned unique ID for this managed resource.
- network
Firewall stringPolicy Id - security
Rule GetSummary Collections Network Firewall Policy Security Rules Security Rule Summary Collection[] - The list of security_rule_summary_collection.
- display
Name string - filters
Get
Network Firewall Policy Security Rules Filter[] - security
Rule numberPriority Order
- id str
- The provider-assigned unique ID for this managed resource.
- network_
firewall_ strpolicy_ id - security_
rule_ Sequence[networkfirewall.summary_ collections Get Network Firewall Policy Security Rules Security Rule Summary Collection] - The list of security_rule_summary_collection.
- display_
name str - filters
Sequence[networkfirewall.
Get Network Firewall Policy Security Rules Filter] - security_
rule_ intpriority_ order
- id String
- The provider-assigned unique ID for this managed resource.
- network
Firewall StringPolicy Id - security
Rule List<Property Map>Summary Collections - The list of security_rule_summary_collection.
- display
Name String - filters List<Property Map>
- security
Rule NumberPriority Order
Supporting Types
GetNetworkFirewallPolicySecurityRulesFilter
GetNetworkFirewallPolicySecurityRulesSecurityRuleSummaryCollection
GetNetworkFirewallPolicySecurityRulesSecurityRuleSummaryCollectionItem
- Action string
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection
, which may result in rejection.
- Condition
Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- Name string
- Name for the Security rule, must be unique within the policy.
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Parent
Resource stringId - OCID of the Network Firewall Policy this security rule belongs to.
- Positions
List<Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Position> - An object which defines the position of the rule.
- Inspection string
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type
.
- Priority
Order string
- Action string
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection
, which may result in rejection.
- Condition
Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- Name string
- Name for the Security rule, must be unique within the policy.
- Network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- Parent
Resource stringId - OCID of the Network Firewall Policy this security rule belongs to.
- Positions
[]Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Position - An object which defines the position of the rule.
- Inspection string
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type
.
- Priority
Order string
- action String
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection
, which may result in rejection.
- condition
Get
Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- name String
- Name for the Security rule, must be unique within the policy.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- parent
Resource StringId - OCID of the Network Firewall Policy this security rule belongs to.
- positions
List<Get
Policy Security Rules Security Rule Summary Collection Item Position> - An object which defines the position of the rule.
- inspection String
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type
.
- priority
Order String
- action string
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection
, which may result in rejection.
- condition
Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- name string
- Name for the Security rule, must be unique within the policy.
- network
Firewall stringPolicy Id - Unique Network Firewall Policy identifier
- parent
Resource stringId - OCID of the Network Firewall Policy this security rule belongs to.
- positions
Get
Network Firewall Policy Security Rules Security Rule Summary Collection Item Position[] - An object which defines the position of the rule.
- inspection string
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type
.
- priority
Order string
- action str
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection
, which may result in rejection.
- condition
networkfirewall.
Get Network Firewall Policy Security Rules Security Rule Summary Collection Item Condition - Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- name str
- Name for the Security rule, must be unique within the policy.
- network_
firewall_ strpolicy_ id - Unique Network Firewall Policy identifier
- parent_
resource_ strid - OCID of the Network Firewall Policy this security rule belongs to.
- positions
Sequence[networkfirewall.
Get Network Firewall Policy Security Rules Security Rule Summary Collection Item Position] - An object which defines the position of the rule.
- inspection str
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type
.
- priority_
order str
- action String
- Types of Action on the Traffic flow.
- ALLOW - Allows the traffic.
- DROP - Silently drops the traffic, e.g. without sending a TCP reset.
- REJECT - Rejects the traffic, sending a TCP reset to client and/or server as applicable.
- INSPECT - Inspects traffic for vulnerability as specified in
inspection
, which may result in rejection.
- condition Property Map
- Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
- name String
- Name for the Security rule, must be unique within the policy.
- network
Firewall StringPolicy Id - Unique Network Firewall Policy identifier
- parent
Resource StringId - OCID of the Network Firewall Policy this security rule belongs to.
- positions List<Property Map>
- An object which defines the position of the rule.
- inspection String
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
- INTRUSION_DETECTION - Intrusion Detection.
- INTRUSION_PREVENTION - Intrusion Detection and Prevention. Traffic classified as potentially malicious will be rejected as described in
type
.
- priority
Order String
GetNetworkFirewallPolicySecurityRulesSecurityRuleSummaryCollectionItemCondition
- Applications List<string>
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- Destination
Addresses List<string> - An array of IP address list names to be evaluated against the traffic destination address.
- Services List<string>
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- Source
Addresses List<string> - An array of IP address list names to be evaluated against the traffic source address.
- Urls List<string>
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- Applications []string
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- Destination
Addresses []string - An array of IP address list names to be evaluated against the traffic destination address.
- Services []string
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- Source
Addresses []string - An array of IP address list names to be evaluated against the traffic source address.
- Urls []string
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- applications List<String>
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- destination
Addresses List<String> - An array of IP address list names to be evaluated against the traffic destination address.
- services List<String>
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- source
Addresses List<String> - An array of IP address list names to be evaluated against the traffic source address.
- urls List<String>
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- applications string[]
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- destination
Addresses string[] - An array of IP address list names to be evaluated against the traffic destination address.
- services string[]
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- source
Addresses string[] - An array of IP address list names to be evaluated against the traffic source address.
- urls string[]
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- applications Sequence[str]
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- destination_
addresses Sequence[str] - An array of IP address list names to be evaluated against the traffic destination address.
- services Sequence[str]
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- source_
addresses Sequence[str] - An array of IP address list names to be evaluated against the traffic source address.
- urls Sequence[str]
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
- applications List<String>
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.
- destination
Addresses List<String> - An array of IP address list names to be evaluated against the traffic destination address.
- services List<String>
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.
- source
Addresses List<String> - An array of IP address list names to be evaluated against the traffic source address.
- urls List<String>
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.
GetNetworkFirewallPolicySecurityRulesSecurityRuleSummaryCollectionItemPosition
- After
Rule string - Identifier for rule after which this rule lies.
- Before
Rule string - Identifier for rule before which this rule lies.
- After
Rule string - Identifier for rule after which this rule lies.
- Before
Rule string - Identifier for rule before which this rule lies.
- after
Rule String - Identifier for rule after which this rule lies.
- before
Rule String - Identifier for rule before which this rule lies.
- after
Rule string - Identifier for rule after which this rule lies.
- before
Rule string - Identifier for rule before which this rule lies.
- after_
rule str - Identifier for rule after which this rule lies.
- before_
rule str - Identifier for rule before which this rule lies.
- after
Rule String - Identifier for rule after which this rule lies.
- before
Rule String - Identifier for rule before which this rule lies.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.