Docs
PackagesCisco ISE v0.1.4 published on Friday, May 31, 2024 by Pulumi
ise.networkaccess.AuthorizationRule
Explore with Pulumi AI
This resource can manage a Network Access Authorization Rule.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as ise from "@pulumi/ise";
const example = new ise.networkaccess.AuthorizationRule("example", {
policySetId: "d82952cb-b901-4b09-b363-5ebf39bdbaf9",
name: "Rule1",
"default": false,
rank: 0,
state: "enabled",
conditionType: "ConditionAttributes",
conditionIsNegate: false,
conditionAttributeName: "Location",
conditionAttributeValue: "All Locations",
conditionDictionaryName: "DEVICE",
conditionOperator: "equals",
profiles: ["PermitAccess"],
securityGroup: "BYOD",
});
import pulumi
import pulumi_ise as ise
example = ise.networkaccess.AuthorizationRule("example",
policy_set_id="d82952cb-b901-4b09-b363-5ebf39bdbaf9",
name="Rule1",
default=False,
rank=0,
state="enabled",
condition_type="ConditionAttributes",
condition_is_negate=False,
condition_attribute_name="Location",
condition_attribute_value="All Locations",
condition_dictionary_name="DEVICE",
condition_operator="equals",
profiles=["PermitAccess"],
security_group="BYOD")
package main
import (
"github.com/pulumi/pulumi-ise/sdk/go/ise/networkaccess"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkaccess.NewAuthorizationRule(ctx, "example", &networkaccess.AuthorizationRuleArgs{
PolicySetId: pulumi.String("d82952cb-b901-4b09-b363-5ebf39bdbaf9"),
Name: pulumi.String("Rule1"),
Default: pulumi.Bool(false),
Rank: pulumi.Int(0),
State: pulumi.String("enabled"),
ConditionType: pulumi.String("ConditionAttributes"),
ConditionIsNegate: pulumi.Bool(false),
ConditionAttributeName: pulumi.String("Location"),
ConditionAttributeValue: pulumi.String("All Locations"),
ConditionDictionaryName: pulumi.String("DEVICE"),
ConditionOperator: pulumi.String("equals"),
Profiles: pulumi.StringArray{
pulumi.String("PermitAccess"),
},
SecurityGroup: pulumi.String("BYOD"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ise = Pulumi.Ise;
return await Deployment.RunAsync(() =>
{
var example = new Ise.NetworkAccess.AuthorizationRule("example", new()
{
PolicySetId = "d82952cb-b901-4b09-b363-5ebf39bdbaf9",
Name = "Rule1",
Default = false,
Rank = 0,
State = "enabled",
ConditionType = "ConditionAttributes",
ConditionIsNegate = false,
ConditionAttributeName = "Location",
ConditionAttributeValue = "All Locations",
ConditionDictionaryName = "DEVICE",
ConditionOperator = "equals",
Profiles = new[]
{
"PermitAccess",
},
SecurityGroup = "BYOD",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ise.networkaccess.AuthorizationRule;
import com.pulumi.ise.networkaccess.AuthorizationRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AuthorizationRule("example", AuthorizationRuleArgs.builder()
.policySetId("d82952cb-b901-4b09-b363-5ebf39bdbaf9")
.name("Rule1")
.default_(false)
.rank(0)
.state("enabled")
.conditionType("ConditionAttributes")
.conditionIsNegate(false)
.conditionAttributeName("Location")
.conditionAttributeValue("All Locations")
.conditionDictionaryName("DEVICE")
.conditionOperator("equals")
.profiles("PermitAccess")
.securityGroup("BYOD")
.build());
}
}
resources:
example:
type: ise:networkaccess:AuthorizationRule
properties:
policySetId: d82952cb-b901-4b09-b363-5ebf39bdbaf9
name: Rule1
default: false
rank: 0
state: enabled
conditionType: ConditionAttributes
conditionIsNegate: false
conditionAttributeName: Location
conditionAttributeValue: All Locations
conditionDictionaryName: DEVICE
conditionOperator: equals
profiles:
- PermitAccess
securityGroup: BYOD
Create AuthorizationRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AuthorizationRule(name: string, args: AuthorizationRuleArgs, opts?: CustomResourceOptions);@overload
def AuthorizationRule(resource_name: str,
args: AuthorizationRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AuthorizationRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
policy_set_id: Optional[str] = None,
condition_type: Optional[str] = None,
default: Optional[bool] = None,
condition_dictionary_name: Optional[str] = None,
condition_dictionary_value: Optional[str] = None,
condition_id: Optional[str] = None,
condition_is_negate: Optional[bool] = None,
condition_attribute_value: Optional[str] = None,
childrens: Optional[Sequence[AuthorizationRuleChildrenArgs]] = None,
condition_operator: Optional[str] = None,
