Docs Home
Nutanix v0.7.4 published on Friday, Mar 21, 2025 by Piers Karsenbarg
nutanix.NetworkSecurityRule
Explore with Pulumi AI
Provides a Nutanix network security rule resource to Create a network security rule.
NOTE: The use of network_security_rule is only applicable in AHV clusters and requires Microsegmentation to be enabled. This feature is a function of the Flow product and requires a Flow license. For more information on Flow and Microsegmentation please visit https://www.nutanix.com/products/flow
Example Usage
Isolation Rule Example
import * as pulumi from "@pulumi/pulumi";
import * as nutanix from "@pierskarsenbarg/nutanix";
const isolation = new nutanix.NetworkSecurityRule("isolation", {
description: "Isolation Rule Example",
isolationRuleAction: "APPLY",
isolationRuleFirstEntityFilterKindLists: ["vm"],
isolationRuleFirstEntityFilterParams: [{
name: "Environment",
values: ["Dev"],
}],
isolationRuleFirstEntityFilterType: "CATEGORIES_MATCH_ALL",
isolationRuleSecondEntityFilterKindLists: ["vm"],
isolationRuleSecondEntityFilterParams: [{
name: "Environment",
values: ["Production"],
}],
isolationRuleSecondEntityFilterType: "CATEGORIES_MATCH_ALL",
});
import pulumi
import pulumi_nutanix as nutanix
isolation = nutanix.NetworkSecurityRule("isolation",
description="Isolation Rule Example",
isolation_rule_action="APPLY",
isolation_rule_first_entity_filter_kind_lists=["vm"],
isolation_rule_first_entity_filter_params=[{
"name": "Environment",
"values": ["Dev"],
}],
isolation_rule_first_entity_filter_type="CATEGORIES_MATCH_ALL",
isolation_rule_second_entity_filter_kind_lists=["vm"],
isolation_rule_second_entity_filter_params=[{
"name": "Environment",
"values": ["Production"],
}],
isolation_rule_second_entity_filter_type="CATEGORIES_MATCH_ALL")
package main
import (
"github.com/pierskarsenbarg/pulumi-nutanix/sdk/go/nutanix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := nutanix.NewNetworkSecurityRule(ctx, "isolation", &nutanix.NetworkSecurityRuleArgs{
Description: pulumi.String("Isolation Rule Example"),
IsolationRuleAction: pulumi.String("APPLY"),
IsolationRuleFirstEntityFilterKindLists: pulumi.StringArray{
pulumi.String("vm"),
},
IsolationRuleFirstEntityFilterParams: nutanix.NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArray{
&nutanix.NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs{
Name: pulumi.String("Environment"),
Values: pulumi.StringArray{
pulumi.String("Dev"),
},
},
},
IsolationRuleFirstEntityFilterType: pulumi.String("CATEGORIES_MATCH_ALL"),
IsolationRuleSecondEntityFilterKindLists: pulumi.StringArray{
pulumi.String("vm"),
},
IsolationRuleSecondEntityFilterParams: nutanix.NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArray{
&nutanix.NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs{
Name: pulumi.String("Environment"),
Values: pulumi.StringArray{
pulumi.String("Production"),
},
},
},
IsolationRuleSecondEntityFilterType: pulumi.String("CATEGORIES_MATCH_ALL"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nutanix = PiersKarsenbarg.Nutanix;
return await Deployment.RunAsync(() =>
{
var isolation = new Nutanix.NetworkSecurityRule("isolation", new()
{
Description = "Isolation Rule Example",
IsolationRuleAction = "APPLY",
IsolationRuleFirstEntityFilterKindLists = new[]
{
"vm",
},
IsolationRuleFirstEntityFilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs
{
Name = "Environment",
Values = new[]
{
"Dev",
},
},
},
IsolationRuleFirstEntityFilterType = "CATEGORIES_MATCH_ALL",
IsolationRuleSecondEntityFilterKindLists = new[]
{
"vm",
},
IsolationRuleSecondEntityFilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs
{
Name = "Environment",
Values = new[]
{
"Production",
},
},
},
IsolationRuleSecondEntityFilterType = "CATEGORIES_MATCH_ALL",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nutanix.NetworkSecurityRule;
import com.pulumi.nutanix.NetworkSecurityRuleArgs;
import com.pulumi.nutanix.inputs.NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs;
import com.pulumi.nutanix.inputs.NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var isolation = new NetworkSecurityRule("isolation", NetworkSecurityRuleArgs.builder()
.description("Isolation Rule Example")
.isolationRuleAction("APPLY")
.isolationRuleFirstEntityFilterKindLists("vm")
.isolationRuleFirstEntityFilterParams(NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs.builder()
.name("Environment")
.values("Dev")
.build())
.isolationRuleFirstEntityFilterType("CATEGORIES_MATCH_ALL")
.isolationRuleSecondEntityFilterKindLists("vm")
.isolationRuleSecondEntityFilterParams(NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs.builder()
.name("Environment")
.values("Production")
.build())
.isolationRuleSecondEntityFilterType("CATEGORIES_MATCH_ALL")
.build());
}
}
resources:
isolation:
type: nutanix:NetworkSecurityRule
properties:
description: Isolation Rule Example
isolationRuleAction: APPLY
isolationRuleFirstEntityFilterKindLists:
- vm
isolationRuleFirstEntityFilterParams:
- name: Environment
values:
- Dev
isolationRuleFirstEntityFilterType: CATEGORIES_MATCH_ALL
isolationRuleSecondEntityFilterKindLists:
- vm
isolationRuleSecondEntityFilterParams:
- name: Environment
values:
- Production
isolationRuleSecondEntityFilterType: CATEGORIES_MATCH_ALL
Usage with service and address groups
import * as pulumi from "@pulumi/pulumi";
import * as nutanix from "@pierskarsenbarg/nutanix";
const service1 = new nutanix.ServiceGroup("service1", {
description: "test",
serviceLists: [{
protocol: "TCP",
tcpPortRangeLists: [
{
startPort: 22,
endPort: 22,
},
{
startPort: 2222,
endPort: 2222,
},
],
}],
});
const address1 = new nutanix.AddressGroup("address1", {
description: "test",
ipAddressBlockLists: [{
ip: "10.0.0.0",
prefixLength: 24,
}],
});
const ad_group_user_1 = new nutanix.CategoryValue("ad-group-user-1", {
description: "group user category value",
value: "AD",
});
const vDI = new nutanix.NetworkSecurityRule("vDI", {
adRuleAction: "APPLY",
description: "test",
adRuleInboundAllowLists: [{
ipSubnet: "10.0.0.0",
ipSubnetPrefixLength: "8",
peerSpecificationType: "IP_SUBNET",
protocol: "ALL",
}],
adRuleTargetGroupDefaultInternalPolicy: "DENY_ALL",
adRuleTargetGroupFilterKindLists: ["vm"],
adRuleTargetGroupFilterParams: [{
name: "AD",
values: ["AD"],
}],
adRuleTargetGroupFilterType: "CATEGORIES_MATCH_ALL",
adRuleTargetGroupPeerSpecificationType: "FILTER",
adRuleOutboundAllowLists: [{
peerSpecificationType: "ALL",
serviceGroupLists: [{
kind: "service_group",
uuid: service1.id,
}],
addressGroupInclusionLists: [{
kind: "address_group",
uuid: address1.id,
}],
}],
}, {
dependsOn: [ad_group_user_1],
});
import pulumi
import pulumi_nutanix as nutanix
service1 = nutanix.ServiceGroup("service1",
description="test",
service_lists=[{
"protocol": "TCP",
"tcp_port_range_lists": [
{
"start_port": 22,
"end_port": 22,
},
{
"start_port": 2222,
"end_port": 2222,
},
],
}])
address1 = nutanix.AddressGroup("address1",
description="test",
ip_address_block_lists=[{
"ip": "10.0.0.0",
"prefix_length": 24,
}])
ad_group_user_1 = nutanix.CategoryValue("ad-group-user-1",
description="group user category value",
value="AD")
v_di = nutanix.NetworkSecurityRule("vDI",
ad_rule_action="APPLY",
description="test",
ad_rule_inbound_allow_lists=[{
"ip_subnet": "10.0.0.0",
"ip_subnet_prefix_length": "8",
"peer_specification_type": "IP_SUBNET",
"protocol": "ALL",
}],
ad_rule_target_group_default_internal_policy="DENY_ALL",
ad_rule_target_group_filter_kind_lists=["vm"],
ad_rule_target_group_filter_params=[{
"name": "AD",
"values": ["AD"],
}],
ad_rule_target_group_filter_type="CATEGORIES_MATCH_ALL",
ad_rule_target_group_peer_specification_type="FILTER",
ad_rule_outbound_allow_lists=[{
"peer_specification_type": "ALL",
"service_group_lists": [{
"kind": "service_group",
"uuid": service1.id,
}],
"address_group_inclusion_lists": [{
"kind": "address_group",
"uuid": address1.id,
}],
}],
opts = pulumi.ResourceOptions(depends_on=[ad_group_user_1]))
package main
import (
"github.com/pierskarsenbarg/pulumi-nutanix/sdk/go/nutanix"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
service1, err := nutanix.NewServiceGroup(ctx, "service1", &nutanix.ServiceGroupArgs{
Description: pulumi.String("test"),
ServiceLists: nutanix.ServiceGroupServiceListArray{
&nutanix.ServiceGroupServiceListArgs{
Protocol: pulumi.String("TCP"),
TcpPortRangeLists: nutanix.ServiceGroupServiceListTcpPortRangeListArray{
&nutanix.ServiceGroupServiceListTcpPortRangeListArgs{
StartPort: pulumi.Int(22),
EndPort: pulumi.Int(22),
},
&nutanix.ServiceGroupServiceListTcpPortRangeListArgs{
StartPort: pulumi.Int(2222),
EndPort: pulumi.Int(2222),
},
},
},
},
})
if err != nil {
return err
}
address1, err := nutanix.NewAddressGroup(ctx, "address1", &nutanix.AddressGroupArgs{
Description: pulumi.String("test"),
IpAddressBlockLists: nutanix.AddressGroupIpAddressBlockListArray{
&nutanix.AddressGroupIpAddressBlockListArgs{
Ip: pulumi.String("10.0.0.0"),
PrefixLength: pulumi.Int(24),
},
},
})
if err != nil {
return err
}
ad_group_user_1, err := nutanix.NewCategoryValue(ctx, "ad-group-user-1", &nutanix.CategoryValueArgs{
Description: pulumi.String("group user category value"),
Value: pulumi.String("AD"),
})
if err != nil {
return err
}
_, err = nutanix.NewNetworkSecurityRule(ctx, "vDI", &nutanix.NetworkSecurityRuleArgs{
AdRuleAction: pulumi.String("APPLY"),
Description: pulumi.String("test"),
AdRuleInboundAllowLists: nutanix.NetworkSecurityRuleAdRuleInboundAllowListArray{
&nutanix.NetworkSecurityRuleAdRuleInboundAllowListArgs{
IpSubnet: pulumi.String("10.0.0.0"),
IpSubnetPrefixLength: pulumi.String("8"),
PeerSpecificationType: pulumi.String("IP_SUBNET"),
Protocol: pulumi.String("ALL"),
},
},
AdRuleTargetGroupDefaultInternalPolicy: pulumi.String("DENY_ALL"),
AdRuleTargetGroupFilterKindLists: pulumi.StringArray{
pulumi.String("vm"),
},
AdRuleTargetGroupFilterParams: nutanix.NetworkSecurityRuleAdRuleTargetGroupFilterParamArray{
&nutanix.NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs{
Name: pulumi.String("AD"),
Values: pulumi.StringArray{
pulumi.String("AD"),
},
},
},
AdRuleTargetGroupFilterType: pulumi.String("CATEGORIES_MATCH_ALL"),
AdRuleTargetGroupPeerSpecificationType: pulumi.String("FILTER"),
AdRuleOutboundAllowLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListArgs{
PeerSpecificationType: pulumi.String("ALL"),
ServiceGroupLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArgs{
Kind: pulumi.String("service_group"),
Uuid: service1.ID(),
},
},
AddressGroupInclusionLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArgs{
Kind: pulumi.String("address_group"),
Uuid: address1.ID(),
},
},
},
},
}, pulumi.DependsOn([]pulumi.Resource{
ad_group_user_1,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Nutanix = PiersKarsenbarg.Nutanix;
return await Deployment.RunAsync(() =>
{
var service1 = new Nutanix.ServiceGroup("service1", new()
{
Description = "test",
ServiceLists = new[]
{
new Nutanix.Inputs.ServiceGroupServiceListArgs
{
Protocol = "TCP",
TcpPortRangeLists = new[]
{
new Nutanix.Inputs.ServiceGroupServiceListTcpPortRangeListArgs
{
StartPort = 22,
EndPort = 22,
},
new Nutanix.Inputs.ServiceGroupServiceListTcpPortRangeListArgs
{
StartPort = 2222,
EndPort = 2222,
},
},
},
},
});
var address1 = new Nutanix.AddressGroup("address1", new()
{
Description = "test",
IpAddressBlockLists = new[]
{
new Nutanix.Inputs.AddressGroupIpAddressBlockListArgs
{
Ip = "10.0.0.0",
PrefixLength = 24,
},
},
});
var ad_group_user_1 = new Nutanix.CategoryValue("ad-group-user-1", new()
{
Description = "group user category value",
Value = "AD",
});
var vDI = new Nutanix.NetworkSecurityRule("vDI", new()
{
AdRuleAction = "APPLY",
Description = "test",
AdRuleInboundAllowLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleInboundAllowListArgs
{
IpSubnet = "10.0.0.0",
IpSubnetPrefixLength = "8",
PeerSpecificationType = "IP_SUBNET",
Protocol = "ALL",
},
},
AdRuleTargetGroupDefaultInternalPolicy = "DENY_ALL",
AdRuleTargetGroupFilterKindLists = new[]
{
"vm",
},
AdRuleTargetGroupFilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs
{
Name = "AD",
Values = new[]
{
"AD",
},
},
},
AdRuleTargetGroupFilterType = "CATEGORIES_MATCH_ALL",
AdRuleTargetGroupPeerSpecificationType = "FILTER",
AdRuleOutboundAllowLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListArgs
{
PeerSpecificationType = "ALL",
ServiceGroupLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArgs
{
Kind = "service_group",
Uuid = service1.Id,
},
},
AddressGroupInclusionLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArgs
{
Kind = "address_group",
Uuid = address1.Id,
},
},
},
},
}, new CustomResourceOptions
{
DependsOn =
{
ad_group_user_1,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nutanix.ServiceGroup;
import com.pulumi.nutanix.ServiceGroupArgs;
import com.pulumi.nutanix.inputs.ServiceGroupServiceListArgs;
import com.pulumi.nutanix.AddressGroup;
import com.pulumi.nutanix.AddressGroupArgs;
import com.pulumi.nutanix.inputs.AddressGroupIpAddressBlockListArgs;
import com.pulumi.nutanix.CategoryValue;
import com.pulumi.nutanix.CategoryValueArgs;
import com.pulumi.nutanix.NetworkSecurityRule;
import com.pulumi.nutanix.NetworkSecurityRuleArgs;
import com.pulumi.nutanix.inputs.NetworkSecurityRuleAdRuleInboundAllowListArgs;
import com.pulumi.nutanix.inputs.NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs;
import com.pulumi.nutanix.inputs.NetworkSecurityRuleAdRuleOutboundAllowListArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var service1 = new ServiceGroup("service1", ServiceGroupArgs.builder()
.description("test")
.serviceLists(ServiceGroupServiceListArgs.builder()
.protocol("TCP")
.tcpPortRangeLists(
ServiceGroupServiceListTcpPortRangeListArgs.builder()
