Docs Home
Nutanix v0.7.4 published on Friday, Mar 21, 2025 by Piers Karsenbarg
nutanix.NetworkSecurityPolicyV2
Explore with Pulumi AI
Create a Network Security Policy
Example
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.nutanix.NetworkSecurityPolicyV2;
import com.pulumi.nutanix.NetworkSecurityPolicyV2Args;
import com.pulumi.nutanix.inputs.NetworkSecurityPolicyV2RuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new NetworkSecurityPolicyV2("example", NetworkSecurityPolicyV2Args.builder()
.description("{{ desc }}")
.isHitlogEnabled(true)
.rules(NetworkSecurityPolicyV2RuleArgs.builder()
.specs(NetworkSecurityPolicyV2RuleSpecArgs.builder()
.twoEnvIsolationRuleSpec(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
.build())
.type("TWO_ENV_ISOLATION")
.build())
.state("SAVE")
.type("ISOLATION")
.build());
}
}
resources:
example:
type: nutanix:NetworkSecurityPolicyV2
properties:
description: '{{ desc }}'
isHitlogEnabled: true
rules:
- specs:
- twoEnvIsolationRuleSpec:
- firstIsolationGroup:
- '{{ uuids}}'
secondIsolationGroup:
- '{{ uuids }}'
type: TWO_ENV_ISOLATION
state: SAVE
type: ISOLATION
Create NetworkSecurityPolicyV2 Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new NetworkSecurityPolicyV2(name: string, args: NetworkSecurityPolicyV2Args, opts?: CustomResourceOptions);@overload
def NetworkSecurityPolicyV2(resource_name: str,
args: NetworkSecurityPolicyV2Args,
opts: Optional[ResourceOptions] = None)
@overload
def NetworkSecurityPolicyV2(resource_name: str,
opts: Optional[ResourceOptions] = None,
type: Optional[str] = None,
description: Optional[str] = None,
is_hitlog_enabled: Optional[bool] = None,
is_ipv6_traffic_allowed: Optional[bool] = None,
name: Optional[str] = None,
rules: Optional[Sequence[NetworkSecurityPolicyV2RuleArgs]] = None,
scope: Optional[str] = None,
state: Optional[str] = None,
vpc_references: Optional[Sequence[str]] = None)func NewNetworkSecurityPolicyV2(ctx *Context, name string, args NetworkSecurityPolicyV2Args, opts ...ResourceOption) (*NetworkSecurityPolicyV2, error)public NetworkSecurityPolicyV2(string name, NetworkSecurityPolicyV2Args args, CustomResourceOptions? opts = null)public NetworkSecurityPolicyV2(String name, NetworkSecurityPolicyV2Args args)
public NetworkSecurityPolicyV2(String name, NetworkSecurityPolicyV2Args args, CustomResourceOptions options)
type: nutanix:NetworkSecurityPolicyV2
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. NetworkSecurityPolicyV2Args - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. NetworkSecurityPolicyV2Args - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. NetworkSecurityPolicyV2Args - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. NetworkSecurityPolicyV2Args - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. NetworkSecurityPolicyV2Args - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var networkSecurityPolicyV2Resource = new Nutanix.NetworkSecurityPolicyV2("networkSecurityPolicyV2Resource", new()
{
Type = "string",
Description = "string",
IsHitlogEnabled = false,
IsIpv6TrafficAllowed = false,
Name = "string",
Rules = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleArgs
{
Specs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecArgs
{
ApplicationRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs
{
SecuredGroupCategoryReferences = new[]
{
"string",
},
NetworkFunctionChainReference = "string",
ServiceGroupReferences = new[]
{
"string",
},
DestSubnets = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs
{
PrefixLength = "string",
Value = "string",
},
},
IcmpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs
{
Code = 0,
IsAllAllowed = false,
Type = 0,
},
},
IsAllProtocolAllowed = false,
DestAddressGroupReferences = new[]
{
"string",
},
DestAllowSpec = "string",
DestCategoryReferences = new[]
{
"string",
},
SrcAddressGroupReferences = new[]
{
"string",
},
SrcAllowSpec = "string",
SrcCategoryReferences = new[]
{
"string",
},
SrcSubnets = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs
{
PrefixLength = "string",
Value = "string",
},
},
TcpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs
{
EndPort = 0,
StartPort = 0,
},
},
UdpServices = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs
{
EndPort = 0,
StartPort = 0,
},
},
},
},
IntraEntityGroupRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs
{
SecuredGroupAction = "string",
SecuredGroupCategoryReferences = new[]
{
"string",
},
},
},
MultiEnvIsolationRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs
{
Specs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs
{
AllToAllIsolationGroups = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs
{
IsolationGroups = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs
{
GroupCategoryReferences = new[]
{
"string",
},
},
},
},
},
},
},
},
},
TwoEnvIsolationRuleSpecs = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs
{
FirstIsolationGroups = new[]
{
"string",
},
SecondIsolationGroups = new[]
{
"string",
},
},
},
},
},
Type = "string",
Description = "string",
ExtId = "string",
Links = new[]
{
new Nutanix.Inputs.NetworkSecurityPolicyV2RuleLinkArgs
{
Href = "string",
Rel = "string",
},
},
},
},
Scope = "string",
State = "string",
VpcReferences = new[]
{
"string",
},
});
example, err := nutanix.NewNetworkSecurityPolicyV2(ctx, "networkSecurityPolicyV2Resource", &nutanix.NetworkSecurityPolicyV2Args{
Type: pulumi.String("string"),
Description: pulumi.String("string"),
IsHitlogEnabled: pulumi.Bool(false),
IsIpv6TrafficAllowed: pulumi.Bool(false),
Name: pulumi.String("string"),
Rules: nutanix.NetworkSecurityPolicyV2RuleArray{
&nutanix.NetworkSecurityPolicyV2RuleArgs{
Specs: nutanix.NetworkSecurityPolicyV2RuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecArgs{
ApplicationRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs{
SecuredGroupCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
NetworkFunctionChainReference: pulumi.String("string"),
ServiceGroupReferences: pulumi.StringArray{
pulumi.String("string"),
},
DestSubnets: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs{
PrefixLength: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