name: Optional[str] = None,
condition_attribute_name: Optional[str] = None,
profiles: Optional[Sequence[str]] = None,
rank: Optional[int] = None,
security_group: Optional[str] = None,
state: Optional[str] = None)func NewAuthorizationRule(ctx *Context, name string, args AuthorizationRuleArgs, opts ...ResourceOption) (*AuthorizationRule, error)public AuthorizationRule(string name, AuthorizationRuleArgs args, CustomResourceOptions? opts = null)
public AuthorizationRule(String name, AuthorizationRuleArgs args)
public AuthorizationRule(String name, AuthorizationRuleArgs args, CustomResourceOptions options)
type: ise:networkaccess:AuthorizationRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AuthorizationRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AuthorizationRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AuthorizationRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AuthorizationRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AuthorizationRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var iseAuthorizationRuleResource = new Ise.NetworkAccess.AuthorizationRule("iseAuthorizationRuleResource", new()
{
PolicySetId = "string",
ConditionType = "string",
Default = false,
ConditionDictionaryName = "string",
ConditionDictionaryValue = "string",
ConditionId = "string",
ConditionIsNegate = false,
ConditionAttributeValue = "string",
Childrens = new[]
{
new Ise.NetworkAccess.Inputs.AuthorizationRuleChildrenArgs
{
ConditionType = "string",
AttributeName = "string",
AttributeValue = "string",
Childrens = new[]
{
new Ise.NetworkAccess.Inputs.AuthorizationRuleChildrenChildrenArgs
{
ConditionType = "string",
AttributeName = "string",
AttributeValue = "string",
DictionaryName = "string",
DictionaryValue = "string",
Id = "string",
IsNegate = false,
Operator = "string",
},
},
DictionaryName = "string",
DictionaryValue = "string",
Id = "string",
IsNegate = false,
Operator = "string",
},
},
ConditionOperator = "string",
Name = "string",
ConditionAttributeName = "string",
Profiles = new[]
{
"string",
},
Rank = 0,
SecurityGroup = "string",
State = "string",
});
example, err := networkaccess.NewAuthorizationRule(ctx, "iseAuthorizationRuleResource", &networkaccess.AuthorizationRuleArgs{
PolicySetId: pulumi.String("string"),
ConditionType: pulumi.String("string"),
Default: pulumi.Bool(false),
ConditionDictionaryName: pulumi.String("string"),
ConditionDictionaryValue: pulumi.String("string"),
ConditionId: pulumi.String("string"),
ConditionIsNegate: pulumi.Bool(false),
ConditionAttributeValue: pulumi.String("string"),
Childrens: networkaccess.AuthorizationRuleChildrenArray{
&networkaccess.AuthorizationRuleChildrenArgs{
ConditionType: pulumi.String("string"),
AttributeName: pulumi.String("string"),
AttributeValue: pulumi.String("string"),
Childrens: networkaccess.AuthorizationRuleChildrenChildrenArray{
&networkaccess.AuthorizationRuleChildrenChildrenArgs{
ConditionType: pulumi.String("string"),
AttributeName: pulumi.String("string"),
AttributeValue: pulumi.String("string"),
DictionaryName: pulumi.String("string"),
DictionaryValue: pulumi.String("string"),
Id: pulumi.String("string"),
IsNegate: pulumi.Bool(false),
Operator: pulumi.String("string"),
},
},
DictionaryName: pulumi.String("string"),
DictionaryValue: pulumi.String("string"),
Id: pulumi.String("string"),
IsNegate: pulumi.Bool(false),
Operator: pulumi.String("string"),
},
},
ConditionOperator: pulumi.String("string"),
Name: pulumi.String("string"),
ConditionAttributeName: pulumi.String("string"),
Profiles: pulumi.StringArray{
pulumi.String("string"),
},
Rank: pulumi.Int(0),
SecurityGroup: pulumi.String("string"),
State: pulumi.String("string"),
})
var iseAuthorizationRuleResource = new AuthorizationRule("iseAuthorizationRuleResource", AuthorizationRuleArgs.builder()
.policySetId("string")
.conditionType("string")
.default_(false)
.conditionDictionaryName("string")
.conditionDictionaryValue("string")
.conditionId("string")
.conditionIsNegate(false)
.conditionAttributeValue("string")
.childrens(AuthorizationRuleChildrenArgs.builder()
.conditionType("string")
.attributeName("string")
.attributeValue("string")
.childrens(AuthorizationRuleChildrenChildrenArgs.builder()
.conditionType("string")
.attributeName("string")
.attributeValue("string")
.dictionaryName("string")
.dictionaryValue("string")
.id("string")
.isNegate(false)
.operator("string")