.startPort(22)
.endPort(22)
.build(),
ServiceGroupServiceListTcpPortRangeListArgs.builder()
.startPort(2222)
.endPort(2222)
.build())
.build())
.build());
var address1 = new AddressGroup("address1", AddressGroupArgs.builder()
.description("test")
.ipAddressBlockLists(AddressGroupIpAddressBlockListArgs.builder()
.ip("10.0.0.0")
.prefixLength(24)
.build())
.build());
var ad_group_user_1 = new CategoryValue("ad-group-user-1", CategoryValueArgs.builder()
.description("group user category value")
.value("AD")
.build());
var vDI = new NetworkSecurityRule("vDI", NetworkSecurityRuleArgs.builder()
.adRuleAction("APPLY")
.description("test")
.adRuleInboundAllowLists(NetworkSecurityRuleAdRuleInboundAllowListArgs.builder()
.ipSubnet("10.0.0.0")
.ipSubnetPrefixLength("8")
.peerSpecificationType("IP_SUBNET")
.protocol("ALL")
.build())
.adRuleTargetGroupDefaultInternalPolicy("DENY_ALL")
.adRuleTargetGroupFilterKindLists("vm")
.adRuleTargetGroupFilterParams(NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs.builder()
.name("AD")
.values("AD")
.build())
.adRuleTargetGroupFilterType("CATEGORIES_MATCH_ALL")
.adRuleTargetGroupPeerSpecificationType("FILTER")
.adRuleOutboundAllowLists(NetworkSecurityRuleAdRuleOutboundAllowListArgs.builder()
.peerSpecificationType("ALL")
.serviceGroupLists(NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArgs.builder()
.kind("service_group")
.uuid(service1.id())
.build())
.addressGroupInclusionLists(NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArgs.builder()
.kind("address_group")
.uuid(address1.id())
.build())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(ad_group_user_1)
.build());
}
}
resources:
service1:
type: nutanix:ServiceGroup
properties:
description: test
serviceLists:
- protocol: TCP
tcpPortRangeLists:
- startPort: 22
endPort: 22
- startPort: 2222
endPort: 2222
address1:
type: nutanix:AddressGroup
properties:
description: test
ipAddressBlockLists:
- ip: 10.0.0.0
prefixLength: 24
ad-group-user-1:
type: nutanix:CategoryValue
properties:
description: group user category value
value: AD
vDI:
type: nutanix:NetworkSecurityRule
properties:
adRuleAction: APPLY
description: test
# app_rule_action = "APPLY"
adRuleInboundAllowLists:
- ipSubnet: 10.0.0.0
ipSubnetPrefixLength: '8'
peerSpecificationType: IP_SUBNET
protocol: ALL
adRuleTargetGroupDefaultInternalPolicy: DENY_ALL
adRuleTargetGroupFilterKindLists:
- vm
adRuleTargetGroupFilterParams:
- name: AD
values:
- AD
adRuleTargetGroupFilterType: CATEGORIES_MATCH_ALL
adRuleTargetGroupPeerSpecificationType: FILTER
adRuleOutboundAllowLists:
- peerSpecificationType: ALL
serviceGroupLists:
- kind: service_group
uuid: ${service1.id}
addressGroupInclusionLists:
- kind: address_group
uuid: ${address1.id}
options:
dependsOn:
- ${["ad-group-user-1"]}
Create NetworkSecurityRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new NetworkSecurityRule(name: string, args?: NetworkSecurityRuleArgs, opts?: CustomResourceOptions);@overload
def NetworkSecurityRule(resource_name: str,
args: Optional[NetworkSecurityRuleArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def NetworkSecurityRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
ad_rule_action: Optional[str] = None,
ad_rule_inbound_allow_lists: Optional[Sequence[NetworkSecurityRuleAdRuleInboundAllowListArgs]] = None,
ad_rule_outbound_allow_lists: Optional[Sequence[NetworkSecurityRuleAdRuleOutboundAllowListArgs]] = None,
ad_rule_target_group_default_internal_policy: Optional[str] = None,
ad_rule_target_group_filter_kind_lists: Optional[Sequence[str]] = None,
ad_rule_target_group_filter_params: Optional[Sequence[NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs]] = None,
ad_rule_target_group_filter_type: Optional[str] = None,
ad_rule_target_group_peer_specification_type: Optional[str] = None,
allow_ipv6_traffic: Optional[bool] = None,
app_rule_action: Optional[str] = None,
app_rule_inbound_allow_lists: Optional[Sequence[NetworkSecurityRuleAppRuleInboundAllowListArgs]] = None,
app_rule_outbound_allow_lists: Optional[Sequence[NetworkSecurityRuleAppRuleOutboundAllowListArgs]] = None,
app_rule_target_group_default_internal_policy: Optional[str] = None,
app_rule_target_group_filter_kind_lists: Optional[Sequence[str]] = None,
app_rule_target_group_filter_params: Optional[Sequence[NetworkSecurityRuleAppRuleTargetGroupFilterParamArgs]] = None,
app_rule_target_group_filter_type: Optional[str] = None,
app_rule_target_group_peer_specification_type: Optional[str] = None,
categories: Optional[Sequence[NetworkSecurityRuleCategoryArgs]] = None,
description: Optional[str] = None,
is_policy_hitlog_enabled: Optional[bool] = None,
isolation_rule_action: Optional[str] = None,
isolation_rule_first_entity_filter_kind_lists: Optional[Sequence[str]] = None,
isolation_rule_first_entity_filter_params: Optional[Sequence[NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs]] = None,
isolation_rule_first_entity_filter_type: Optional[str] = None,
isolation_rule_second_entity_filter_kind_lists: Optional[Sequence[str]] = None,
isolation_rule_second_entity_filter_params: Optional[Sequence[NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs]] = None,
isolation_rule_second_entity_filter_type: Optional[str] = None,
name: Optional[str] = None,
owner_reference: Optional[Mapping[str, str]] = None,
project_reference: Optional[Mapping[str, str]] = None)func NewNetworkSecurityRule(ctx *Context, name string, args *NetworkSecurityRuleArgs, opts ...ResourceOption) (*NetworkSecurityRule, error)public NetworkSecurityRule(string name, NetworkSecurityRuleArgs? args = null, CustomResourceOptions? opts = null)public NetworkSecurityRule(String name, NetworkSecurityRuleArgs args)
public NetworkSecurityRule(String name, NetworkSecurityRuleArgs args, CustomResourceOptions options)
type: nutanix:NetworkSecurityRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args NetworkSecurityRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args NetworkSecurityRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args NetworkSecurityRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args NetworkSecurityRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. NetworkSecurityRuleArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var networkSecurityRuleResource = new Nutanix.NetworkSecurityRule("networkSecurityRuleResource", new()
{
AdRuleAction = "string",
AdRuleInboundAllowLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleInboundAllowListArgs
{
AddressGroupInclusionLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleInboundAllowListAddressGroupInclusionListArgs
{
Kind = "string",
Name = "string",
Uuid = "string",
},
},
ExpirationTime = "string",
FilterKindLists = new[]
{
"string",
},
FilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleInboundAllowListFilterParamArgs
{
Name = "string",
Values = new[]
{
"string",
},
},
},
FilterType = "string",
IcmpTypeCodeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleInboundAllowListIcmpTypeCodeListArgs
{
Code = "string",
Type = "string",
},
},
IpSubnet = "string",
IpSubnetPrefixLength = "string",
NetworkFunctionChainReference =
{
{ "string", "string" },
},
PeerSpecificationType = "string",
Protocol = "string",
ServiceGroupLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleInboundAllowListServiceGroupListArgs
{
Kind = "string",
Name = "string",
Uuid = "string",
},
},
TcpPortRangeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleInboundAllowListTcpPortRangeListArgs
{
EndPort = 0,
StartPort = 0,
},
},
UdpPortRangeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleInboundAllowListUdpPortRangeListArgs
{
EndPort = 0,
StartPort = 0,
},
},
},
},
AdRuleOutboundAllowLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListArgs
{
AddressGroupInclusionLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArgs
{
Kind = "string",
Name = "string",
Uuid = "string",
},
},
ExpirationTime = "string",
FilterKindLists = new[]
{
"string",
},
FilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListFilterParamArgs
{
Name = "string",
Values = new[]
{
"string",
},
},
},
FilterType = "string",
IcmpTypeCodeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListIcmpTypeCodeListArgs
{
Code = "string",
Type = "string",
},
},
IpSubnet = "string",
IpSubnetPrefixLength = "string",
NetworkFunctionChainReference =
{
{ "string", "string" },
},
PeerSpecificationType = "string",
Protocol = "string",
ServiceGroupLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArgs
{
Kind = "string",
Name = "string",
Uuid = "string",
},
},
TcpPortRangeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListTcpPortRangeListArgs
{
EndPort = 0,
StartPort = 0,
},
},
UdpPortRangeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleOutboundAllowListUdpPortRangeListArgs
{
EndPort = 0,
StartPort = 0,
},
},
},
},
AdRuleTargetGroupDefaultInternalPolicy = "string",
AdRuleTargetGroupFilterKindLists = new[]
{
"string",
},
AdRuleTargetGroupFilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs
{
Name = "string",
Values = new[]
{
"string",
},
},
},
AdRuleTargetGroupFilterType = "string",
AdRuleTargetGroupPeerSpecificationType = "string",
AllowIpv6Traffic = false,
AppRuleAction = "string",
AppRuleInboundAllowLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleInboundAllowListArgs
{
AddressGroupInclusionLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleInboundAllowListAddressGroupInclusionListArgs
{
Kind = "string",
Name = "string",
Uuid = "string",
},
},
ExpirationTime = "string",
FilterKindLists = new[]
{
"string",
},
FilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleInboundAllowListFilterParamArgs
{
Name = "string",
Values = new[]
{
"string",
},
},
},
FilterType = "string",
IcmpTypeCodeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleInboundAllowListIcmpTypeCodeListArgs
{
Code = "string",
Type = "string",
},
},
IpSubnet = "string",
IpSubnetPrefixLength = "string",
NetworkFunctionChainReference =
{
{ "string", "string" },
},
PeerSpecificationType = "string",
Protocol = "string",
ServiceGroupLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleInboundAllowListServiceGroupListArgs
{
Kind = "string",
Name = "string",
Uuid = "string",
},
},
TcpPortRangeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleInboundAllowListTcpPortRangeListArgs
{
EndPort = 0,
StartPort = 0,
},
},
UdpPortRangeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleInboundAllowListUdpPortRangeListArgs
{
EndPort = 0,
StartPort = 0,
},
},
},
},
AppRuleOutboundAllowLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleOutboundAllowListArgs
{
AddressGroupInclusionLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleOutboundAllowListAddressGroupInclusionListArgs
{
Kind = "string",
Name = "string",
Uuid = "string",
},
},
ExpirationTime = "string",
FilterKindLists = new[]
{
"string",
},
FilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleOutboundAllowListFilterParamArgs
{
Name = "string",
Values = new[]
{
"string",
},
},
},
FilterType = "string",
IcmpTypeCodeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleOutboundAllowListIcmpTypeCodeListArgs
{
Code = "string",
Type = "string",
},
},
IpSubnet = "string",
IpSubnetPrefixLength = "string",
NetworkFunctionChainReference =
{
{ "string", "string" },
},
PeerSpecificationType = "string",
Protocol = "string",
ServiceGroupLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleOutboundAllowListServiceGroupListArgs
{
Kind = "string",
Name = "string",
Uuid = "string",
},
},
TcpPortRangeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleOutboundAllowListTcpPortRangeListArgs
{
EndPort = 0,
StartPort = 0,
},
},
UdpPortRangeLists = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleOutboundAllowListUdpPortRangeListArgs
{
EndPort = 0,
StartPort = 0,
},
},
},
},
AppRuleTargetGroupDefaultInternalPolicy = "string",
AppRuleTargetGroupFilterKindLists = new[]
{
"string",
},
AppRuleTargetGroupFilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleAppRuleTargetGroupFilterParamArgs
{
Name = "string",
Values = new[]
{
"string",
},
},
},
AppRuleTargetGroupFilterType = "string",
AppRuleTargetGroupPeerSpecificationType = "string",
Categories = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleCategoryArgs
{
Name = "string",
Value = "string",
},
},
Description = "string",
IsPolicyHitlogEnabled = false,
IsolationRuleAction = "string",
IsolationRuleFirstEntityFilterKindLists = new[]
{
"string",
},
IsolationRuleFirstEntityFilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs
{
Name = "string",
Values = new[]
{
"string",
},
},
},
IsolationRuleFirstEntityFilterType = "string",
IsolationRuleSecondEntityFilterKindLists = new[]
{
"string",
},
IsolationRuleSecondEntityFilterParams = new[]
{
new Nutanix.Inputs.NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs
{
Name = "string",
Values = new[]
{
"string",
},
},
},
IsolationRuleSecondEntityFilterType = "string",
Name = "string",
OwnerReference =
{
{ "string", "string" },
},
ProjectReference =
{
{ "string", "string" },
},
});
example, err := nutanix.NewNetworkSecurityRule(ctx, "networkSecurityRuleResource", &nutanix.NetworkSecurityRuleArgs{
AdRuleAction: pulumi.String("string"),
AdRuleInboundAllowLists: nutanix.NetworkSecurityRuleAdRuleInboundAllowListArray{
&nutanix.NetworkSecurityRuleAdRuleInboundAllowListArgs{
AddressGroupInclusionLists: nutanix.NetworkSecurityRuleAdRuleInboundAllowListAddressGroupInclusionListArray{
&nutanix.NetworkSecurityRuleAdRuleInboundAllowListAddressGroupInclusionListArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uuid: pulumi.String("string"),
},
},
ExpirationTime: pulumi.String("string"),
FilterKindLists: pulumi.StringArray{