IcmpServices: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs{
Code: pulumi.Int(0),
IsAllAllowed: pulumi.Bool(false),
Type: pulumi.Int(0),
},
},
IsAllProtocolAllowed: pulumi.Bool(false),
DestAddressGroupReferences: pulumi.StringArray{
pulumi.String("string"),
},
DestAllowSpec: pulumi.String("string"),
DestCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
SrcAddressGroupReferences: pulumi.StringArray{
pulumi.String("string"),
},
SrcAllowSpec: pulumi.String("string"),
SrcCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
SrcSubnets: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs{
PrefixLength: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
TcpServices: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
UdpServices: nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs{
EndPort: pulumi.Int(0),
StartPort: pulumi.Int(0),
},
},
},
},
IntraEntityGroupRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs{
SecuredGroupAction: pulumi.String("string"),
SecuredGroupCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MultiEnvIsolationRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs{
Specs: nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs{
AllToAllIsolationGroups: nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs{
IsolationGroups: nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs{
GroupCategoryReferences: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
},
},
},
TwoEnvIsolationRuleSpecs: nutanix.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArray{
&nutanix.NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs{
FirstIsolationGroups: pulumi.StringArray{
pulumi.String("string"),
},
SecondIsolationGroups: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
Type: pulumi.String("string"),
Description: pulumi.String("string"),
ExtId: pulumi.String("string"),
Links: nutanix.NetworkSecurityPolicyV2RuleLinkArray{
&nutanix.NetworkSecurityPolicyV2RuleLinkArgs{
Href: pulumi.String("string"),
Rel: pulumi.String("string"),
},
},
},
},
Scope: pulumi.String("string"),
State: pulumi.String("string"),
VpcReferences: pulumi.StringArray{
pulumi.String("string"),
},
})
var networkSecurityPolicyV2Resource = new NetworkSecurityPolicyV2("networkSecurityPolicyV2Resource", NetworkSecurityPolicyV2Args.builder()
.type("string")
.description("string")
.isHitlogEnabled(false)
.isIpv6TrafficAllowed(false)
.name("string")
.rules(NetworkSecurityPolicyV2RuleArgs.builder()
.specs(NetworkSecurityPolicyV2RuleSpecArgs.builder()
.applicationRuleSpecs(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs.builder()
.securedGroupCategoryReferences("string")
.networkFunctionChainReference("string")
.serviceGroupReferences("string")
.destSubnets(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs.builder()
.prefixLength("string")
.value("string")
.build())
.icmpServices(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs.builder()
.code(0)
.isAllAllowed(false)
.type(0)
.build())
.isAllProtocolAllowed(false)
.destAddressGroupReferences("string")
.destAllowSpec("string")
.destCategoryReferences("string")
.srcAddressGroupReferences("string")
.srcAllowSpec("string")
.srcCategoryReferences("string")
.srcSubnets(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs.builder()
.prefixLength("string")
.value("string")
.build())
.tcpServices(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs.builder()
.endPort(0)
.startPort(0)
.build())
.udpServices(NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs.builder()
.endPort(0)
.startPort(0)
.build())
.build())
.intraEntityGroupRuleSpecs(NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs.builder()
.securedGroupAction("string")
.securedGroupCategoryReferences("string")
.build())
.multiEnvIsolationRuleSpecs(NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs.builder()
.specs(NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs.builder()
.allToAllIsolationGroups(NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs.builder()
.isolationGroups(NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs.builder()
.groupCategoryReferences("string")
.build())
.build())
.build())
.build())
.twoEnvIsolationRuleSpecs(NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs.builder()
.firstIsolationGroups("string")
.secondIsolationGroups("string")
.build())
.build())
.type("string")
.description("string")
.extId("string")
.links(NetworkSecurityPolicyV2RuleLinkArgs.builder()
.href("string")
.rel("string")
.build())
.build())
.scope("string")
.state("string")
.vpcReferences("string")
.build());
network_security_policy_v2_resource = nutanix.NetworkSecurityPolicyV2("networkSecurityPolicyV2Resource",
type="string",
description="string",
is_hitlog_enabled=False,
is_ipv6_traffic_allowed=False,
name="string",
rules=[{
"specs": [{
"application_rule_specs": [{
"secured_group_category_references": ["string"],
"network_function_chain_reference": "string",
"service_group_references": ["string"],
"dest_subnets": [{
"prefix_length": "string",
"value": "string",
}],
"icmp_services": [{
"code": 0,
"is_all_allowed": False,
"type": 0,
}],
"is_all_protocol_allowed": False,
"dest_address_group_references": ["string"],
"dest_allow_spec": "string",
"dest_category_references": ["string"],
"src_address_group_references": ["string"],
"src_allow_spec": "string",
"src_category_references": ["string"],
"src_subnets": [{
"prefix_length": "string",
"value": "string",
}],
"tcp_services": [{
"end_port": 0,
"start_port": 0,
}],
"udp_services": [{
"end_port": 0,
"start_port": 0,
}],
}],
"intra_entity_group_rule_specs": [{
"secured_group_action": "string",
"secured_group_category_references": ["string"],
}],
"multi_env_isolation_rule_specs": [{
"specs": [{
"all_to_all_isolation_groups": [{
"isolation_groups": [{
"group_category_references": ["string"],
}],
}],
}],
}],
"two_env_isolation_rule_specs": [{
"first_isolation_groups": ["string"],
"second_isolation_groups": ["string"],
}],
}],
"type": "string",
"description": "string",
"ext_id": "string",
"links": [{
"href": "string",
"rel": "string",
}],
}],
scope="string",
state="string",
vpc_references=["string"])