.build())
.dictionaryName("string")
.dictionaryValue("string")
.id("string")
.isNegate(false)
.operator("string")
.build())
.conditionOperator("string")
.name("string")
.conditionAttributeName("string")
.profiles("string")
.rank(0)
.securityGroup("string")
.state("string")
.build());
ise_authorization_rule_resource = ise.networkaccess.AuthorizationRule("iseAuthorizationRuleResource",
policy_set_id="string",
condition_type="string",
default=False,
condition_dictionary_name="string",
condition_dictionary_value="string",
condition_id="string",
condition_is_negate=False,
condition_attribute_value="string",
childrens=[ise.networkaccess.AuthorizationRuleChildrenArgs(
condition_type="string",
attribute_name="string",
attribute_value="string",
childrens=[ise.networkaccess.AuthorizationRuleChildrenChildrenArgs(
condition_type="string",
attribute_name="string",
attribute_value="string",
dictionary_name="string",
dictionary_value="string",
id="string",
is_negate=False,
operator="string",
)],
dictionary_name="string",
dictionary_value="string",
id="string",
is_negate=False,
operator="string",
)],
condition_operator="string",
name="string",
condition_attribute_name="string",
profiles=["string"],
rank=0,
security_group="string",
state="string")
const iseAuthorizationRuleResource = new ise.networkaccess.AuthorizationRule("iseAuthorizationRuleResource", {
policySetId: "string",
conditionType: "string",
"default": false,
conditionDictionaryName: "string",
conditionDictionaryValue: "string",
conditionId: "string",
conditionIsNegate: false,
conditionAttributeValue: "string",
childrens: [{
conditionType: "string",
attributeName: "string",
attributeValue: "string",
childrens: [{
conditionType: "string",
attributeName: "string",
attributeValue: "string",
dictionaryName: "string",
dictionaryValue: "string",
id: "string",
isNegate: false,
operator: "string",
}],
dictionaryName: "string",
dictionaryValue: "string",
id: "string",
isNegate: false,
operator: "string",
}],
conditionOperator: "string",
name: "string",
conditionAttributeName: "string",
profiles: ["string"],
rank: 0,
securityGroup: "string",
state: "string",
});
type: ise:networkaccess:AuthorizationRule
properties:
childrens:
- attributeName: string
attributeValue: string
childrens:
- attributeName: string
attributeValue: string
conditionType: string
dictionaryName: string
dictionaryValue: string
id: string
isNegate: false
operator: string
conditionType: string
dictionaryName: string
dictionaryValue: string
id: string
isNegate: false
operator: string
conditionAttributeName: string
conditionAttributeValue: string
conditionDictionaryName: string
conditionDictionaryValue: string
conditionId: string
conditionIsNegate: false
conditionOperator: string
conditionType: string
default: false
name: string
policySetId: string
profiles:
- string
rank: 0
securityGroup: string
state: string
AuthorizationRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The AuthorizationRule resource accepts the following input properties:
- Policy
Set stringId - Policy set ID
- Childrens
List<Authorization
Rule Children> - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - Condition
Attribute stringName - Dictionary attribute name
- Condition
Attribute stringValue - Attribute value for condition. Value type is specified in dictionary object.
- Condition
Dictionary stringName - Dictionary name
- Condition
Dictionary stringValue - Dictionary value
- Condition
Id string - UUID for condition
- Condition
Is boolNegate - Indicates whereas this condition is in negate mode
- Condition
Operator string - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - Condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - Default bool
- Indicates if this rule is the default one
- Name string
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- Profiles List<string>
- The authorization profile(s)
- Rank int
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- Security
Group string - Security group used in authorization policies
- State string
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- Policy
Set stringId - Policy set ID
- Childrens
[]Authorization
Rule Children Args - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - Condition
Attribute stringName - Dictionary attribute name
- Condition
Attribute stringValue - Attribute value for condition. Value type is specified in dictionary object.