pulumi.String("string"),
},
FilterParams: nutanix.NetworkSecurityRuleAdRuleInboundAllowListFilterParamArray{
&nutanix.NetworkSecurityRuleAdRuleInboundAllowListFilterParamArgs{
Name: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
FilterType: pulumi.String("string"),
IcmpTypeCodeLists: nutanix.NetworkSecurityRuleAdRuleInboundAllowListIcmpTypeCodeListArray{
&nutanix.NetworkSecurityRuleAdRuleInboundAllowListIcmpTypeCodeListArgs{
Code: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
IpSubnet: pulumi.String("string"),
IpSubnetPrefixLength: pulumi.String("string"),
NetworkFunctionChainReference: pulumi.StringMap{
"string": pulumi.String("string"),
},
PeerSpecificationType: pulumi.String("string"),
Protocol: pulumi.String("string"),
ServiceGroupLists: nutanix.NetworkSecurityRuleAdRuleInboundAllowListServiceGroupListArray{
&nutanix.NetworkSecurityRuleAdRuleInboundAllowListServiceGroupListArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uuid: pulumi.String("string"),
},
},
TcpPortRangeLists: nutanix.NetworkSecurityRuleAdRuleInboundAllowListTcpPortRangeListArray{
&nutanix.NetworkSecurityRuleAdRuleInboundAllowListTcpPortRangeListArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
UdpPortRangeLists: nutanix.NetworkSecurityRuleAdRuleInboundAllowListUdpPortRangeListArray{
&nutanix.NetworkSecurityRuleAdRuleInboundAllowListUdpPortRangeListArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
},
},
AdRuleOutboundAllowLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListArgs{
AddressGroupInclusionLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uuid: pulumi.String("string"),
},
},
ExpirationTime: pulumi.String("string"),
FilterKindLists: pulumi.StringArray{
pulumi.String("string"),
},
FilterParams: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListFilterParamArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListFilterParamArgs{
Name: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
FilterType: pulumi.String("string"),
IcmpTypeCodeLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListIcmpTypeCodeListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListIcmpTypeCodeListArgs{
Code: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
IpSubnet: pulumi.String("string"),
IpSubnetPrefixLength: pulumi.String("string"),
NetworkFunctionChainReference: pulumi.StringMap{
"string": pulumi.String("string"),
},
PeerSpecificationType: pulumi.String("string"),
Protocol: pulumi.String("string"),
ServiceGroupLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uuid: pulumi.String("string"),
},
},
TcpPortRangeLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListTcpPortRangeListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListTcpPortRangeListArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
UdpPortRangeLists: nutanix.NetworkSecurityRuleAdRuleOutboundAllowListUdpPortRangeListArray{
&nutanix.NetworkSecurityRuleAdRuleOutboundAllowListUdpPortRangeListArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
},
},
AdRuleTargetGroupDefaultInternalPolicy: pulumi.String("string"),
AdRuleTargetGroupFilterKindLists: pulumi.StringArray{
pulumi.String("string"),
},
AdRuleTargetGroupFilterParams: nutanix.NetworkSecurityRuleAdRuleTargetGroupFilterParamArray{
&nutanix.NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs{
Name: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
AdRuleTargetGroupFilterType: pulumi.String("string"),
AdRuleTargetGroupPeerSpecificationType: pulumi.String("string"),
AllowIpv6Traffic: pulumi.Bool(false),
AppRuleAction: pulumi.String("string"),
AppRuleInboundAllowLists: nutanix.NetworkSecurityRuleAppRuleInboundAllowListArray{
&nutanix.NetworkSecurityRuleAppRuleInboundAllowListArgs{
AddressGroupInclusionLists: nutanix.NetworkSecurityRuleAppRuleInboundAllowListAddressGroupInclusionListArray{
&nutanix.NetworkSecurityRuleAppRuleInboundAllowListAddressGroupInclusionListArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uuid: pulumi.String("string"),
},
},
ExpirationTime: pulumi.String("string"),
FilterKindLists: pulumi.StringArray{
pulumi.String("string"),
},
FilterParams: nutanix.NetworkSecurityRuleAppRuleInboundAllowListFilterParamArray{
&nutanix.NetworkSecurityRuleAppRuleInboundAllowListFilterParamArgs{
Name: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
FilterType: pulumi.String("string"),
IcmpTypeCodeLists: nutanix.NetworkSecurityRuleAppRuleInboundAllowListIcmpTypeCodeListArray{
&nutanix.NetworkSecurityRuleAppRuleInboundAllowListIcmpTypeCodeListArgs{
Code: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
IpSubnet: pulumi.String("string"),
IpSubnetPrefixLength: pulumi.String("string"),
NetworkFunctionChainReference: pulumi.StringMap{
"string": pulumi.String("string"),
},
PeerSpecificationType: pulumi.String("string"),
Protocol: pulumi.String("string"),
ServiceGroupLists: nutanix.NetworkSecurityRuleAppRuleInboundAllowListServiceGroupListArray{
&nutanix.NetworkSecurityRuleAppRuleInboundAllowListServiceGroupListArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uuid: pulumi.String("string"),
},
},
TcpPortRangeLists: nutanix.NetworkSecurityRuleAppRuleInboundAllowListTcpPortRangeListArray{
&nutanix.NetworkSecurityRuleAppRuleInboundAllowListTcpPortRangeListArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
UdpPortRangeLists: nutanix.NetworkSecurityRuleAppRuleInboundAllowListUdpPortRangeListArray{
&nutanix.NetworkSecurityRuleAppRuleInboundAllowListUdpPortRangeListArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
},
},
AppRuleOutboundAllowLists: nutanix.NetworkSecurityRuleAppRuleOutboundAllowListArray{
&nutanix.NetworkSecurityRuleAppRuleOutboundAllowListArgs{
AddressGroupInclusionLists: nutanix.NetworkSecurityRuleAppRuleOutboundAllowListAddressGroupInclusionListArray{
&nutanix.NetworkSecurityRuleAppRuleOutboundAllowListAddressGroupInclusionListArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uuid: pulumi.String("string"),
},
},
ExpirationTime: pulumi.String("string"),
FilterKindLists: pulumi.StringArray{
pulumi.String("string"),
},
FilterParams: nutanix.NetworkSecurityRuleAppRuleOutboundAllowListFilterParamArray{
&nutanix.NetworkSecurityRuleAppRuleOutboundAllowListFilterParamArgs{
Name: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
FilterType: pulumi.String("string"),
IcmpTypeCodeLists: nutanix.NetworkSecurityRuleAppRuleOutboundAllowListIcmpTypeCodeListArray{
&nutanix.NetworkSecurityRuleAppRuleOutboundAllowListIcmpTypeCodeListArgs{
Code: pulumi.String("string"),
Type: pulumi.String("string"),
},
},
IpSubnet: pulumi.String("string"),
IpSubnetPrefixLength: pulumi.String("string"),
NetworkFunctionChainReference: pulumi.StringMap{
"string": pulumi.String("string"),
},
PeerSpecificationType: pulumi.String("string"),
Protocol: pulumi.String("string"),
ServiceGroupLists: nutanix.NetworkSecurityRuleAppRuleOutboundAllowListServiceGroupListArray{
&nutanix.NetworkSecurityRuleAppRuleOutboundAllowListServiceGroupListArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uuid: pulumi.String("string"),
},
},
TcpPortRangeLists: nutanix.NetworkSecurityRuleAppRuleOutboundAllowListTcpPortRangeListArray{
&nutanix.NetworkSecurityRuleAppRuleOutboundAllowListTcpPortRangeListArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
UdpPortRangeLists: nutanix.NetworkSecurityRuleAppRuleOutboundAllowListUdpPortRangeListArray{
&nutanix.NetworkSecurityRuleAppRuleOutboundAllowListUdpPortRangeListArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
},
},
AppRuleTargetGroupDefaultInternalPolicy: pulumi.String("string"),
AppRuleTargetGroupFilterKindLists: pulumi.StringArray{
pulumi.String("string"),
},
AppRuleTargetGroupFilterParams: nutanix.NetworkSecurityRuleAppRuleTargetGroupFilterParamArray{
&nutanix.NetworkSecurityRuleAppRuleTargetGroupFilterParamArgs{
Name: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
AppRuleTargetGroupFilterType: pulumi.String("string"),
AppRuleTargetGroupPeerSpecificationType: pulumi.String("string"),
Categories: nutanix.NetworkSecurityRuleCategoryArray{
&nutanix.NetworkSecurityRuleCategoryArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Description: pulumi.String("string"),
IsPolicyHitlogEnabled: pulumi.Bool(false),
IsolationRuleAction: pulumi.String("string"),
IsolationRuleFirstEntityFilterKindLists: pulumi.StringArray{
pulumi.String("string"),
},
IsolationRuleFirstEntityFilterParams: nutanix.NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArray{
&nutanix.NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs{
Name: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
IsolationRuleFirstEntityFilterType: pulumi.String("string"),
IsolationRuleSecondEntityFilterKindLists: pulumi.StringArray{
pulumi.String("string"),
},
IsolationRuleSecondEntityFilterParams: nutanix.NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArray{
&nutanix.NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs{
Name: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
IsolationRuleSecondEntityFilterType: pulumi.String("string"),
Name: pulumi.String("string"),
OwnerReference: pulumi.StringMap{
"string": pulumi.String("string"),
},
ProjectReference: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var networkSecurityRuleResource = new NetworkSecurityRule("networkSecurityRuleResource", NetworkSecurityRuleArgs.builder()
.adRuleAction("string")
.adRuleInboundAllowLists(NetworkSecurityRuleAdRuleInboundAllowListArgs.builder()
.addressGroupInclusionLists(NetworkSecurityRuleAdRuleInboundAllowListAddressGroupInclusionListArgs.builder()
.kind("string")
.name("string")
.uuid("string")
.build())
.expirationTime("string")
.filterKindLists("string")
.filterParams(NetworkSecurityRuleAdRuleInboundAllowListFilterParamArgs.builder()
.name("string")
.values("string")
.build())
.filterType("string")
.icmpTypeCodeLists(NetworkSecurityRuleAdRuleInboundAllowListIcmpTypeCodeListArgs.builder()
.code("string")
.type("string")
.build())
.ipSubnet("string")
.ipSubnetPrefixLength("string")
.networkFunctionChainReference(Map.of("string", "string"))
.peerSpecificationType("string")
.protocol("string")
.serviceGroupLists(NetworkSecurityRuleAdRuleInboundAllowListServiceGroupListArgs.builder()
.kind("string")
.name("string")
.uuid("string")
.build())
.tcpPortRangeLists(NetworkSecurityRuleAdRuleInboundAllowListTcpPortRangeListArgs.builder()
.endPort(0)
.startPort(0)
.build())
.udpPortRangeLists(NetworkSecurityRuleAdRuleInboundAllowListUdpPortRangeListArgs.builder()
.endPort(0)
.startPort(0)
.build())
.build())
.adRuleOutboundAllowLists(NetworkSecurityRuleAdRuleOutboundAllowListArgs.builder()
.addressGroupInclusionLists(NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArgs.builder()
.kind("string")
.name("string")
.uuid("string")
.build())
.expirationTime("string")
.filterKindLists("string")
.filterParams(NetworkSecurityRuleAdRuleOutboundAllowListFilterParamArgs.builder()
.name("string")
.values("string")
.build())
.filterType("string")
.icmpTypeCodeLists(NetworkSecurityRuleAdRuleOutboundAllowListIcmpTypeCodeListArgs.builder()
.code("string")
.type("string")
.build())
.ipSubnet("string")
.ipSubnetPrefixLength("string")
.networkFunctionChainReference(Map.of("string", "string"))
.peerSpecificationType("string")
.protocol("string")
.serviceGroupLists(NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArgs.builder()
.kind("string")
.name("string")
.uuid("string")
.build())
.tcpPortRangeLists(NetworkSecurityRuleAdRuleOutboundAllowListTcpPortRangeListArgs.builder()
.endPort(0)
.startPort(0)
.build())
.udpPortRangeLists(NetworkSecurityRuleAdRuleOutboundAllowListUdpPortRangeListArgs.builder()
.endPort(0)
.startPort(0)
.build())
.build())
.adRuleTargetGroupDefaultInternalPolicy("string")
.adRuleTargetGroupFilterKindLists("string")
.adRuleTargetGroupFilterParams(NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs.builder()
.name("string")
.values("string")
.build())
.adRuleTargetGroupFilterType("string")
.adRuleTargetGroupPeerSpecificationType("string")
.allowIpv6Traffic(false)
.appRuleAction("string")
.appRuleInboundAllowLists(NetworkSecurityRuleAppRuleInboundAllowListArgs.builder()
.addressGroupInclusionLists(NetworkSecurityRuleAppRuleInboundAllowListAddressGroupInclusionListArgs.builder()
.kind("string")
.name("string")
.uuid("string")
.build())
.expirationTime("string")
.filterKindLists("string")
.filterParams(NetworkSecurityRuleAppRuleInboundAllowListFilterParamArgs.builder()
.name("string")
.values("string")
.build())
.filterType("string")
.icmpTypeCodeLists(NetworkSecurityRuleAppRuleInboundAllowListIcmpTypeCodeListArgs.builder()
.code("string")
.type("string")
.build())
.ipSubnet("string")
.ipSubnetPrefixLength("string")
.networkFunctionChainReference(Map.of("string", "string"))
.peerSpecificationType("string")
.protocol("string")
.serviceGroupLists(NetworkSecurityRuleAppRuleInboundAllowListServiceGroupListArgs.builder()
.kind("string")
.name("string")
.uuid("string")
.build())
.tcpPortRangeLists(NetworkSecurityRuleAppRuleInboundAllowListTcpPortRangeListArgs.builder()
.endPort(0)
.startPort(0)
.build())
.udpPortRangeLists(NetworkSecurityRuleAppRuleInboundAllowListUdpPortRangeListArgs.builder()
.endPort(0)
.startPort(0)
.build())
.build())
.appRuleOutboundAllowLists(NetworkSecurityRuleAppRuleOutboundAllowListArgs.builder()
.addressGroupInclusionLists(NetworkSecurityRuleAppRuleOutboundAllowListAddressGroupInclusionListArgs.builder()
.kind("string")
.name("string")
.uuid("string")
.build())
.expirationTime("string")
.filterKindLists("string")
.filterParams(NetworkSecurityRuleAppRuleOutboundAllowListFilterParamArgs.builder()
.name("string")
.values("string")
.build())
.filterType("string")
.icmpTypeCodeLists(NetworkSecurityRuleAppRuleOutboundAllowListIcmpTypeCodeListArgs.builder()