const networkSecurityPolicyV2Resource = new nutanix.NetworkSecurityPolicyV2("networkSecurityPolicyV2Resource", {
type: "string",
description: "string",
isHitlogEnabled: false,
isIpv6TrafficAllowed: false,
name: "string",
rules: [{
specs: [{
applicationRuleSpecs: [{
securedGroupCategoryReferences: ["string"],
networkFunctionChainReference: "string",
serviceGroupReferences: ["string"],
destSubnets: [{
prefixLength: "string",
value: "string",
}],
icmpServices: [{
code: 0,
isAllAllowed: false,
type: 0,
}],
isAllProtocolAllowed: false,
destAddressGroupReferences: ["string"],
destAllowSpec: "string",
destCategoryReferences: ["string"],
srcAddressGroupReferences: ["string"],
srcAllowSpec: "string",
srcCategoryReferences: ["string"],
srcSubnets: [{
prefixLength: "string",
value: "string",
}],
tcpServices: [{
endPort: 0,
startPort: 0,
}],
udpServices: [{
endPort: 0,
startPort: 0,
}],
}],
intraEntityGroupRuleSpecs: [{
securedGroupAction: "string",
securedGroupCategoryReferences: ["string"],
}],
multiEnvIsolationRuleSpecs: [{
specs: [{
allToAllIsolationGroups: [{
isolationGroups: [{
groupCategoryReferences: ["string"],
}],
}],
}],
}],
twoEnvIsolationRuleSpecs: [{
firstIsolationGroups: ["string"],
secondIsolationGroups: ["string"],
}],
}],
type: "string",
description: "string",
extId: "string",
links: [{
href: "string",
rel: "string",
}],
}],
scope: "string",
state: "string",
vpcReferences: ["string"],
});
type: nutanix:NetworkSecurityPolicyV2
properties:
description: string
isHitlogEnabled: false
isIpv6TrafficAllowed: false
name: string
rules:
- description: string
extId: string
links:
- href: string
rel: string
specs:
- applicationRuleSpecs:
- destAddressGroupReferences:
- string
destAllowSpec: string
destCategoryReferences:
- string
destSubnets:
- prefixLength: string
value: string
icmpServices:
- code: 0
isAllAllowed: false
type: 0
isAllProtocolAllowed: false
networkFunctionChainReference: string
securedGroupCategoryReferences:
- string
serviceGroupReferences:
- string
srcAddressGroupReferences:
- string
srcAllowSpec: string
srcCategoryReferences:
- string
srcSubnets:
- prefixLength: string
value: string
tcpServices:
- endPort: 0
startPort: 0
udpServices:
- endPort: 0
startPort: 0
intraEntityGroupRuleSpecs:
- securedGroupAction: string
securedGroupCategoryReferences:
- string
multiEnvIsolationRuleSpecs:
- specs:
- allToAllIsolationGroups:
- isolationGroups:
- groupCategoryReferences:
- string
twoEnvIsolationRuleSpecs:
- firstIsolationGroups:
- string
secondIsolationGroups:
- string
type: string
scope: string
state: string
type: string
vpcReferences:
- string
NetworkSecurityPolicyV2 Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The NetworkSecurityPolicyV2 resource accepts the following input properties:
- Type
This property is required. string - Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- Description string
- A user defined annotation for a policy.
- Is
Hitlog boolEnabled - If Hitlog is enabled.
- Is
Ipv6Traffic boolAllowed - If Ipv6 Traffic is allowed.
- Name string
- Name of the Flow Network Security Policy.
- Rules
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule> - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- Scope string
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- State string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- Vpc
References List<string> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- Type
This property is required. string - Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- Description string
- A user defined annotation for a policy.
- Is
Hitlog boolEnabled - If Hitlog is enabled.
- Is
Ipv6Traffic boolAllowed - If Ipv6 Traffic is allowed.
- Name string
- Name of the Flow Network Security Policy.
- Rules
[]Network
Security Policy V2Rule Args - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- Scope string
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- State string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- Vpc
References []string - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type
This property is required. String - Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- description String
- A user defined annotation for a policy.
- is
Hitlog BooleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic BooleanAllowed - If Ipv6 Traffic is allowed.
- name String
- Name of the Flow Network Security Policy.
- rules
List<Network
Security Policy V2Rule> - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope String
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- state String
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc
References List<String> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type
This property is required. string - Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- description string
- A user defined annotation for a policy.
- is
Hitlog booleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic booleanAllowed - If Ipv6 Traffic is allowed.
- name string
- Name of the Flow Network Security Policy.
- rules
Network
Security Policy V2Rule[] - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope string
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- state string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc
References string[] - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type
This property is required. str - Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- description str
- A user defined annotation for a policy.
- is_
hitlog_ boolenabled - If Hitlog is enabled.
- is_
ipv6_ booltraffic_ allowed - If Ipv6 Traffic is allowed.
- name str
- Name of the Flow Network Security Policy.
- rules
Sequence[Network
Security Policy V2Rule Args] - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope str
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- state str
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc_
references Sequence[str] - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- type
This property is required. String - Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- description String
- A user defined annotation for a policy.