- Condition
Dictionary stringName - Dictionary name
- Condition
Dictionary stringValue - Dictionary value
- Condition
Id string - UUID for condition
- Condition
Is boolNegate - Indicates whereas this condition is in negate mode
- Condition
Operator string - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - Condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - Default bool
- Indicates if this rule is the default one
- Name string
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- Profiles []string
- The authorization profile(s)
- Rank int
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- Security
Group string - Security group used in authorization policies
- State string
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- policy
Set StringId - Policy set ID
- childrens
List<Authorization
Rule Children> - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - condition
Attribute StringName - Dictionary attribute name
- condition
Attribute StringValue - Attribute value for condition. Value type is specified in dictionary object.
- condition
Dictionary StringName - Dictionary name
- condition
Dictionary StringValue - Dictionary value
- condition
Id String - UUID for condition
- condition
Is BooleanNegate - Indicates whereas this condition is in negate mode
- condition
Operator String - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - condition
Type String - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - default_ Boolean
- Indicates if this rule is the default one
- name String
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- profiles List<String>
- The authorization profile(s)
- rank Integer
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- security
Group String - Security group used in authorization policies
- state String
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- policy
Set stringId - Policy set ID
- childrens
Authorization
Rule Children[] - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - condition
Attribute stringName - Dictionary attribute name
- condition
Attribute stringValue - Attribute value for condition. Value type is specified in dictionary object.
- condition
Dictionary stringName - Dictionary name
- condition
Dictionary stringValue - Dictionary value
- condition
Id string - UUID for condition
- condition
Is booleanNegate - Indicates whereas this condition is in negate mode
- condition
Operator string - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - default boolean
- Indicates if this rule is the default one
- name string
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- profiles string[]
- The authorization profile(s)
- rank number
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- security
Group string - Security group used in authorization policies
- state string
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- policy_
set_ strid - Policy set ID
- childrens
Sequence[Authorization
Rule Children Args] - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - condition_
attribute_ strname - Dictionary attribute name
- condition_
attribute_ strvalue - Attribute value for condition. Value type is specified in dictionary object.
- condition_
dictionary_ strname - Dictionary name
- condition_
dictionary_ strvalue - Dictionary value
- condition_
id str - UUID for condition
- condition_
is_ boolnegate - Indicates whereas this condition is in negate mode
- condition_
operator str - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - condition_
type str - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - default bool
- Indicates if this rule is the default one
- name str
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- profiles Sequence[str]
- The authorization profile(s)
- rank int
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- security_
group str - Security group used in authorization policies
- state str
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- policy
Set StringId - Policy set ID
- childrens List<Property Map>
- List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - condition
Attribute StringName - Dictionary attribute name
- condition
Attribute StringValue - Attribute value for condition. Value type is specified in dictionary object.
- condition
Dictionary StringName - Dictionary name
- condition
Dictionary StringValue - Dictionary value
- condition
Id String - UUID for condition
- condition
Is BooleanNegate - Indicates whereas this condition is in negate mode
- condition
Operator String - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - condition
Type String - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - default Boolean
- Indicates if this rule is the default one
- name String
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- profiles List<String>
- The authorization profile(s)
- rank Number
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- security
Group String - Security group used in authorization policies
- state String
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
Outputs
All input properties are implicitly available as output properties. Additionally, the AuthorizationRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AuthorizationRule Resource
Get an existing AuthorizationRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AuthorizationRuleState, opts?: CustomResourceOptions): AuthorizationRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
childrens: Optional[Sequence[AuthorizationRuleChildrenArgs]] = None,
condition_attribute_name: Optional[str] = None,
condition_attribute_value: Optional[str] = None,
condition_dictionary_name: Optional[str] = None,
condition_dictionary_value: Optional[str] = None,
condition_id: Optional[str] = None,
condition_is_negate: Optional[bool] = None,
condition_operator: Optional[str] = None,
condition_type: Optional[str] = None,
default: Optional[bool] = None,
name: Optional[str] = None,
policy_set_id: Optional[str] = None,
profiles: Optional[Sequence[str]] = None,
rank: Optional[int] = None,
security_group: Optional[str] = None,
state: Optional[str] = None) -> AuthorizationRulefunc GetAuthorizationRule(ctx *Context, name string, id IDInput, state *AuthorizationRuleState, opts ...ResourceOption) (*AuthorizationRule, error)public static AuthorizationRule Get(string name, Input<string> id, AuthorizationRuleState? state, CustomResourceOptions? opts = null)public static AuthorizationRule get(String name, Output<String> id, AuthorizationRuleState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Childrens
List<Authorization
Rule Children> - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - Condition
Attribute stringName - Dictionary attribute name
- Condition
Attribute stringValue - Attribute value for condition. Value type is specified in dictionary object.