.code("string")
.type("string")
.build())
.ipSubnet("string")
.ipSubnetPrefixLength("string")
.networkFunctionChainReference(Map.of("string", "string"))
.peerSpecificationType("string")
.protocol("string")
.serviceGroupLists(NetworkSecurityRuleAppRuleOutboundAllowListServiceGroupListArgs.builder()
.kind("string")
.name("string")
.uuid("string")
.build())
.tcpPortRangeLists(NetworkSecurityRuleAppRuleOutboundAllowListTcpPortRangeListArgs.builder()
.endPort(0)
.startPort(0)
.build())
.udpPortRangeLists(NetworkSecurityRuleAppRuleOutboundAllowListUdpPortRangeListArgs.builder()
.endPort(0)
.startPort(0)
.build())
.build())
.appRuleTargetGroupDefaultInternalPolicy("string")
.appRuleTargetGroupFilterKindLists("string")
.appRuleTargetGroupFilterParams(NetworkSecurityRuleAppRuleTargetGroupFilterParamArgs.builder()
.name("string")
.values("string")
.build())
.appRuleTargetGroupFilterType("string")
.appRuleTargetGroupPeerSpecificationType("string")
.categories(NetworkSecurityRuleCategoryArgs.builder()
.name("string")
.value("string")
.build())
.description("string")
.isPolicyHitlogEnabled(false)
.isolationRuleAction("string")
.isolationRuleFirstEntityFilterKindLists("string")
.isolationRuleFirstEntityFilterParams(NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs.builder()
.name("string")
.values("string")
.build())
.isolationRuleFirstEntityFilterType("string")
.isolationRuleSecondEntityFilterKindLists("string")
.isolationRuleSecondEntityFilterParams(NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs.builder()
.name("string")
.values("string")
.build())
.isolationRuleSecondEntityFilterType("string")
.name("string")
.ownerReference(Map.of("string", "string"))
.projectReference(Map.of("string", "string"))
.build());
network_security_rule_resource = nutanix.NetworkSecurityRule("networkSecurityRuleResource",
ad_rule_action="string",
ad_rule_inbound_allow_lists=[{
"address_group_inclusion_lists": [{
"kind": "string",
"name": "string",
"uuid": "string",
}],
"expiration_time": "string",
"filter_kind_lists": ["string"],
"filter_params": [{
"name": "string",
"values": ["string"],
}],
"filter_type": "string",
"icmp_type_code_lists": [{
"code": "string",
"type": "string",
}],
"ip_subnet": "string",
"ip_subnet_prefix_length": "string",
"network_function_chain_reference": {
"string": "string",
},
"peer_specification_type": "string",
"protocol": "string",
"service_group_lists": [{
"kind": "string",
"name": "string",
"uuid": "string",
}],
"tcp_port_range_lists": [{
"end_port": 0,
"start_port": 0,
}],
"udp_port_range_lists": [{
"end_port": 0,
"start_port": 0,
}],
}],
ad_rule_outbound_allow_lists=[{
"address_group_inclusion_lists": [{
"kind": "string",
"name": "string",
"uuid": "string",
}],
"expiration_time": "string",
"filter_kind_lists": ["string"],
"filter_params": [{
"name": "string",
"values": ["string"],
}],
"filter_type": "string",
"icmp_type_code_lists": [{
"code": "string",
"type": "string",
}],
"ip_subnet": "string",
"ip_subnet_prefix_length": "string",
"network_function_chain_reference": {
"string": "string",
},
"peer_specification_type": "string",
"protocol": "string",
"service_group_lists": [{
"kind": "string",
"name": "string",
"uuid": "string",
}],
"tcp_port_range_lists": [{
"end_port": 0,
"start_port": 0,
}],
"udp_port_range_lists": [{
"end_port": 0,
"start_port": 0,
}],
}],
ad_rule_target_group_default_internal_policy="string",
ad_rule_target_group_filter_kind_lists=["string"],
ad_rule_target_group_filter_params=[{
"name": "string",
"values": ["string"],
}],
ad_rule_target_group_filter_type="string",
ad_rule_target_group_peer_specification_type="string",
allow_ipv6_traffic=False,
app_rule_action="string",
app_rule_inbound_allow_lists=[{
"address_group_inclusion_lists": [{
"kind": "string",
"name": "string",
"uuid": "string",
}],
"expiration_time": "string",
"filter_kind_lists": ["string"],
"filter_params": [{
"name": "string",
"values": ["string"],
}],
"filter_type": "string",
"icmp_type_code_lists": [{
"code": "string",
"type": "string",
}],
"ip_subnet": "string",
"ip_subnet_prefix_length": "string",
"network_function_chain_reference": {
"string": "string",
},
"peer_specification_type": "string",
"protocol": "string",
"service_group_lists": [{
"kind": "string",
"name": "string",
"uuid": "string",
}],
"tcp_port_range_lists": [{
"end_port": 0,
"start_port": 0,
}],
"udp_port_range_lists": [{
"end_port": 0,
"start_port": 0,
}],
}],
app_rule_outbound_allow_lists=[{
"address_group_inclusion_lists": [{
"kind": "string",
"name": "string",
"uuid": "string",
}],
"expiration_time": "string",
"filter_kind_lists": ["string"],
"filter_params": [{
"name": "string",
"values": ["string"],
}],
"filter_type": "string",
"icmp_type_code_lists": [{
"code": "string",
"type": "string",
}],
"ip_subnet": "string",
"ip_subnet_prefix_length": "string",
"network_function_chain_reference": {
"string": "string",
},
"peer_specification_type": "string",
"protocol": "string",
"service_group_lists": [{
"kind": "string",
"name": "string",
"uuid": "string",
}],
"tcp_port_range_lists": [{
"end_port": 0,
"start_port": 0,
}],
"udp_port_range_lists": [{
"end_port": 0,
"start_port": 0,
}],
}],
app_rule_target_group_default_internal_policy="string",
app_rule_target_group_filter_kind_lists=["string"],
app_rule_target_group_filter_params=[{
"name": "string",
"values": ["string"],
}],
app_rule_target_group_filter_type="string",
app_rule_target_group_peer_specification_type="string",
categories=[{
"name": "string",
"value": "string",
}],
description="string",
is_policy_hitlog_enabled=False,
isolation_rule_action="string",
isolation_rule_first_entity_filter_kind_lists=["string"],
isolation_rule_first_entity_filter_params=[{
"name": "string",
"values": ["string"],
}],
isolation_rule_first_entity_filter_type="string",
isolation_rule_second_entity_filter_kind_lists=["string"],
isolation_rule_second_entity_filter_params=[{
"name": "string",
"values": ["string"],
}],
isolation_rule_second_entity_filter_type="string",
name="string",
owner_reference={
"string": "string",
},
project_reference={
"string": "string",
})
const networkSecurityRuleResource = new nutanix.NetworkSecurityRule("networkSecurityRuleResource", {
adRuleAction: "string",
adRuleInboundAllowLists: [{
addressGroupInclusionLists: [{
kind: "string",
name: "string",
uuid: "string",
}],
expirationTime: "string",
filterKindLists: ["string"],
filterParams: [{
name: "string",
values: ["string"],
}],
filterType: "string",
icmpTypeCodeLists: [{
code: "string",
type: "string",
}],
ipSubnet: "string",
ipSubnetPrefixLength: "string",
networkFunctionChainReference: {
string: "string",
},
peerSpecificationType: "string",
protocol: "string",
serviceGroupLists: [{
kind: "string",
name: "string",
uuid: "string",
}],
tcpPortRangeLists: [{
endPort: 0,
startPort: 0,
}],
udpPortRangeLists: [{
endPort: 0,
startPort: 0,
}],
}],
adRuleOutboundAllowLists: [{
addressGroupInclusionLists: [{
kind: "string",
name: "string",
uuid: "string",
}],
expirationTime: "string",
filterKindLists: ["string"],
filterParams: [{
name: "string",
values: ["string"],
}],
filterType: "string",
icmpTypeCodeLists: [{
code: "string",
type: "string",
}],
ipSubnet: "string",
ipSubnetPrefixLength: "string",
networkFunctionChainReference: {
string: "string",
},
peerSpecificationType: "string",
protocol: "string",
serviceGroupLists: [{
kind: "string",
name: "string",
uuid: "string",
}],
tcpPortRangeLists: [{
endPort: 0,
startPort: 0,
}],
udpPortRangeLists: [{
endPort: 0,
startPort: 0,
}],
}],
adRuleTargetGroupDefaultInternalPolicy: "string",
adRuleTargetGroupFilterKindLists: ["string"],
adRuleTargetGroupFilterParams: [{
name: "string",
values: ["string"],
}],
adRuleTargetGroupFilterType: "string",
adRuleTargetGroupPeerSpecificationType: "string",
allowIpv6Traffic: false,
appRuleAction: "string",
appRuleInboundAllowLists: [{
addressGroupInclusionLists: [{
kind: "string",
name: "string",
uuid: "string",
}],
expirationTime: "string",
filterKindLists: ["string"],
filterParams: [{
name: "string",
values: ["string"],
}],
filterType: "string",
icmpTypeCodeLists: [{
code: "string",
type: "string",
}],
ipSubnet: "string",
ipSubnetPrefixLength: "string",
networkFunctionChainReference: {
string: "string",
},
peerSpecificationType: "string",
protocol: "string",
serviceGroupLists: [{
kind: "string",
name: "string",
uuid: "string",
}],
tcpPortRangeLists: [{
endPort: 0,
startPort: 0,
}],
udpPortRangeLists: [{
endPort: 0,
startPort: 0,
}],
}],
appRuleOutboundAllowLists: [{
addressGroupInclusionLists: [{
kind: "string",
name: "string",
uuid: "string",
}],
expirationTime: "string",
filterKindLists: ["string"],
filterParams: [{
name: "string",
values: ["string"],
}],
filterType: "string",
icmpTypeCodeLists: [{
code: "string",
type: "string",
}],
ipSubnet: "string",
ipSubnetPrefixLength: "string",
networkFunctionChainReference: {
string: "string",
},
peerSpecificationType: "string",
protocol: "string",
serviceGroupLists: [{
kind: "string",
name: "string",
uuid: "string",
}],
tcpPortRangeLists: [{
endPort: 0,
startPort: 0,
}],
udpPortRangeLists: [{
endPort: 0,
startPort: 0,
}],
}],
appRuleTargetGroupDefaultInternalPolicy: "string",
appRuleTargetGroupFilterKindLists: ["string"],
appRuleTargetGroupFilterParams: [{
name: "string",
values: ["string"],
}],
appRuleTargetGroupFilterType: "string",
appRuleTargetGroupPeerSpecificationType: "string",
categories: [{
name: "string",
value: "string",
}],
description: "string",
isPolicyHitlogEnabled: false,
isolationRuleAction: "string",
isolationRuleFirstEntityFilterKindLists: ["string"],
isolationRuleFirstEntityFilterParams: [{
name: "string",
values: ["string"],
}],
isolationRuleFirstEntityFilterType: "string",
isolationRuleSecondEntityFilterKindLists: ["string"],
isolationRuleSecondEntityFilterParams: [{
name: "string",
values: ["string"],
}],
isolationRuleSecondEntityFilterType: "string",
name: "string",
ownerReference: {
string: "string",
},
projectReference: {
string: "string",
},
});
type: nutanix:NetworkSecurityRule
properties:
adRuleAction: string
adRuleInboundAllowLists:
- addressGroupInclusionLists:
- kind: string
name: string
uuid: string
expirationTime: string
filterKindLists:
- string
filterParams:
- name: string
values:
- string
filterType: string
icmpTypeCodeLists:
- code: string
type: string
ipSubnet: string
ipSubnetPrefixLength: string
networkFunctionChainReference:
string: string
peerSpecificationType: string
protocol: string
serviceGroupLists:
- kind: string
name: string
uuid: string
tcpPortRangeLists:
- endPort: 0
startPort: 0
udpPortRangeLists:
- endPort: 0
startPort: 0
adRuleOutboundAllowLists:
- addressGroupInclusionLists:
- kind: string
name: string
uuid: string
expirationTime: string
filterKindLists:
- string
filterParams:
- name: string
values:
- string
filterType: string
icmpTypeCodeLists:
- code: string
type: string
ipSubnet: string
ipSubnetPrefixLength: string
networkFunctionChainReference:
string: string
peerSpecificationType: string
protocol: string
serviceGroupLists:
- kind: string
name: string
uuid: string
tcpPortRangeLists:
- endPort: 0
startPort: 0
udpPortRangeLists:
- endPort: 0
startPort: 0
adRuleTargetGroupDefaultInternalPolicy: string
adRuleTargetGroupFilterKindLists:
- string
adRuleTargetGroupFilterParams:
- name: string
values:
- string
adRuleTargetGroupFilterType: string
adRuleTargetGroupPeerSpecificationType: string
allowIpv6Traffic: false
appRuleAction: string
appRuleInboundAllowLists:
- addressGroupInclusionLists:
- kind: string
name: string
uuid: string
expirationTime: string
filterKindLists:
- string
filterParams:
- name: string
values:
- string
filterType: string
icmpTypeCodeLists:
- code: string
type: string
ipSubnet: string
ipSubnetPrefixLength: string
networkFunctionChainReference:
string: string
peerSpecificationType: string
protocol: string
serviceGroupLists:
- kind: string
name: string
uuid: string
tcpPortRangeLists:
- endPort: 0
startPort: 0
udpPortRangeLists:
- endPort: 0
startPort: 0
appRuleOutboundAllowLists:
- addressGroupInclusionLists:
- kind: string
name: string
uuid: string
expirationTime: string
filterKindLists:
- string
filterParams:
- name: string
values:
- string
filterType: string
icmpTypeCodeLists:
- code: string
type: string
ipSubnet: string
ipSubnetPrefixLength: string
networkFunctionChainReference:
string: string
peerSpecificationType: string
protocol: string
serviceGroupLists:
- kind: string
name: string
uuid: string
tcpPortRangeLists:
- endPort: 0
startPort: 0
udpPortRangeLists:
- endPort: 0
startPort: 0
appRuleTargetGroupDefaultInternalPolicy: string
appRuleTargetGroupFilterKindLists:
- string
appRuleTargetGroupFilterParams:
- name: string
values:
- string
appRuleTargetGroupFilterType: string
appRuleTargetGroupPeerSpecificationType: string
categories:
- name: string
value: string
description: string
isPolicyHitlogEnabled: false
isolationRuleAction: string
isolationRuleFirstEntityFilterKindLists:
- string
isolationRuleFirstEntityFilterParams:
- name: string
values:
- string
isolationRuleFirstEntityFilterType: string
isolationRuleSecondEntityFilterKindLists:
- string
isolationRuleSecondEntityFilterParams:
- name: string
values:
- string
isolationRuleSecondEntityFilterType: string
name: string
ownerReference:
string: string
projectReference:
string: string
NetworkSecurityRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The NetworkSecurityRule resource accepts the following input properties:
- Ad
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- Ad
Rule List<PiersInbound Allow Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Inbound Allow List> - (Optional) The set of categories that matching VMs need to have.