- is
Hitlog BooleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic BooleanAllowed - If Ipv6 Traffic is allowed.
- name String
- Name of the Flow Network Security Policy.
- rules List<Property Map>
- A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope String
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- state String
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- vpc
References List<String> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
Outputs
All input properties are implicitly available as output properties. Additionally, the NetworkSecurityPolicyV2 resource produces the following output properties:
- Created
By string - created by.
- Creation
Time string - creation time of NSP
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
System boolDefined - Is system defined NSP
- Last
Update stringTime - last updated time
- Links
List<Piers
Karsenbarg. Nutanix. Outputs. Network Security Policy V2Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Secured
Groups List<string> - Uuids of the secured groups in the NSP.
- Tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- Created
By string - created by.
- Creation
Time string - creation time of NSP
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Id string
- The provider-assigned unique ID for this managed resource.
- Is
System boolDefined - Is system defined NSP
- Last
Update stringTime - last updated time
- Links
[]Network
Security Policy V2Link - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Secured
Groups []string - Uuids of the secured groups in the NSP.
- Tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- created
By String - created by.
- creation
Time String - creation time of NSP
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- id String
- The provider-assigned unique ID for this managed resource.
- is
System BooleanDefined - Is system defined NSP
- last
Update StringTime - last updated time
- links
List<Network
Security Policy V2Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured
Groups List<String> - Uuids of the secured groups in the NSP.
- tenant
Id String - A globally unique identifier that represents the tenant that owns this entity
- created
By string - created by.
- creation
Time string - creation time of NSP
- ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- id string
- The provider-assigned unique ID for this managed resource.
- is
System booleanDefined - Is system defined NSP
- last
Update stringTime - last updated time
- links
Network
Security Policy V2Link[] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured
Groups string[] - Uuids of the secured groups in the NSP.
- tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- created_
by str - created by.
- creation_
time str - creation time of NSP
- ext_
id str - A globally unique identifier of an instance that is suitable for external consumption.
- id str
- The provider-assigned unique ID for this managed resource.
- is_
system_ booldefined - Is system defined NSP
- last_
update_ strtime - last updated time
- links
Sequence[Network
Security Policy V2Link] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured_
groups Sequence[str] - Uuids of the secured groups in the NSP.
- tenant_
id str - A globally unique identifier that represents the tenant that owns this entity
- created
By String - created by.
- creation
Time String - creation time of NSP
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- id String
- The provider-assigned unique ID for this managed resource.
- is
System BooleanDefined - Is system defined NSP
- last
Update StringTime - last updated time
- links List<Property Map>
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- secured
Groups List<String> - Uuids of the secured groups in the NSP.
- tenant
Id String - A globally unique identifier that represents the tenant that owns this entity
Look up Existing NetworkSecurityPolicyV2 Resource
Get an existing NetworkSecurityPolicyV2 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: NetworkSecurityPolicyV2State, opts?: CustomResourceOptions): NetworkSecurityPolicyV2@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created_by: Optional[str] = None,
creation_time: Optional[str] = None,
description: Optional[str] = None,
ext_id: Optional[str] = None,
is_hitlog_enabled: Optional[bool] = None,
is_ipv6_traffic_allowed: Optional[bool] = None,
is_system_defined: Optional[bool] = None,
last_update_time: Optional[str] = None,
links: Optional[Sequence[NetworkSecurityPolicyV2LinkArgs]] = None,
name: Optional[str] = None,
rules: Optional[Sequence[NetworkSecurityPolicyV2RuleArgs]] = None,
scope: Optional[str] = None,
secured_groups: Optional[Sequence[str]] = None,
state: Optional[str] = None,
tenant_id: Optional[str] = None,
type: Optional[str] = None,
vpc_references: Optional[Sequence[str]] = None) -> NetworkSecurityPolicyV2func GetNetworkSecurityPolicyV2(ctx *Context, name string, id IDInput, state *NetworkSecurityPolicyV2State, opts ...ResourceOption) (*NetworkSecurityPolicyV2, error)public static NetworkSecurityPolicyV2 Get(string name, Input<string> id, NetworkSecurityPolicyV2State? state, CustomResourceOptions? opts = null)public static NetworkSecurityPolicyV2 get(String name, Output<String> id, NetworkSecurityPolicyV2State state, CustomResourceOptions options)resources: _: type: nutanix:NetworkSecurityPolicyV2 get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Created
By string - created by.
- Creation
Time string - creation time of NSP
- Description string
- A user defined annotation for a policy.
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Is
Hitlog boolEnabled - If Hitlog is enabled.
- Is
Ipv6Traffic boolAllowed - If Ipv6 Traffic is allowed.
- Is
System boolDefined - Is system defined NSP
- Last
Update stringTime - last updated time
- Links
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Name string
- Name of the Flow Network Security Policy.
- Rules
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule> - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- Scope string
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- Secured
Groups List<string> - Uuids of the secured groups in the NSP.
- State string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- Tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- Type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- Vpc
References List<string> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- Created
By string - created by.
- Creation
Time string - creation time of NSP
- Description string
- A user defined annotation for a policy.
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Is
Hitlog boolEnabled - If Hitlog is enabled.
- Is
Ipv6Traffic boolAllowed - If Ipv6 Traffic is allowed.
- Is
System boolDefined - Is system defined NSP
- Last
Update stringTime - last updated time
- Links
[]Network
Security Policy V2Link Args - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Name string
- Name of the Flow Network Security Policy.
- Rules
[]Network
Security Policy V2Rule Args - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- Scope string
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- Secured
Groups []string - Uuids of the secured groups in the NSP.
- State string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- Tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- Type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- Vpc
References []string - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created
By String - created by.
- creation
Time String - creation time of NSP
- description String
- A user defined annotation for a policy.
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- is
Hitlog BooleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic BooleanAllowed - If Ipv6 Traffic is allowed.
- is
System BooleanDefined - Is system defined NSP
- last
Update StringTime - last updated time
- links
List<Network
Security Policy V2Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name String
- Name of the Flow Network Security Policy.
- rules
List<Network
Security Policy V2Rule> - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope String
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- secured
Groups List<String> - Uuids of the secured groups in the NSP.
- state String
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant
Id String - A globally unique identifier that represents the tenant that owns this entity
- type String
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- vpc
References List<String> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created
By string - created by.
- creation
Time string - creation time of NSP
- description string
- A user defined annotation for a policy.
- ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- is
Hitlog booleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic booleanAllowed - If Ipv6 Traffic is allowed.
- is
System booleanDefined - Is system defined NSP
- last
Update stringTime - last updated time
- links
Network
Security Policy V2Link[] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name string
- Name of the Flow Network Security Policy.
- rules
Network
Security Policy V2Rule[] - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope string
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- secured
Groups string[] - Uuids of the secured groups in the NSP.
- state string
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant
Id string - A globally unique identifier that represents the tenant that owns this entity
- type string
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- vpc
References string[] - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created_
by str - created by.
- creation_
time str - creation time of NSP
- description str
- A user defined annotation for a policy.
- ext_
id str - A globally unique identifier of an instance that is suitable for external consumption.
- is_
hitlog_ boolenabled - If Hitlog is enabled.
- is_
ipv6_ booltraffic_ allowed - If Ipv6 Traffic is allowed.
- is_
system_ booldefined - Is system defined NSP
- last_
update_ strtime - last updated time
- links
Sequence[Network
Security Policy V2Link Args] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name str
- Name of the Flow Network Security Policy.
- rules
Sequence[Network
Security Policy V2Rule Args] - A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope str
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- secured_
groups Sequence[str] - Uuids of the secured groups in the NSP.
- state str
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant_
id str - A globally unique identifier that represents the tenant that owns this entity
- type str
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- vpc_
references Sequence[str] - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
- created
By String - created by.
- creation
Time String - creation time of NSP
- description String
- A user defined annotation for a policy.
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- is
Hitlog BooleanEnabled - If Hitlog is enabled.
- is
Ipv6Traffic BooleanAllowed - If Ipv6 Traffic is allowed.
- is
System BooleanDefined - Is system defined NSP
- last
Update StringTime - last updated time
- links List<Property Map>
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- name String
- Name of the Flow Network Security Policy.
- rules List<Property Map>
- A list of rules that form a policy. For isolation policies, use isolation rules; for application or quarantine policies, use application rules.
- scope String
- Defines the scope of the policy. Currently, only ALL_VLAN and VPC_LIST are supported. If scope is not provided, the default is set based on whether vpcReferences field is provided or not.
- secured
Groups List<String> - Uuids of the secured groups in the NSP.
- state String
- Whether the policy is applied or monitored; can be omitted or set null to save the policy without applying or monitoring it. Acceptable values are "SAVE", "MONITOR", "ENFORCE".
- tenant
Id String - A globally unique identifier that represents the tenant that owns this entity
- type String
- Defines the type of rules that can be used in a policy. Acceptable values are "QUARANTINE", "ISOLATION", "APPLICATION".
- vpc
References List<String> - A list of external ids for VPCs, used only when the scope of policy is a list of VPCs.
Supporting Types
NetworkSecurityPolicyV2Link, NetworkSecurityPolicyV2LinkArgs
, NetworkSecurityPolicyV2LinkArgs
NetworkSecurityPolicyV2Rule, NetworkSecurityPolicyV2RuleArgs
, NetworkSecurityPolicyV2RuleArgs
- Specs
This property is required. List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec> - Spec for rules.
- Type
This property is required. string - The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP".
- Description string
- A user defined annotation for a rule.
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Links
List<Piers
Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- Specs
This property is required. []NetworkSecurity Policy V2Rule Spec - Spec for rules.
- Type
This property is required. string - The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP".
- Description string
- A user defined annotation for a rule.
- Ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- Links
[]Network
Security Policy V2Rule Link - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs
This property is required. List<NetworkSecurity Policy V2Rule Spec> - Spec for rules.
- type
This property is required. String - The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP".
- description String
- A user defined annotation for a rule.
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- links
List<Network
Security Policy V2Rule Link> - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs
This property is required. NetworkSecurity Policy V2Rule Spec[] - Spec for rules.
- type
This property is required. string - The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP".
- description string
- A user defined annotation for a rule.
- ext
Id string - A globally unique identifier of an instance that is suitable for external consumption.
- links
Network
Security Policy V2Rule Link[] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs
This property is required. Sequence[NetworkSecurity Policy V2Rule Spec] - Spec for rules.
- type
This property is required. str - The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP".
- description str
- A user defined annotation for a rule.
- ext_
id str - A globally unique identifier of an instance that is suitable for external consumption.
- links
Sequence[Network
Security Policy V2Rule Link] - A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
- specs
This property is required. List<Property Map> - Spec for rules.
- type
This property is required. String - The type for a rule—the value chosen here restricts which specification can be chosen. Acceptable values are "QUARANTINE", "TWO_ENV_ISOLATION", "APPLICATION", "INTRA_GROUP".
- description String
- A user defined annotation for a rule.
- ext
Id String - A globally unique identifier of an instance that is suitable for external consumption.