- Ad
Rule List<PiersOutbound Allow Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Outbound Allow List> - (Optional)
- Ad
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- Ad
Rule List<string>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Ad
Rule List<PiersTarget Group Filter Params Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Target Group Filter Param> - (Optional) - A list of category key and list of values.
- Ad
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- Ad
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- Allow
Ipv6Traffic bool - App
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- App
Rule List<PiersInbound Allow Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Inbound Allow List> - (Optional) The set of categories that matching VMs need to have.
- App
Rule List<PiersOutbound Allow Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Outbound Allow List> - (Optional)
- App
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- App
Rule List<string>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- App
Rule List<PiersTarget Group Filter Params Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Target Group Filter Param> - (Optional) - A list of category key and list of values.
- App
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- App
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- Categories
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Rule Category> - (Optional) Categories for the network_security_rule.
- Description string
- (Optional) A description for network_security_rule.
- Is
Policy boolHitlog Enabled - Isolation
Rule stringAction - (Optional) - These rules are used for environmental isolation.
- Isolation
Rule List<string>First Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Isolation
Rule List<PiersFirst Entity Filter Params Karsenbarg. Nutanix. Inputs. Network Security Rule Isolation Rule First Entity Filter Param> - (Optional) - A list of category key and list of values.
- Isolation
Rule stringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- Isolation
Rule List<string>Second Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Isolation
Rule List<PiersSecond Entity Filter Params Karsenbarg. Nutanix. Inputs. Network Security Rule Isolation Rule Second Entity Filter Param> - (Optional) - A list of category key and list of values.
- Isolation
Rule stringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- Name string
- (Required) The name for the network_security_rule.
- Owner
Reference Dictionary<string, string> - (Optional) The reference to a user.
- Project
Reference Dictionary<string, string> - (Optional) The reference to a project.
- Ad
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- Ad
Rule []NetworkInbound Allow Lists Security Rule Ad Rule Inbound Allow List Args - (Optional) The set of categories that matching VMs need to have.
- Ad
Rule []NetworkOutbound Allow Lists Security Rule Ad Rule Outbound Allow List Args - (Optional)
- Ad
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- Ad
Rule []stringTarget Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Ad
Rule []NetworkTarget Group Filter Params Security Rule Ad Rule Target Group Filter Param Args - (Optional) - A list of category key and list of values.
- Ad
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- Ad
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- Allow
Ipv6Traffic bool - App
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- App
Rule []NetworkInbound Allow Lists Security Rule App Rule Inbound Allow List Args - (Optional) The set of categories that matching VMs need to have.
- App
Rule []NetworkOutbound Allow Lists Security Rule App Rule Outbound Allow List Args - (Optional)
- App
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- App
Rule []stringTarget Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- App
Rule []NetworkTarget Group Filter Params Security Rule App Rule Target Group Filter Param Args - (Optional) - A list of category key and list of values.
- App
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- App
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- Categories
[]Network
Security Rule Category Args - (Optional) Categories for the network_security_rule.
- Description string
- (Optional) A description for network_security_rule.
- Is
Policy boolHitlog Enabled - Isolation
Rule stringAction - (Optional) - These rules are used for environmental isolation.
- Isolation
Rule []stringFirst Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Isolation
Rule []NetworkFirst Entity Filter Params Security Rule Isolation Rule First Entity Filter Param Args - (Optional) - A list of category key and list of values.
- Isolation
Rule stringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- Isolation
Rule []stringSecond Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Isolation
Rule []NetworkSecond Entity Filter Params Security Rule Isolation Rule Second Entity Filter Param Args - (Optional) - A list of category key and list of values.
- Isolation
Rule stringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- Name string
- (Required) The name for the network_security_rule.
- Owner
Reference map[string]string - (Optional) The reference to a user.
- Project
Reference map[string]string - (Optional) The reference to a project.
- ad
Rule StringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- ad
Rule List<NetworkInbound Allow Lists Security Rule Ad Rule Inbound Allow List> - (Optional) The set of categories that matching VMs need to have.
- ad
Rule List<NetworkOutbound Allow Lists Security Rule Ad Rule Outbound Allow List> - (Optional)
- ad
Rule StringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- ad
Rule List<String>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- ad
Rule List<NetworkTarget Group Filter Params Security Rule Ad Rule Target Group Filter Param> - (Optional) - A list of category key and list of values.
- ad
Rule StringTarget Group Filter Type - (Optional) - The type of the filter being used.
- ad
Rule StringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- allow
Ipv6Traffic Boolean - app
Rule StringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- app
Rule List<NetworkInbound Allow Lists Security Rule App Rule Inbound Allow List> - (Optional) The set of categories that matching VMs need to have.
- app
Rule List<NetworkOutbound Allow Lists Security Rule App Rule Outbound Allow List> - (Optional)
- app
Rule StringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- app
Rule List<String>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- app
Rule List<NetworkTarget Group Filter Params Security Rule App Rule Target Group Filter Param> - (Optional) - A list of category key and list of values.
- app
Rule StringTarget Group Filter Type - (Optional) - The type of the filter being used.
- app
Rule StringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- categories
List<Network
Security Rule Category> - (Optional) Categories for the network_security_rule.
- description String
- (Optional) A description for network_security_rule.
- is
Policy BooleanHitlog Enabled - isolation
Rule StringAction - (Optional) - These rules are used for environmental isolation.
- isolation
Rule List<String>First Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule List<NetworkFirst Entity Filter Params Security Rule Isolation Rule First Entity Filter Param> - (Optional) - A list of category key and list of values.
- isolation
Rule StringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- isolation
Rule List<String>Second Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule List<NetworkSecond Entity Filter Params Security Rule Isolation Rule Second Entity Filter Param> - (Optional) - A list of category key and list of values.
- isolation
Rule StringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- name String
- (Required) The name for the network_security_rule.
- owner
Reference Map<String,String> - (Optional) The reference to a user.
- project
Reference Map<String,String> - (Optional) The reference to a project.
- ad
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- ad
Rule NetworkInbound Allow Lists Security Rule Ad Rule Inbound Allow List[] - (Optional) The set of categories that matching VMs need to have.
- ad
Rule NetworkOutbound Allow Lists Security Rule Ad Rule Outbound Allow List[] - (Optional)
- ad
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- ad
Rule string[]Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- ad
Rule NetworkTarget Group Filter Params Security Rule Ad Rule Target Group Filter Param[] - (Optional) - A list of category key and list of values.
- ad
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- ad
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- allow
Ipv6Traffic boolean - app
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- app
Rule NetworkInbound Allow Lists Security Rule App Rule Inbound Allow List[] - (Optional) The set of categories that matching VMs need to have.
- app
Rule NetworkOutbound Allow Lists Security Rule App Rule Outbound Allow List[] - (Optional)
- app
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- app
Rule string[]Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- app
Rule NetworkTarget Group Filter Params Security Rule App Rule Target Group Filter Param[] - (Optional) - A list of category key and list of values.
- app
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- app
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- categories
Network
Security Rule Category[] - (Optional) Categories for the network_security_rule.
- description string
- (Optional) A description for network_security_rule.
- is
Policy booleanHitlog Enabled - isolation
Rule stringAction - (Optional) - These rules are used for environmental isolation.
- isolation
Rule string[]First Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule NetworkFirst Entity Filter Params Security Rule Isolation Rule First Entity Filter Param[] - (Optional) - A list of category key and list of values.
- isolation
Rule stringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- isolation
Rule string[]Second Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule NetworkSecond Entity Filter Params Security Rule Isolation Rule Second Entity Filter Param[] - (Optional) - A list of category key and list of values.
- isolation
Rule stringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- name string
- (Required) The name for the network_security_rule.
- owner
Reference {[key: string]: string} - (Optional) The reference to a user.
- project
Reference {[key: string]: string} - (Optional) The reference to a project.
- ad_
rule_ straction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- ad_
rule_ Sequence[Networkinbound_ allow_ lists Security Rule Ad Rule Inbound Allow List Args] - (Optional) The set of categories that matching VMs need to have.
- ad_
rule_ Sequence[Networkoutbound_ allow_ lists Security Rule Ad Rule Outbound Allow List Args] - (Optional)
- ad_
rule_ strtarget_ group_ default_ internal_ policy - (Optional) - Default policy for communication within target group.
- ad_
rule_ Sequence[str]target_ group_ filter_ kind_ lists - (Optional) - List of kinds associated with this filter.
- ad_
rule_ Sequence[Networktarget_ group_ filter_ params Security Rule Ad Rule Target Group Filter Param Args] - (Optional) - A list of category key and list of values.
- ad_
rule_ strtarget_ group_ filter_ type - (Optional) - The type of the filter being used.
- ad_
rule_ strtarget_ group_ peer_ specification_ type - (Optional) - Way to identify the object for which rule is applied.
- allow_
ipv6_ booltraffic - app_
rule_ straction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- app_
rule_ Sequence[Networkinbound_ allow_ lists Security Rule App Rule Inbound Allow List Args] - (Optional) The set of categories that matching VMs need to have.
- app_
rule_ Sequence[Networkoutbound_ allow_ lists Security Rule App Rule Outbound Allow List Args] - (Optional)
- app_
rule_ strtarget_ group_ default_ internal_ policy - (Optional) - Default policy for communication within target group.
- app_
rule_ Sequence[str]target_ group_ filter_ kind_ lists - (Optional) - List of kinds associated with this filter.
- app_
rule_ Sequence[Networktarget_ group_ filter_ params Security Rule App Rule Target Group Filter Param Args] - (Optional) - A list of category key and list of values.
- app_
rule_ strtarget_ group_ filter_ type - (Optional) - The type of the filter being used.
- app_
rule_ strtarget_ group_ peer_ specification_ type - (Optional) - Way to identify the object for which rule is applied.
- categories
Sequence[Network
Security Rule Category Args] - (Optional) Categories for the network_security_rule.
- description str
- (Optional) A description for network_security_rule.
- is_
policy_ boolhitlog_ enabled - isolation_
rule_ straction - (Optional) - These rules are used for environmental isolation.
- isolation_
rule_ Sequence[str]first_ entity_ filter_ kind_ lists - (Optional) - List of kinds associated with this filter.
- isolation_
rule_ Sequence[Networkfirst_ entity_ filter_ params Security Rule Isolation Rule First Entity Filter Param Args] - (Optional) - A list of category key and list of values.
- isolation_
rule_ strfirst_ entity_ filter_ type - (Optional) - The type of the filter being used.
- isolation_
rule_ Sequence[str]second_ entity_ filter_ kind_ lists - (Optional) - List of kinds associated with this filter.
- isolation_
rule_ Sequence[Networksecond_ entity_ filter_ params Security Rule Isolation Rule Second Entity Filter Param Args] - (Optional) - A list of category key and list of values.
- isolation_
rule_ strsecond_ entity_ filter_ type - (Optional) - The type of the filter being used.
- name str
- (Required) The name for the network_security_rule.
- owner_
reference Mapping[str, str] - (Optional) The reference to a user.
- project_
reference Mapping[str, str] - (Optional) The reference to a project.
- ad
Rule StringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- ad
Rule List<Property Map>Inbound Allow Lists - (Optional) The set of categories that matching VMs need to have.
- ad
Rule List<Property Map>Outbound Allow Lists - (Optional)
- ad
Rule StringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- ad
Rule List<String>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- ad
Rule List<Property Map>Target Group Filter Params - (Optional) - A list of category key and list of values.
- ad
Rule StringTarget Group Filter Type - (Optional) - The type of the filter being used.
- ad
Rule StringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- allow
Ipv6Traffic Boolean - app
Rule StringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- app
Rule List<Property Map>Inbound Allow Lists - (Optional) The set of categories that matching VMs need to have.
- app
Rule List<Property Map>Outbound Allow Lists - (Optional)
- app
Rule StringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- app
Rule List<String>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- app
Rule List<Property Map>Target Group Filter Params - (Optional) - A list of category key and list of values.
- app
Rule StringTarget Group Filter Type - (Optional) - The type of the filter being used.
- app
Rule StringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- categories List<Property Map>
- (Optional) Categories for the network_security_rule.
- description String
- (Optional) A description for network_security_rule.
- is
Policy BooleanHitlog Enabled - isolation
Rule StringAction - (Optional) - These rules are used for environmental isolation.
- isolation
Rule List<String>First Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule List<Property Map>First Entity Filter Params - (Optional) - A list of category key and list of values.
- isolation
Rule StringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- isolation
Rule List<String>Second Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule List<Property Map>Second Entity Filter Params - (Optional) - A list of category key and list of values.
- isolation
Rule StringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- name String
- (Required) The name for the network_security_rule.
- owner
Reference Map<String> - (Optional) The reference to a user.
- project
Reference Map<String> - (Optional) The reference to a project.
Outputs
All input properties are implicitly available as output properties. Additionally, the NetworkSecurityRule resource produces the following output properties:
- Api
Version string - The version of the API.
- Id string
- The provider-assigned unique ID for this managed resource.
- Metadata Dictionary<string, string>
- The network_security_rule kind metadata.
- Api
Version string - The version of the API.
- Id string
- The provider-assigned unique ID for this managed resource.
- Metadata map[string]string
- The network_security_rule kind metadata.
- api
Version String - The version of the API.
- id String
- The provider-assigned unique ID for this managed resource.
- metadata Map<String,String>
- The network_security_rule kind metadata.
- api
Version string - The version of the API.
- id string
- The provider-assigned unique ID for this managed resource.
- metadata {[key: string]: string}
- The network_security_rule kind metadata.
- api_
version str - The version of the API.
- id str
- The provider-assigned unique ID for this managed resource.
- metadata Mapping[str, str]
- The network_security_rule kind metadata.
- api
Version String - The version of the API.
- id String
- The provider-assigned unique ID for this managed resource.
- metadata Map<String>
- The network_security_rule kind metadata.