- links List<Property Map>
- A HATEOAS style link for the response. Each link contains a user-friendly name identifying the link and an address for retrieving the particular resource.
NetworkSecurityPolicyV2RuleLink, NetworkSecurityPolicyV2RuleLinkArgs
, NetworkSecurityPolicyV2RuleLinkArgs
NetworkSecurityPolicyV2RuleSpec, NetworkSecurityPolicyV2RuleSpecArgs
, NetworkSecurityPolicyV2RuleSpecArgs
- Application
Rule List<PiersSpecs Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec> - Application Rule Spec.
- Intra
Entity List<PiersGroup Rule Specs Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Intra Entity Group Rule Spec> - Intra entity group Rule Spec
- Multi
Env List<PiersIsolation Rule Specs Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Multi Env Isolation Rule Spec> - Multi Environment Isolation Rule Spec.
- Two
Env List<PiersIsolation Rule Specs Karsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Two Env Isolation Rule Spec> - Two Environment Isolation Rule Spec.
- Application
Rule []NetworkSpecs Security Policy V2Rule Spec Application Rule Spec - Application Rule Spec.
- Intra
Entity []NetworkGroup Rule Specs Security Policy V2Rule Spec Intra Entity Group Rule Spec - Intra entity group Rule Spec
- Multi
Env []NetworkIsolation Rule Specs Security Policy V2Rule Spec Multi Env Isolation Rule Spec - Multi Environment Isolation Rule Spec.
- Two
Env []NetworkIsolation Rule Specs Security Policy V2Rule Spec Two Env Isolation Rule Spec - Two Environment Isolation Rule Spec.
- application
Rule List<NetworkSpecs Security Policy V2Rule Spec Application Rule Spec> - Application Rule Spec.
- intra
Entity List<NetworkGroup Rule Specs Security Policy V2Rule Spec Intra Entity Group Rule Spec> - Intra entity group Rule Spec
- multi
Env List<NetworkIsolation Rule Specs Security Policy V2Rule Spec Multi Env Isolation Rule Spec> - Multi Environment Isolation Rule Spec.
- two
Env List<NetworkIsolation Rule Specs Security Policy V2Rule Spec Two Env Isolation Rule Spec> - Two Environment Isolation Rule Spec.
- application
Rule NetworkSpecs Security Policy V2Rule Spec Application Rule Spec[] - Application Rule Spec.
- intra
Entity NetworkGroup Rule Specs Security Policy V2Rule Spec Intra Entity Group Rule Spec[] - Intra entity group Rule Spec
- multi
Env NetworkIsolation Rule Specs Security Policy V2Rule Spec Multi Env Isolation Rule Spec[] - Multi Environment Isolation Rule Spec.
- two
Env NetworkIsolation Rule Specs Security Policy V2Rule Spec Two Env Isolation Rule Spec[] - Two Environment Isolation Rule Spec.
- application_
rule_ Sequence[Networkspecs Security Policy V2Rule Spec Application Rule Spec] - Application Rule Spec.
- intra_
entity_ Sequence[Networkgroup_ rule_ specs Security Policy V2Rule Spec Intra Entity Group Rule Spec] - Intra entity group Rule Spec
- multi_
env_ Sequence[Networkisolation_ rule_ specs Security Policy V2Rule Spec Multi Env Isolation Rule Spec] - Multi Environment Isolation Rule Spec.
- two_
env_ Sequence[Networkisolation_ rule_ specs Security Policy V2Rule Spec Two Env Isolation Rule Spec] - Two Environment Isolation Rule Spec.
- application
Rule List<Property Map>Specs - Application Rule Spec.
- intra
Entity List<Property Map>Group Rule Specs - Intra entity group Rule Spec
- multi
Env List<Property Map>Isolation Rule Specs - Multi Environment Isolation Rule Spec.
- two
Env List<Property Map>Isolation Rule Specs - Two Environment Isolation Rule Spec.
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpec, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs
, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecArgs
- Secured
Group Category References This property is required. List<string> - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- Dest
Address List<string>Group References - A list of address group references.
- Dest
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- Dest
Category List<string>References - List of categories that define a set of network endpoints as outbound.
- Dest
Subnets List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Dest Subnet> - destination subnet value
- Icmp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Icmp Service> - icmp services
- Is
All boolProtocol Allowed - Denotes if rule allows traffic for all protocol.
- Network
Function stringChain Reference - A reference to the network function chain in the rule.
- Service
Group List<string>References - A list of service group references.
- Src
Address List<string>Group References - A list of address group references.
- Src
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- Src
Category List<string>References - List of categories that define a set of network endpoints as inbound.
- Src
Subnets List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Src Subnet> - source subnet value
- Tcp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Tcp Service> - tcp services
- Udp
Services List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Application Rule Spec Udp Service> - udp services
- Secured
Group Category References This property is required. []string - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- Dest
Address []stringGroup References - A list of address group references.
- Dest
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- Dest
Category []stringReferences - List of categories that define a set of network endpoints as outbound.
- Dest
Subnets []NetworkSecurity Policy V2Rule Spec Application Rule Spec Dest Subnet - destination subnet value
- Icmp
Services []NetworkSecurity Policy V2Rule Spec Application Rule Spec Icmp Service - icmp services
- Is
All boolProtocol Allowed - Denotes if rule allows traffic for all protocol.
- Network
Function stringChain Reference - A reference to the network function chain in the rule.
- Service
Group []stringReferences - A list of service group references.
- Src
Address []stringGroup References - A list of address group references.
- Src
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- Src
Category []stringReferences - List of categories that define a set of network endpoints as inbound.