Look up Existing NetworkSecurityRule Resource
Get an existing NetworkSecurityRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: NetworkSecurityRuleState, opts?: CustomResourceOptions): NetworkSecurityRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
ad_rule_action: Optional[str] = None,
ad_rule_inbound_allow_lists: Optional[Sequence[NetworkSecurityRuleAdRuleInboundAllowListArgs]] = None,
ad_rule_outbound_allow_lists: Optional[Sequence[NetworkSecurityRuleAdRuleOutboundAllowListArgs]] = None,
ad_rule_target_group_default_internal_policy: Optional[str] = None,
ad_rule_target_group_filter_kind_lists: Optional[Sequence[str]] = None,
ad_rule_target_group_filter_params: Optional[Sequence[NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs]] = None,
ad_rule_target_group_filter_type: Optional[str] = None,
ad_rule_target_group_peer_specification_type: Optional[str] = None,
allow_ipv6_traffic: Optional[bool] = None,
api_version: Optional[str] = None,
app_rule_action: Optional[str] = None,
app_rule_inbound_allow_lists: Optional[Sequence[NetworkSecurityRuleAppRuleInboundAllowListArgs]] = None,
app_rule_outbound_allow_lists: Optional[Sequence[NetworkSecurityRuleAppRuleOutboundAllowListArgs]] = None,
app_rule_target_group_default_internal_policy: Optional[str] = None,
app_rule_target_group_filter_kind_lists: Optional[Sequence[str]] = None,
app_rule_target_group_filter_params: Optional[Sequence[NetworkSecurityRuleAppRuleTargetGroupFilterParamArgs]] = None,
app_rule_target_group_filter_type: Optional[str] = None,
app_rule_target_group_peer_specification_type: Optional[str] = None,
categories: Optional[Sequence[NetworkSecurityRuleCategoryArgs]] = None,
description: Optional[str] = None,
is_policy_hitlog_enabled: Optional[bool] = None,
isolation_rule_action: Optional[str] = None,
isolation_rule_first_entity_filter_kind_lists: Optional[Sequence[str]] = None,
isolation_rule_first_entity_filter_params: Optional[Sequence[NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs]] = None,
isolation_rule_first_entity_filter_type: Optional[str] = None,
isolation_rule_second_entity_filter_kind_lists: Optional[Sequence[str]] = None,
isolation_rule_second_entity_filter_params: Optional[Sequence[NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs]] = None,
isolation_rule_second_entity_filter_type: Optional[str] = None,
metadata: Optional[Mapping[str, str]] = None,
name: Optional[str] = None,
owner_reference: Optional[Mapping[str, str]] = None,
project_reference: Optional[Mapping[str, str]] = None) -> NetworkSecurityRulefunc GetNetworkSecurityRule(ctx *Context, name string, id IDInput, state *NetworkSecurityRuleState, opts ...ResourceOption) (*NetworkSecurityRule, error)public static NetworkSecurityRule Get(string name, Input<string> id, NetworkSecurityRuleState? state, CustomResourceOptions? opts = null)public static NetworkSecurityRule get(String name, Output<String> id, NetworkSecurityRuleState state, CustomResourceOptions options)resources: _: type: nutanix:NetworkSecurityRule get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Ad
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- Ad
Rule List<PiersInbound Allow Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Inbound Allow List> - (Optional) The set of categories that matching VMs need to have.
- Ad
Rule List<PiersOutbound Allow Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Outbound Allow List> - (Optional)
- Ad
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- Ad
Rule List<string>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Ad
Rule List<PiersTarget Group Filter Params Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Target Group Filter Param> - (Optional) - A list of category key and list of values.
- Ad
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- Ad
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- Allow
Ipv6Traffic bool - Api
Version string - The version of the API.
- App
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- App
Rule List<PiersInbound Allow Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Inbound Allow List> - (Optional) The set of categories that matching VMs need to have.
- App
Rule List<PiersOutbound Allow Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Outbound Allow List> - (Optional)
- App
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- App
Rule List<string>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- App
Rule List<PiersTarget Group Filter Params Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Target Group Filter Param> - (Optional) - A list of category key and list of values.
- App
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- App
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- Categories
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Rule Category> - (Optional) Categories for the network_security_rule.
- Description string
- (Optional) A description for network_security_rule.
- Is
Policy boolHitlog Enabled - Isolation
Rule stringAction - (Optional) - These rules are used for environmental isolation.
- Isolation
Rule List<string>First Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Isolation
Rule List<PiersFirst Entity Filter Params Karsenbarg. Nutanix. Inputs. Network Security Rule Isolation Rule First Entity Filter Param> - (Optional) - A list of category key and list of values.
- Isolation
Rule stringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- Isolation
Rule List<string>Second Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Isolation
Rule List<PiersSecond Entity Filter Params Karsenbarg. Nutanix. Inputs. Network Security Rule Isolation Rule Second Entity Filter Param> - (Optional) - A list of category key and list of values.
- Isolation
Rule stringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- Metadata Dictionary<string, string>
- The network_security_rule kind metadata.
- Name string
- (Required) The name for the network_security_rule.
- Owner
Reference Dictionary<string, string> - (Optional) The reference to a user.
- Project
Reference Dictionary<string, string> - (Optional) The reference to a project.
- Ad
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- Ad
Rule []NetworkInbound Allow Lists Security Rule Ad Rule Inbound Allow List Args - (Optional) The set of categories that matching VMs need to have.
- Ad
Rule []NetworkOutbound Allow Lists Security Rule Ad Rule Outbound Allow List Args - (Optional)
- Ad
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- Ad
Rule []stringTarget Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Ad
Rule []NetworkTarget Group Filter Params Security Rule Ad Rule Target Group Filter Param Args - (Optional) - A list of category key and list of values.
- Ad
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- Ad
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- Allow
Ipv6Traffic bool - Api
Version string - The version of the API.
- App
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- App
Rule []NetworkInbound Allow Lists Security Rule App Rule Inbound Allow List Args - (Optional) The set of categories that matching VMs need to have.
- App
Rule []NetworkOutbound Allow Lists Security Rule App Rule Outbound Allow List Args - (Optional)
- App
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- App
Rule []stringTarget Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- App
Rule []NetworkTarget Group Filter Params Security Rule App Rule Target Group Filter Param Args - (Optional) - A list of category key and list of values.
- App
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- App
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- Categories
[]Network
Security Rule Category Args - (Optional) Categories for the network_security_rule.
- Description string
- (Optional) A description for network_security_rule.
- Is
Policy boolHitlog Enabled - Isolation
Rule stringAction - (Optional) - These rules are used for environmental isolation.
- Isolation
Rule []stringFirst Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Isolation
Rule []NetworkFirst Entity Filter Params Security Rule Isolation Rule First Entity Filter Param Args - (Optional) - A list of category key and list of values.
- Isolation
Rule stringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- Isolation
Rule []stringSecond Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- Isolation
Rule []NetworkSecond Entity Filter Params Security Rule Isolation Rule Second Entity Filter Param Args - (Optional) - A list of category key and list of values.
- Isolation
Rule stringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- Metadata map[string]string
- The network_security_rule kind metadata.
- Name string
- (Required) The name for the network_security_rule.
- Owner
Reference map[string]string - (Optional) The reference to a user.
- Project
Reference map[string]string - (Optional) The reference to a project.
- ad
Rule StringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- ad
Rule List<NetworkInbound Allow Lists Security Rule Ad Rule Inbound Allow List> - (Optional) The set of categories that matching VMs need to have.
- ad
Rule List<NetworkOutbound Allow Lists Security Rule Ad Rule Outbound Allow List> - (Optional)
- ad
Rule StringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- ad
Rule List<String>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- ad
Rule List<NetworkTarget Group Filter Params Security Rule Ad Rule Target Group Filter Param> - (Optional) - A list of category key and list of values.
- ad
Rule StringTarget Group Filter Type - (Optional) - The type of the filter being used.
- ad
Rule StringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- allow
Ipv6Traffic Boolean - api
Version String - The version of the API.
- app
Rule StringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- app
Rule List<NetworkInbound Allow Lists Security Rule App Rule Inbound Allow List> - (Optional) The set of categories that matching VMs need to have.
- app
Rule List<NetworkOutbound Allow Lists Security Rule App Rule Outbound Allow List> - (Optional)
- app
Rule StringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- app
Rule List<String>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- app
Rule List<NetworkTarget Group Filter Params Security Rule App Rule Target Group Filter Param> - (Optional) - A list of category key and list of values.
- app
Rule StringTarget Group Filter Type - (Optional) - The type of the filter being used.
- app
Rule StringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- categories
List<Network
Security Rule Category> - (Optional) Categories for the network_security_rule.
- description String
- (Optional) A description for network_security_rule.
- is
Policy BooleanHitlog Enabled - isolation
Rule StringAction - (Optional) - These rules are used for environmental isolation.
- isolation
Rule List<String>First Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule List<NetworkFirst Entity Filter Params Security Rule Isolation Rule First Entity Filter Param> - (Optional) - A list of category key and list of values.
- isolation
Rule StringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- isolation
Rule List<String>Second Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule List<NetworkSecond Entity Filter Params Security Rule Isolation Rule Second Entity Filter Param> - (Optional) - A list of category key and list of values.
- isolation
Rule StringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- metadata Map<String,String>
- The network_security_rule kind metadata.
- name String
- (Required) The name for the network_security_rule.
- owner
Reference Map<String,String> - (Optional) The reference to a user.
- project
Reference Map<String,String> - (Optional) The reference to a project.
- ad
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- ad
Rule NetworkInbound Allow Lists Security Rule Ad Rule Inbound Allow List[] - (Optional) The set of categories that matching VMs need to have.
- ad
Rule NetworkOutbound Allow Lists Security Rule Ad Rule Outbound Allow List[] - (Optional)
- ad
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- ad
Rule string[]Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- ad
Rule NetworkTarget Group Filter Params Security Rule Ad Rule Target Group Filter Param[] - (Optional) - A list of category key and list of values.
- ad
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- ad
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- allow
Ipv6Traffic boolean - api
Version string - The version of the API.
- app
Rule stringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- app
Rule NetworkInbound Allow Lists Security Rule App Rule Inbound Allow List[] - (Optional) The set of categories that matching VMs need to have.
- app
Rule NetworkOutbound Allow Lists Security Rule App Rule Outbound Allow List[] - (Optional)
- app
Rule stringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- app
Rule string[]Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- app
Rule NetworkTarget Group Filter Params Security Rule App Rule Target Group Filter Param[] - (Optional) - A list of category key and list of values.
- app
Rule stringTarget Group Filter Type - (Optional) - The type of the filter being used.
- app
Rule stringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- categories
Network
Security Rule Category[] - (Optional) Categories for the network_security_rule.
- description string
- (Optional) A description for network_security_rule.
- is
Policy booleanHitlog Enabled - isolation
Rule stringAction - (Optional) - These rules are used for environmental isolation.
- isolation
Rule string[]First Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule NetworkFirst Entity Filter Params Security Rule Isolation Rule First Entity Filter Param[] - (Optional) - A list of category key and list of values.
- isolation
Rule stringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- isolation
Rule string[]Second Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule NetworkSecond Entity Filter Params Security Rule Isolation Rule Second Entity Filter Param[] - (Optional) - A list of category key and list of values.
- isolation
Rule stringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- metadata {[key: string]: string}
- The network_security_rule kind metadata.
- name string
- (Required) The name for the network_security_rule.
- owner
Reference {[key: string]: string} - (Optional) The reference to a user.
- project
Reference {[key: string]: string} - (Optional) The reference to a project.
- ad_
rule_ straction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- ad_
rule_ Sequence[Networkinbound_ allow_ lists Security Rule Ad Rule Inbound Allow List Args] - (Optional) The set of categories that matching VMs need to have.
- ad_
rule_ Sequence[Networkoutbound_ allow_ lists Security Rule Ad Rule Outbound Allow List Args] - (Optional)
- ad_
rule_ strtarget_ group_ default_ internal_ policy - (Optional) - Default policy for communication within target group.
- ad_
rule_ Sequence[str]target_ group_ filter_ kind_ lists - (Optional) - List of kinds associated with this filter.
- ad_
rule_ Sequence[Networktarget_ group_ filter_ params Security Rule Ad Rule Target Group Filter Param Args] - (Optional) - A list of category key and list of values.
- ad_
rule_ strtarget_ group_ filter_ type - (Optional) - The type of the filter being used.
- ad_
rule_ strtarget_ group_ peer_ specification_ type - (Optional) - Way to identify the object for which rule is applied.
- allow_
ipv6_ booltraffic - api_
version str - The version of the API.
- app_
rule_ straction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- app_
rule_ Sequence[Networkinbound_ allow_ lists Security Rule App Rule Inbound Allow List Args] - (Optional) The set of categories that matching VMs need to have.
- app_
rule_ Sequence[Networkoutbound_ allow_ lists Security Rule App Rule Outbound Allow List Args] - (Optional)
- app_
rule_ strtarget_ group_ default_ internal_ policy - (Optional) - Default policy for communication within target group.
- app_
rule_ Sequence[str]target_ group_ filter_ kind_ lists - (Optional) - List of kinds associated with this filter.
- app_
rule_ Sequence[Networktarget_ group_ filter_ params Security Rule App Rule Target Group Filter Param Args] - (Optional) - A list of category key and list of values.
- app_
rule_ strtarget_ group_ filter_ type - (Optional) - The type of the filter being used.
- app_
rule_ strtarget_ group_ peer_ specification_ type - (Optional) - Way to identify the object for which rule is applied.
- categories
Sequence[Network
Security Rule Category Args] - (Optional) Categories for the network_security_rule.
- description str
- (Optional) A description for network_security_rule.
- is_
policy_ boolhitlog_ enabled - isolation_
rule_ straction - (Optional) - These rules are used for environmental isolation.
- isolation_
rule_ Sequence[str]first_ entity_ filter_ kind_ lists - (Optional) - List of kinds associated with this filter.
- isolation_
rule_ Sequence[Networkfirst_ entity_ filter_ params Security Rule Isolation Rule First Entity Filter Param Args] - (Optional) - A list of category key and list of values.
- isolation_
rule_ strfirst_ entity_ filter_ type - (Optional) - The type of the filter being used.
- isolation_
rule_ Sequence[str]second_ entity_ filter_ kind_ lists - (Optional) - List of kinds associated with this filter.
- isolation_
rule_ Sequence[Networksecond_ entity_ filter_ params Security Rule Isolation Rule Second Entity Filter Param Args] - (Optional) - A list of category key and list of values.
- isolation_
rule_ strsecond_ entity_ filter_ type - (Optional) - The type of the filter being used.
- metadata Mapping[str, str]
- The network_security_rule kind metadata.
- name str
- (Required) The name for the network_security_rule.
- owner_
reference Mapping[str, str] - (Optional) The reference to a user.
- project_
reference Mapping[str, str] - (Optional) The reference to a project.