- Src
Subnets []NetworkSecurity Policy V2Rule Spec Application Rule Spec Src Subnet - source subnet value
- Tcp
Services []NetworkSecurity Policy V2Rule Spec Application Rule Spec Tcp Service - tcp services
- Udp
Services []NetworkSecurity Policy V2Rule Spec Application Rule Spec Udp Service - udp services
- secured
Group Category References This property is required. List<String> - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest
Address List<String>Group References - A list of address group references.
- dest
Allow StringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest
Category List<String>References - List of categories that define a set of network endpoints as outbound.
- dest
Subnets List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Dest Subnet> - destination subnet value
- icmp
Services List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Icmp Service> - icmp services
- is
All BooleanProtocol Allowed - Denotes if rule allows traffic for all protocol.
- network
Function StringChain Reference - A reference to the network function chain in the rule.
- service
Group List<String>References - A list of service group references.
- src
Address List<String>Group References - A list of address group references.
- src
Allow StringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src
Category List<String>References - List of categories that define a set of network endpoints as inbound.
- src
Subnets List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Src Subnet> - source subnet value
- tcp
Services List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Tcp Service> - tcp services
- udp
Services List<NetworkSecurity Policy V2Rule Spec Application Rule Spec Udp Service> - udp services
- secured
Group Category References This property is required. string[] - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest
Address string[]Group References - A list of address group references.
- dest
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest
Category string[]References - List of categories that define a set of network endpoints as outbound.
- dest
Subnets NetworkSecurity Policy V2Rule Spec Application Rule Spec Dest Subnet[] - destination subnet value
- icmp
Services NetworkSecurity Policy V2Rule Spec Application Rule Spec Icmp Service[] - icmp services
- is
All booleanProtocol Allowed - Denotes if rule allows traffic for all protocol.
- network
Function stringChain Reference - A reference to the network function chain in the rule.
- service
Group string[]References - A list of service group references.
- src
Address string[]Group References - A list of address group references.
- src
Allow stringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src
Category string[]References - List of categories that define a set of network endpoints as inbound.
- src
Subnets NetworkSecurity Policy V2Rule Spec Application Rule Spec Src Subnet[] - source subnet value
- tcp
Services NetworkSecurity Policy V2Rule Spec Application Rule Spec Tcp Service[] - tcp services
- udp
Services NetworkSecurity Policy V2Rule Spec Application Rule Spec Udp Service[] - udp services
- secured_
group_ category_ references This property is required. Sequence[str] - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest_
address_ Sequence[str]group_ references - A list of address group references.
- dest_
allow_ strspec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest_
category_ Sequence[str]references - List of categories that define a set of network endpoints as outbound.
- dest_
subnets Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Dest Subnet] - destination subnet value
- icmp_
services Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Icmp Service] - icmp services
- is_
all_ boolprotocol_ allowed - Denotes if rule allows traffic for all protocol.
- network_
function_ strchain_ reference - A reference to the network function chain in the rule.
- service_
group_ Sequence[str]references - A list of service group references.
- src_
address_ Sequence[str]group_ references - A list of address group references.
- src_
allow_ strspec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src_
category_ Sequence[str]references - List of categories that define a set of network endpoints as inbound.
- src_
subnets Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Src Subnet] - source subnet value
- tcp_
services Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Tcp Service] - tcp services
- udp_
services Sequence[NetworkSecurity Policy V2Rule Spec Application Rule Spec Udp Service] - udp services
- secured
Group Category References This property is required. List<String> - A set of network endpoints which is protected by a Network Security Policy and defined as a list of categories.
- dest
Address List<String>Group References - A list of address group references.
- dest
Allow StringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- dest
Category List<String>References - List of categories that define a set of network endpoints as outbound.
- dest
Subnets List<Property Map> - destination subnet value
- icmp
Services List<Property Map> - icmp services
- is
All BooleanProtocol Allowed - Denotes if rule allows traffic for all protocol.
- network
Function StringChain Reference - A reference to the network function chain in the rule.
- service
Group List<String>References - A list of service group references.
- src
Address List<String>Group References - A list of address group references.
- src
Allow StringSpec - A specification to how allow mode traffic should be applied, either ALL or NONE.
- src
Category List<String>References - List of categories that define a set of network endpoints as inbound.
- src
Subnets List<Property Map> - source subnet value
- tcp
Services List<Property Map> - tcp services
- udp
Services List<Property Map> - udp services
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnet, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs
, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecDestSubnetArgs
- Prefix
Length string - Value string
- Prefix
Length string - Value string
- prefix
Length String - value String
- prefix
Length string - value string
- prefix_
length str - value str
- prefix
Length String - value String
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpService, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs
, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecIcmpServiceArgs
- Code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- Is
All boolAllowed - Set this field to true if both Type and Code is ANY.
- Type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- Code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- Is
All boolAllowed - Set this field to true if both Type and Code is ANY.
- Type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- code Integer
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All BooleanAllowed - Set this field to true if both Type and Code is ANY.
- type Integer
- Icmp service Type. Ignore this field if Type has to be ANY.
- code number
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All booleanAllowed - Set this field to true if both Type and Code is ANY.
- type number
- Icmp service Type. Ignore this field if Type has to be ANY.
- code int
- Icmp service Code. Ignore this field if Code has to be ANY.
- is_
all_ boolallowed - Set this field to true if both Type and Code is ANY.
- type int
- Icmp service Type. Ignore this field if Type has to be ANY.
- code Number
- Icmp service Code. Ignore this field if Code has to be ANY.
- is
All BooleanAllowed - Set this field to true if both Type and Code is ANY.