- ad
Rule StringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- ad
Rule List<Property Map>Inbound Allow Lists - (Optional) The set of categories that matching VMs need to have.
- ad
Rule List<Property Map>Outbound Allow Lists - (Optional)
- ad
Rule StringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- ad
Rule List<String>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- ad
Rule List<Property Map>Target Group Filter Params - (Optional) - A list of category key and list of values.
- ad
Rule StringTarget Group Filter Type - (Optional) - The type of the filter being used.
- ad
Rule StringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- allow
Ipv6Traffic Boolean - api
Version String - The version of the API.
- app
Rule StringAction - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty inbound_allow_list will not anything into target group. Empty outbound_allow_list will allow everything from target group.
- app
Rule List<Property Map>Inbound Allow Lists - (Optional) The set of categories that matching VMs need to have.
- app
Rule List<Property Map>Outbound Allow Lists - (Optional)
- app
Rule StringTarget Group Default Internal Policy - (Optional) - Default policy for communication within target group.
- app
Rule List<String>Target Group Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- app
Rule List<Property Map>Target Group Filter Params - (Optional) - A list of category key and list of values.
- app
Rule StringTarget Group Filter Type - (Optional) - The type of the filter being used.
- app
Rule StringTarget Group Peer Specification Type - (Optional) - Way to identify the object for which rule is applied.
- categories List<Property Map>
- (Optional) Categories for the network_security_rule.
- description String
- (Optional) A description for network_security_rule.
- is
Policy BooleanHitlog Enabled - isolation
Rule StringAction - (Optional) - These rules are used for environmental isolation.
- isolation
Rule List<String>First Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule List<Property Map>First Entity Filter Params - (Optional) - A list of category key and list of values.
- isolation
Rule StringFirst Entity Filter Type - (Optional) - The type of the filter being used.
- isolation
Rule List<String>Second Entity Filter Kind Lists - (Optional) - List of kinds associated with this filter.
- isolation
Rule List<Property Map>Second Entity Filter Params - (Optional) - A list of category key and list of values.
- isolation
Rule StringSecond Entity Filter Type - (Optional) - The type of the filter being used.
- metadata Map<String>
- The network_security_rule kind metadata.
- name String
- (Required) The name for the network_security_rule.
- owner
Reference Map<String> - (Optional) The reference to a user.
- project
Reference Map<String> - (Optional) The reference to a project.
Supporting Types
NetworkSecurityRuleAdRuleInboundAllowList, NetworkSecurityRuleAdRuleInboundAllowListArgs
, NetworkSecurityRuleAdRuleInboundAllowListArgs
- Address
Group List<PiersInclusion Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Inbound Allow List Address Group Inclusion List> - Expiration
Time string - Filter
Kind List<string>Lists - Filter
Params List<PiersKarsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Inbound Allow List Filter Param> - Filter
Type string - Icmp
Type List<PiersCode Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Inbound Allow List Icmp Type Code List> - Ip
Subnet string - Ip
Subnet stringPrefix Length - Network
Function Dictionary<string, string>Chain Reference - Peer
Specification stringType - Protocol string
- Service
Group List<PiersLists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Inbound Allow List Service Group List> - Tcp
Port List<PiersRange Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Inbound Allow List Tcp Port Range List> - Udp
Port List<PiersRange Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Inbound Allow List Udp Port Range List>
- Address
Group []NetworkInclusion Lists Security Rule Ad Rule Inbound Allow List Address Group Inclusion List - Expiration
Time string - Filter
Kind []stringLists - Filter
Params []NetworkSecurity Rule Ad Rule Inbound Allow List Filter Param - Filter
Type string - Icmp
Type []NetworkCode Lists Security Rule Ad Rule Inbound Allow List Icmp Type Code List - Ip
Subnet string - Ip
Subnet stringPrefix Length - Network
Function map[string]stringChain Reference - Peer
Specification stringType - Protocol string
- Service
Group []NetworkLists Security Rule Ad Rule Inbound Allow List Service Group List - Tcp
Port []NetworkRange Lists Security Rule Ad Rule Inbound Allow List Tcp Port Range List - Udp
Port []NetworkRange Lists Security Rule Ad Rule Inbound Allow List Udp Port Range List
- address
Group List<NetworkInclusion Lists Security Rule Ad Rule Inbound Allow List Address Group Inclusion List> - expiration
Time String - filter
Kind List<String>Lists - filter
Params List<NetworkSecurity Rule Ad Rule Inbound Allow List Filter Param> - filter
Type String - icmp
Type List<NetworkCode Lists Security Rule Ad Rule Inbound Allow List Icmp Type Code List> - ip
Subnet String - ip
Subnet StringPrefix Length - network
Function Map<String,String>Chain Reference - peer
Specification StringType - protocol String
- service
Group List<NetworkLists Security Rule Ad Rule Inbound Allow List Service Group List> - tcp
Port List<NetworkRange Lists Security Rule Ad Rule Inbound Allow List Tcp Port Range List> - udp
Port List<NetworkRange Lists Security Rule Ad Rule Inbound Allow List Udp Port Range List>
- address
Group NetworkInclusion Lists Security Rule Ad Rule Inbound Allow List Address Group Inclusion List[] - expiration
Time string - filter
Kind string[]Lists - filter
Params NetworkSecurity Rule Ad Rule Inbound Allow List Filter Param[] - filter
Type string - icmp
Type NetworkCode Lists Security Rule Ad Rule Inbound Allow List Icmp Type Code List[] - ip
Subnet string - ip
Subnet stringPrefix Length - network
Function {[key: string]: string}Chain Reference - peer
Specification stringType - protocol string
- service
Group NetworkLists Security Rule Ad Rule Inbound Allow List Service Group List[] - tcp
Port NetworkRange Lists Security Rule Ad Rule Inbound Allow List Tcp Port Range List[] - udp
Port NetworkRange Lists Security Rule Ad Rule Inbound Allow List Udp Port Range List[]
- address_
group_ Sequence[Networkinclusion_ lists Security Rule Ad Rule Inbound Allow List Address Group Inclusion List] - expiration_
time str - filter_
kind_ Sequence[str]lists - filter_
params Sequence[NetworkSecurity Rule Ad Rule Inbound Allow List Filter Param] - filter_
type str - icmp_
type_ Sequence[Networkcode_ lists Security Rule Ad Rule Inbound Allow List Icmp Type Code List] - ip_
subnet str - ip_
subnet_ strprefix_ length - network_
function_ Mapping[str, str]chain_ reference - peer_
specification_ strtype - protocol str
- service_
group_ Sequence[Networklists Security Rule Ad Rule Inbound Allow List Service Group List] - tcp_
port_ Sequence[Networkrange_ lists Security Rule Ad Rule Inbound Allow List Tcp Port Range List] - udp_
port_ Sequence[Networkrange_ lists Security Rule Ad Rule Inbound Allow List Udp Port Range List]
- address
Group List<Property Map>Inclusion Lists - expiration
Time String - filter
Kind List<String>Lists - filter
Params List<Property Map> - filter
Type String - icmp
Type List<Property Map>Code Lists - ip
Subnet String - ip
Subnet StringPrefix Length - network
Function Map<String>Chain Reference - peer
Specification StringType - protocol String
- service
Group List<Property Map>Lists - tcp
Port List<Property Map>Range Lists - udp
Port List<Property Map>Range Lists
NetworkSecurityRuleAdRuleInboundAllowListAddressGroupInclusionList, NetworkSecurityRuleAdRuleInboundAllowListAddressGroupInclusionListArgs
, NetworkSecurityRuleAdRuleInboundAllowListAddressGroupInclusionListArgs
NetworkSecurityRuleAdRuleInboundAllowListFilterParam, NetworkSecurityRuleAdRuleInboundAllowListFilterParamArgs
, NetworkSecurityRuleAdRuleInboundAllowListFilterParamArgs
NetworkSecurityRuleAdRuleInboundAllowListIcmpTypeCodeList, NetworkSecurityRuleAdRuleInboundAllowListIcmpTypeCodeListArgs
, NetworkSecurityRuleAdRuleInboundAllowListIcmpTypeCodeListArgs
NetworkSecurityRuleAdRuleInboundAllowListServiceGroupList, NetworkSecurityRuleAdRuleInboundAllowListServiceGroupListArgs
, NetworkSecurityRuleAdRuleInboundAllowListServiceGroupListArgs
NetworkSecurityRuleAdRuleInboundAllowListTcpPortRangeList, NetworkSecurityRuleAdRuleInboundAllowListTcpPortRangeListArgs
, NetworkSecurityRuleAdRuleInboundAllowListTcpPortRangeListArgs
- end_
port int - start_
port int
NetworkSecurityRuleAdRuleInboundAllowListUdpPortRangeList, NetworkSecurityRuleAdRuleInboundAllowListUdpPortRangeListArgs
, NetworkSecurityRuleAdRuleInboundAllowListUdpPortRangeListArgs
- end_
port int - start_
port int
NetworkSecurityRuleAdRuleOutboundAllowList, NetworkSecurityRuleAdRuleOutboundAllowListArgs
, NetworkSecurityRuleAdRuleOutboundAllowListArgs
- Address
Group List<PiersInclusion Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Outbound Allow List Address Group Inclusion List> - Expiration
Time string - Filter
Kind List<string>Lists - Filter
Params List<PiersKarsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Outbound Allow List Filter Param> - Filter
Type string - Icmp
Type List<PiersCode Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Outbound Allow List Icmp Type Code List> - Ip
Subnet string - Ip
Subnet stringPrefix Length - Network
Function Dictionary<string, string>Chain Reference - Peer
Specification stringType - Protocol string
- Service
Group List<PiersLists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Outbound Allow List Service Group List> - Tcp
Port List<PiersRange Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Outbound Allow List Tcp Port Range List> - Udp
Port List<PiersRange Lists Karsenbarg. Nutanix. Inputs. Network Security Rule Ad Rule Outbound Allow List Udp Port Range List>
- Address
Group []NetworkInclusion Lists Security Rule Ad Rule Outbound Allow List Address Group Inclusion List - Expiration
Time string - Filter
Kind []stringLists - Filter
Params []NetworkSecurity Rule Ad Rule Outbound Allow List Filter Param - Filter
Type string - Icmp
Type []NetworkCode Lists Security Rule Ad Rule Outbound Allow List Icmp Type Code List - Ip
Subnet string - Ip
Subnet stringPrefix Length - Network
Function map[string]stringChain Reference - Peer
Specification stringType - Protocol string
- Service
Group []NetworkLists Security Rule Ad Rule Outbound Allow List Service Group List - Tcp
Port []NetworkRange Lists Security Rule Ad Rule Outbound Allow List Tcp Port Range List - Udp
Port []NetworkRange Lists Security Rule Ad Rule Outbound Allow List Udp Port Range List
- address
Group List<NetworkInclusion Lists Security Rule Ad Rule Outbound Allow List Address Group Inclusion List> - expiration
Time String - filter
Kind List<String>Lists - filter
Params List<NetworkSecurity Rule Ad Rule Outbound Allow List Filter Param> - filter
Type String - icmp
Type List<NetworkCode Lists Security Rule Ad Rule Outbound Allow List Icmp Type Code List> - ip
Subnet String - ip
Subnet StringPrefix Length - network
Function Map<String,String>Chain Reference - peer
Specification StringType - protocol String
- service
Group List<NetworkLists Security Rule Ad Rule Outbound Allow List Service Group List> - tcp
Port List<NetworkRange Lists Security Rule Ad Rule Outbound Allow List Tcp Port Range List> - udp
Port List<NetworkRange Lists Security Rule Ad Rule Outbound Allow List Udp Port Range List>
- address
Group NetworkInclusion Lists Security Rule Ad Rule Outbound Allow List Address Group Inclusion List[] - expiration
Time string - filter
Kind string[]Lists - filter
Params NetworkSecurity Rule Ad Rule Outbound Allow List Filter Param[] - filter
Type string - icmp
Type NetworkCode Lists Security Rule Ad Rule Outbound Allow List Icmp Type Code List[] - ip
Subnet string - ip
Subnet stringPrefix Length - network
Function {[key: string]: string}Chain Reference - peer
Specification stringType - protocol string
- service
Group NetworkLists Security Rule Ad Rule Outbound Allow List Service Group List[] - tcp
Port NetworkRange Lists Security Rule Ad Rule Outbound Allow List Tcp Port Range List[] - udp
Port NetworkRange Lists Security Rule Ad Rule Outbound Allow List Udp Port Range List[]
- address_
group_ Sequence[Networkinclusion_ lists Security Rule Ad Rule Outbound Allow List Address Group Inclusion List] - expiration_
time str - filter_
kind_ Sequence[str]lists - filter_
params Sequence[NetworkSecurity Rule Ad Rule Outbound Allow List Filter Param] - filter_
type str - icmp_
type_ Sequence[Networkcode_ lists Security Rule Ad Rule Outbound Allow List Icmp Type Code List] - ip_
subnet str - ip_
subnet_ strprefix_ length - network_
function_ Mapping[str, str]chain_ reference - peer_
specification_ strtype - protocol str
- service_
group_ Sequence[Networklists Security Rule Ad Rule Outbound Allow List Service Group List] - tcp_
port_ Sequence[Networkrange_ lists Security Rule Ad Rule Outbound Allow List Tcp Port Range List] - udp_
port_ Sequence[Networkrange_ lists Security Rule Ad Rule Outbound Allow List Udp Port Range List]
- address
Group List<Property Map>Inclusion Lists - expiration
Time String - filter
Kind List<String>Lists - filter
Params List<Property Map> - filter
Type String - icmp
Type List<Property Map>Code Lists - ip
Subnet String - ip
Subnet StringPrefix Length - network
Function Map<String>Chain Reference - peer
Specification StringType - protocol String
- service
Group List<Property Map>Lists - tcp
Port List<Property Map>Range Lists - udp
Port List<Property Map>Range Lists
NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionList, NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArgs
, NetworkSecurityRuleAdRuleOutboundAllowListAddressGroupInclusionListArgs
NetworkSecurityRuleAdRuleOutboundAllowListFilterParam, NetworkSecurityRuleAdRuleOutboundAllowListFilterParamArgs