- type Number
- Icmp service Type. Ignore this field if Type has to be ANY.
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnet, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs
, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecSrcSubnetArgs
- Prefix
Length string - Value string
- Prefix
Length string - Value string
- prefix
Length String - value String
- prefix
Length string - value string
- prefix_
length str - value str
- prefix
Length String - value String
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpService, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs
, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecTcpServiceArgs
- end_
port This property is required. int - end port
- start_
port This property is required. int - start port
NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpService, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs
, NetworkSecurityPolicyV2RuleSpecApplicationRuleSpecUdpServiceArgs
- end_
port This property is required. int - end port
- start_
port This property is required. int - start port
NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpec, NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs
, NetworkSecurityPolicyV2RuleSpecIntraEntityGroupRuleSpecArgs
- Secured
Group stringAction - List of secured group action.
- Secured
Group List<string>Category References - A specification to whether traffic between intra secured group entities should be allowed or denied.
- Secured
Group stringAction - List of secured group action.
- Secured
Group []stringCategory References - A specification to whether traffic between intra secured group entities should be allowed or denied.
- secured
Group StringAction - List of secured group action.
- secured
Group List<String>Category References - A specification to whether traffic between intra secured group entities should be allowed or denied.
- secured
Group stringAction - List of secured group action.
- secured
Group string[]Category References - A specification to whether traffic between intra secured group entities should be allowed or denied.
- secured_
group_ straction - List of secured group action.
- secured_
group_ Sequence[str]category_ references - A specification to whether traffic between intra secured group entities should be allowed or denied.
- secured
Group StringAction - List of secured group action.
- secured
Group List<String>Category References - A specification to whether traffic between intra secured group entities should be allowed or denied.
NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpec, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs
, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecArgs
- Specs
This property is required. List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec> - Multi Environment Isolation Rule Spec.
- Specs
This property is required. []NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec - Multi Environment Isolation Rule Spec.
- specs
This property is required. List<NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec> - Multi Environment Isolation Rule Spec.
- specs
This property is required. NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec[] - Multi Environment Isolation Rule Spec.
- specs
This property is required. Sequence[NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec] - Multi Environment Isolation Rule Spec.
- specs
This property is required. List<Property Map> - Multi Environment Isolation Rule Spec.
NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpec, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs
, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecArgs
- All
To []NetworkAll Isolation Groups Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group - all to all isolation groups
- all
To List<NetworkAll Isolation Groups Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group> - all to all isolation groups
- all
To NetworkAll Isolation Groups Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group[] - all to all isolation groups
- all
To List<Property Map>All Isolation Groups - all to all isolation groups
NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroup, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs
, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupArgs
- Isolation
Groups This property is required. List<PiersKarsenbarg. Nutanix. Inputs. Network Security Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group> - Denotes the list of secured groups that will be used in All to All mutual isolation.
- Isolation
Groups This property is required. []NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation
Groups This property is required. List<NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group> - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation
Groups This property is required. NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group[] - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation_
groups This property is required. Sequence[NetworkSecurity Policy V2Rule Spec Multi Env Isolation Rule Spec Spec All To All Isolation Group Isolation Group] - Denotes the list of secured groups that will be used in All to All mutual isolation.
- isolation
Groups This property is required. List<Property Map> - Denotes the list of secured groups that will be used in All to All mutual isolation.
NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroup, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs
, NetworkSecurityPolicyV2RuleSpecMultiEnvIsolationRuleSpecSpecAllToAllIsolationGroupIsolationGroupArgs
- Group
Category References This property is required. List<string> - External identifiers of categories belonging to the isolation group.
- Group
Category References This property is required. []string - External identifiers of categories belonging to the isolation group.
- group
Category References This property is required. List<String> - External identifiers of categories belonging to the isolation group.
- group
Category References This property is required. string[] - External identifiers of categories belonging to the isolation group.
- group_
category_ references This property is required. Sequence[str] - External identifiers of categories belonging to the isolation group.
- group
Category References This property is required. List<String> - External identifiers of categories belonging to the isolation group.
NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpec, NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs
, NetworkSecurityPolicyV2RuleSpecTwoEnvIsolationRuleSpecArgs
- First
Isolation Groups This property is required. List<string> - Denotes the first group of category uuids that will be used in an isolation policy.
- Second
Isolation Groups This property is required. List<string> - Denotes the second group of category uuids that will be used in an isolation policy.
- First
Isolation Groups This property is required. []string - Denotes the first group of category uuids that will be used in an isolation policy.
- Second
Isolation Groups This property is required. []string - Denotes the second group of category uuids that will be used in an isolation policy.
- first
Isolation Groups This property is required. List<String> - Denotes the first group of category uuids that will be used in an isolation policy.
- second
Isolation Groups This property is required. List<String> - Denotes the second group of category uuids that will be used in an isolation policy.
- first
Isolation Groups This property is required. string[] - Denotes the first group of category uuids that will be used in an isolation policy.
- second
Isolation Groups This property is required. string[] - Denotes the second group of category uuids that will be used in an isolation policy.
- first_
isolation_ groups This property is required. Sequence[str] - Denotes the first group of category uuids that will be used in an isolation policy.
- second_
isolation_ groups This property is required. Sequence[str] - Denotes the second group of category uuids that will be used in an isolation policy.
- first
Isolation Groups This property is required. List<String> - Denotes the first group of category uuids that will be used in an isolation policy.
- second
Isolation Groups This property is required. List<String> - Denotes the second group of category uuids that will be used in an isolation policy.
Package Details
- Repository
- nutanix pierskarsenbarg/pulumi-nutanix
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
nutanixTerraform Provider.