, NetworkSecurityRuleAdRuleOutboundAllowListFilterParamArgs
NetworkSecurityRuleAdRuleOutboundAllowListIcmpTypeCodeList, NetworkSecurityRuleAdRuleOutboundAllowListIcmpTypeCodeListArgs
, NetworkSecurityRuleAdRuleOutboundAllowListIcmpTypeCodeListArgs
NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupList, NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArgs
, NetworkSecurityRuleAdRuleOutboundAllowListServiceGroupListArgs
NetworkSecurityRuleAdRuleOutboundAllowListTcpPortRangeList, NetworkSecurityRuleAdRuleOutboundAllowListTcpPortRangeListArgs
, NetworkSecurityRuleAdRuleOutboundAllowListTcpPortRangeListArgs
- end_
port int - start_
port int
NetworkSecurityRuleAdRuleOutboundAllowListUdpPortRangeList, NetworkSecurityRuleAdRuleOutboundAllowListUdpPortRangeListArgs
, NetworkSecurityRuleAdRuleOutboundAllowListUdpPortRangeListArgs
- end_
port int - start_
port int
NetworkSecurityRuleAdRuleTargetGroupFilterParam, NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs
, NetworkSecurityRuleAdRuleTargetGroupFilterParamArgs
NetworkSecurityRuleAppRuleInboundAllowList, NetworkSecurityRuleAppRuleInboundAllowListArgs
, NetworkSecurityRuleAppRuleInboundAllowListArgs
- Address
Group List<PiersInclusion Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Inbound Allow List Address Group Inclusion List> - Expiration
Time string - Filter
Kind List<string>Lists - Filter
Params List<PiersKarsenbarg. Nutanix. Inputs. Network Security Rule App Rule Inbound Allow List Filter Param> - Filter
Type string - Icmp
Type List<PiersCode Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Inbound Allow List Icmp Type Code List> - Ip
Subnet string - Ip
Subnet stringPrefix Length - Network
Function Dictionary<string, string>Chain Reference - Peer
Specification stringType - Protocol string
- Service
Group List<PiersLists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Inbound Allow List Service Group List> - Tcp
Port List<PiersRange Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Inbound Allow List Tcp Port Range List> - Udp
Port List<PiersRange Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Inbound Allow List Udp Port Range List>
- Address
Group []NetworkInclusion Lists Security Rule App Rule Inbound Allow List Address Group Inclusion List - Expiration
Time string - Filter
Kind []stringLists - Filter
Params []NetworkSecurity Rule App Rule Inbound Allow List Filter Param - Filter
Type string - Icmp
Type []NetworkCode Lists Security Rule App Rule Inbound Allow List Icmp Type Code List - Ip
Subnet string - Ip
Subnet stringPrefix Length - Network
Function map[string]stringChain Reference - Peer
Specification stringType - Protocol string
- Service
Group []NetworkLists Security Rule App Rule Inbound Allow List Service Group List - Tcp
Port []NetworkRange Lists Security Rule App Rule Inbound Allow List Tcp Port Range List - Udp
Port []NetworkRange Lists Security Rule App Rule Inbound Allow List Udp Port Range List
- address
Group List<NetworkInclusion Lists Security Rule App Rule Inbound Allow List Address Group Inclusion List> - expiration
Time String - filter
Kind List<String>Lists - filter
Params List<NetworkSecurity Rule App Rule Inbound Allow List Filter Param> - filter
Type String - icmp
Type List<NetworkCode Lists Security Rule App Rule Inbound Allow List Icmp Type Code List> - ip
Subnet String - ip
Subnet StringPrefix Length - network
Function Map<String,String>Chain Reference - peer
Specification StringType - protocol String
- service
Group List<NetworkLists Security Rule App Rule Inbound Allow List Service Group List> - tcp
Port List<NetworkRange Lists Security Rule App Rule Inbound Allow List Tcp Port Range List> - udp
Port List<NetworkRange Lists Security Rule App Rule Inbound Allow List Udp Port Range List>
- address
Group NetworkInclusion Lists Security Rule App Rule Inbound Allow List Address Group Inclusion List[] - expiration
Time string - filter
Kind string[]Lists - filter
Params NetworkSecurity Rule App Rule Inbound Allow List Filter Param[] - filter
Type string - icmp
Type NetworkCode Lists Security Rule App Rule Inbound Allow List Icmp Type Code List[] - ip
Subnet string - ip
Subnet stringPrefix Length - network
Function {[key: string]: string}Chain Reference - peer
Specification stringType - protocol string
- service
Group NetworkLists Security Rule App Rule Inbound Allow List Service Group List[] - tcp
Port NetworkRange Lists Security Rule App Rule Inbound Allow List Tcp Port Range List[] - udp
Port NetworkRange Lists Security Rule App Rule Inbound Allow List Udp Port Range List[]
- address_
group_ Sequence[Networkinclusion_ lists Security Rule App Rule Inbound Allow List Address Group Inclusion List] - expiration_
time str - filter_
kind_ Sequence[str]lists - filter_
params Sequence[NetworkSecurity Rule App Rule Inbound Allow List Filter Param] - filter_
type str - icmp_
type_ Sequence[Networkcode_ lists Security Rule App Rule Inbound Allow List Icmp Type Code List] - ip_
subnet str - ip_
subnet_ strprefix_ length - network_
function_ Mapping[str, str]chain_ reference - peer_
specification_ strtype - protocol str
- service_
group_ Sequence[Networklists Security Rule App Rule Inbound Allow List Service Group List] - tcp_
port_ Sequence[Networkrange_ lists Security Rule App Rule Inbound Allow List Tcp Port Range List] - udp_
port_ Sequence[Networkrange_ lists Security Rule App Rule Inbound Allow List Udp Port Range List]
- address
Group List<Property Map>Inclusion Lists - expiration
Time String - filter
Kind List<String>Lists - filter
Params List<Property Map> - filter
Type String - icmp
Type List<Property Map>Code Lists - ip
Subnet String - ip
Subnet StringPrefix Length - network
Function Map<String>Chain Reference - peer
Specification StringType - protocol String
- service
Group List<Property Map>Lists - tcp
Port List<Property Map>Range Lists - udp
Port List<Property Map>Range Lists
NetworkSecurityRuleAppRuleInboundAllowListAddressGroupInclusionList, NetworkSecurityRuleAppRuleInboundAllowListAddressGroupInclusionListArgs
, NetworkSecurityRuleAppRuleInboundAllowListAddressGroupInclusionListArgs
NetworkSecurityRuleAppRuleInboundAllowListFilterParam, NetworkSecurityRuleAppRuleInboundAllowListFilterParamArgs
, NetworkSecurityRuleAppRuleInboundAllowListFilterParamArgs
NetworkSecurityRuleAppRuleInboundAllowListIcmpTypeCodeList, NetworkSecurityRuleAppRuleInboundAllowListIcmpTypeCodeListArgs
, NetworkSecurityRuleAppRuleInboundAllowListIcmpTypeCodeListArgs
NetworkSecurityRuleAppRuleInboundAllowListServiceGroupList, NetworkSecurityRuleAppRuleInboundAllowListServiceGroupListArgs
, NetworkSecurityRuleAppRuleInboundAllowListServiceGroupListArgs
NetworkSecurityRuleAppRuleInboundAllowListTcpPortRangeList, NetworkSecurityRuleAppRuleInboundAllowListTcpPortRangeListArgs
, NetworkSecurityRuleAppRuleInboundAllowListTcpPortRangeListArgs
- end_
port int - start_
port int
NetworkSecurityRuleAppRuleInboundAllowListUdpPortRangeList, NetworkSecurityRuleAppRuleInboundAllowListUdpPortRangeListArgs
, NetworkSecurityRuleAppRuleInboundAllowListUdpPortRangeListArgs
- end_
port int - start_
port int
NetworkSecurityRuleAppRuleOutboundAllowList, NetworkSecurityRuleAppRuleOutboundAllowListArgs
, NetworkSecurityRuleAppRuleOutboundAllowListArgs
- Address
Group List<PiersInclusion Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Outbound Allow List Address Group Inclusion List> - Expiration
Time string - Filter
Kind List<string>Lists - Filter
Params List<PiersKarsenbarg. Nutanix. Inputs. Network Security Rule App Rule Outbound Allow List Filter Param> - Filter
Type string - Icmp
Type List<PiersCode Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Outbound Allow List Icmp Type Code List> - Ip
Subnet string - Ip
Subnet stringPrefix Length - Network
Function Dictionary<string, string>Chain Reference - Peer
Specification stringType - Protocol string
- Service
Group List<PiersLists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Outbound Allow List Service Group List> - Tcp
Port List<PiersRange Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Outbound Allow List Tcp Port Range List> - Udp
Port List<PiersRange Lists Karsenbarg. Nutanix. Inputs. Network Security Rule App Rule Outbound Allow List Udp Port Range List>
- Address
Group []NetworkInclusion Lists Security Rule App Rule Outbound Allow List Address Group Inclusion List - Expiration
Time string - Filter
Kind []stringLists - Filter
Params []NetworkSecurity Rule App Rule Outbound Allow List Filter Param - Filter
Type string - Icmp
Type []NetworkCode Lists Security Rule App Rule Outbound Allow List Icmp Type Code List - Ip
Subnet string - Ip
Subnet stringPrefix Length - Network
Function map[string]stringChain Reference - Peer
Specification stringType - Protocol string
- Service
Group []NetworkLists Security Rule App Rule Outbound Allow List Service Group List - Tcp
Port []NetworkRange Lists Security Rule App Rule Outbound Allow List Tcp Port Range List - Udp
Port []NetworkRange Lists Security Rule App Rule Outbound Allow List Udp Port Range List
- address
Group List<NetworkInclusion Lists Security Rule App Rule Outbound Allow List Address Group Inclusion List> - expiration
Time String - filter
Kind List<String>Lists - filter
Params List<NetworkSecurity Rule App Rule Outbound Allow List Filter Param> - filter
Type String - icmp
Type List<NetworkCode Lists Security Rule App Rule Outbound Allow List Icmp Type Code List> - ip
Subnet String - ip
Subnet StringPrefix Length - network
Function Map<String,String>Chain Reference - peer
Specification StringType - protocol String
- service
Group List<NetworkLists Security Rule App Rule Outbound Allow List Service Group List> - tcp
Port List<NetworkRange Lists Security Rule App Rule Outbound Allow List Tcp Port Range List> - udp
Port List<NetworkRange Lists Security Rule App Rule Outbound Allow List Udp Port Range List>
- address
Group NetworkInclusion Lists Security Rule App Rule Outbound Allow List Address Group Inclusion List[] - expiration
Time string - filter
Kind string[]Lists - filter
Params NetworkSecurity Rule App Rule Outbound Allow List Filter Param[] - filter
Type string - icmp
Type NetworkCode Lists Security Rule App Rule Outbound Allow List Icmp Type Code List[] - ip
Subnet string - ip
Subnet stringPrefix Length - network
Function {[key: string]: string}Chain Reference - peer
Specification stringType - protocol string
- service
Group NetworkLists Security Rule App Rule Outbound Allow List Service Group List[] - tcp
Port NetworkRange Lists Security Rule App Rule Outbound Allow List Tcp Port Range List[] - udp
Port NetworkRange Lists Security Rule App Rule Outbound Allow List Udp Port Range List[]
- address_
group_ Sequence[Networkinclusion_ lists Security Rule App Rule Outbound Allow List Address Group Inclusion List] - expiration_
time str - filter_
kind_ Sequence[str]lists - filter_
params Sequence[NetworkSecurity Rule App Rule Outbound Allow List Filter Param] - filter_
type str - icmp_
type_ Sequence[Networkcode_ lists Security Rule App Rule Outbound Allow List Icmp Type Code List] - ip_
subnet str - ip_
subnet_ strprefix_ length - network_
function_ Mapping[str, str]chain_ reference - peer_
specification_ strtype - protocol str
- service_
group_ Sequence[Networklists Security Rule App Rule Outbound Allow List Service Group List] - tcp_
port_ Sequence[Networkrange_ lists Security Rule App Rule Outbound Allow List Tcp Port Range List] - udp_
port_ Sequence[Networkrange_ lists Security Rule App Rule Outbound Allow List Udp Port Range List]
- address
Group List<Property Map>Inclusion Lists - expiration
Time String - filter
Kind List<String>Lists - filter
Params List<Property Map> - filter
Type String - icmp
Type List<Property Map>Code Lists - ip
Subnet String - ip
Subnet StringPrefix Length - network
Function Map<String>Chain Reference - peer
Specification StringType - protocol String
- service
Group List<Property Map>Lists - tcp
Port List<Property Map>Range Lists - udp
Port List<Property Map>Range Lists
NetworkSecurityRuleAppRuleOutboundAllowListAddressGroupInclusionList, NetworkSecurityRuleAppRuleOutboundAllowListAddressGroupInclusionListArgs
, NetworkSecurityRuleAppRuleOutboundAllowListAddressGroupInclusionListArgs
NetworkSecurityRuleAppRuleOutboundAllowListFilterParam, NetworkSecurityRuleAppRuleOutboundAllowListFilterParamArgs
, NetworkSecurityRuleAppRuleOutboundAllowListFilterParamArgs
NetworkSecurityRuleAppRuleOutboundAllowListIcmpTypeCodeList, NetworkSecurityRuleAppRuleOutboundAllowListIcmpTypeCodeListArgs
, NetworkSecurityRuleAppRuleOutboundAllowListIcmpTypeCodeListArgs
NetworkSecurityRuleAppRuleOutboundAllowListServiceGroupList, NetworkSecurityRuleAppRuleOutboundAllowListServiceGroupListArgs
, NetworkSecurityRuleAppRuleOutboundAllowListServiceGroupListArgs
NetworkSecurityRuleAppRuleOutboundAllowListTcpPortRangeList, NetworkSecurityRuleAppRuleOutboundAllowListTcpPortRangeListArgs
, NetworkSecurityRuleAppRuleOutboundAllowListTcpPortRangeListArgs
- end_
port int - start_
port int
NetworkSecurityRuleAppRuleOutboundAllowListUdpPortRangeList, NetworkSecurityRuleAppRuleOutboundAllowListUdpPortRangeListArgs
, NetworkSecurityRuleAppRuleOutboundAllowListUdpPortRangeListArgs
- end_
port int - start_
port int
NetworkSecurityRuleAppRuleTargetGroupFilterParam, NetworkSecurityRuleAppRuleTargetGroupFilterParamArgs
, NetworkSecurityRuleAppRuleTargetGroupFilterParamArgs
NetworkSecurityRuleCategory, NetworkSecurityRuleCategoryArgs
, NetworkSecurityRuleCategoryArgs
NetworkSecurityRuleIsolationRuleFirstEntityFilterParam, NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs
, NetworkSecurityRuleIsolationRuleFirstEntityFilterParamArgs
NetworkSecurityRuleIsolationRuleSecondEntityFilterParam, NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs
, NetworkSecurityRuleIsolationRuleSecondEntityFilterParamArgs
Package Details
- Repository
- nutanix pierskarsenbarg/pulumi-nutanix
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
nutanixTerraform Provider.