- Condition
Dictionary stringName - Dictionary name
- Condition
Dictionary stringValue - Dictionary value
- Condition
Id string - UUID for condition
- Condition
Is boolNegate - Indicates whereas this condition is in negate mode
- Condition
Operator string - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - Condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - Default bool
- Indicates if this rule is the default one
- Name string
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- Policy
Set stringId - Policy set ID
- Profiles List<string>
- The authorization profile(s)
- Rank int
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- Security
Group string - Security group used in authorization policies
- State string
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- Childrens
[]Authorization
Rule Children Args - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - Condition
Attribute stringName - Dictionary attribute name
- Condition
Attribute stringValue - Attribute value for condition. Value type is specified in dictionary object.
- Condition
Dictionary stringName - Dictionary name
- Condition
Dictionary stringValue - Dictionary value
- Condition
Id string - UUID for condition
- Condition
Is boolNegate - Indicates whereas this condition is in negate mode
- Condition
Operator string - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - Condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - Default bool
- Indicates if this rule is the default one
- Name string
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- Policy
Set stringId - Policy set ID
- Profiles []string
- The authorization profile(s)
- Rank int
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- Security
Group string - Security group used in authorization policies
- State string
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- childrens
List<Authorization
Rule Children> - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - condition
Attribute StringName - Dictionary attribute name
- condition
Attribute StringValue - Attribute value for condition. Value type is specified in dictionary object.
- condition
Dictionary StringName - Dictionary name
- condition
Dictionary StringValue - Dictionary value
- condition
Id String - UUID for condition
- condition
Is BooleanNegate - Indicates whereas this condition is in negate mode
- condition
Operator String - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - condition
Type String - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - default_ Boolean
- Indicates if this rule is the default one
- name String
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- policy
Set StringId - Policy set ID
- profiles List<String>
- The authorization profile(s)
- rank Integer
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- security
Group String - Security group used in authorization policies
- state String
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- childrens
Authorization
Rule Children[] - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - condition
Attribute stringName - Dictionary attribute name
- condition
Attribute stringValue - Attribute value for condition. Value type is specified in dictionary object.
- condition
Dictionary stringName - Dictionary name
- condition
Dictionary stringValue - Dictionary value
- condition
Id string - UUID for condition
- condition
Is booleanNegate - Indicates whereas this condition is in negate mode
- condition
Operator string - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - default boolean
- Indicates if this rule is the default one
- name string
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- policy
Set stringId - Policy set ID
- profiles string[]
- The authorization profile(s)
- rank number
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- security
Group string - Security group used in authorization policies
- state string
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- childrens
Sequence[Authorization
Rule Children Args] - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - condition_
attribute_ strname - Dictionary attribute name
- condition_
attribute_ strvalue - Attribute value for condition. Value type is specified in dictionary object.
- condition_
dictionary_ strname - Dictionary name
- condition_
dictionary_ strvalue - Dictionary value
- condition_
id str - UUID for condition
- condition_
is_ boolnegate - Indicates whereas this condition is in negate mode
- condition_
operator str - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - condition_
type str - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - default bool
- Indicates if this rule is the default one
- name str
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- policy_
set_ strid - Policy set ID
- profiles Sequence[str]
- The authorization profile(s)
- rank int
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- security_
group str - Security group used in authorization policies
- state str
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
- childrens List<Property Map>
- List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - condition
Attribute StringName - Dictionary attribute name
- condition
Attribute StringValue - Attribute value for condition. Value type is specified in dictionary object.
- condition
Dictionary StringName - Dictionary name
- condition
Dictionary StringValue - Dictionary value
- condition
Id String - UUID for condition
- condition
Is BooleanNegate - Indicates whereas this condition is in negate mode
- condition
Operator String - Equality operator - Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith - condition
Type String - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that
additional conditions are present under the children attribute. - Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference - default Boolean
- Indicates if this rule is the default one
- name String
- Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
- policy
Set StringId - Policy set ID
- profiles List<String>
- The authorization profile(s)
- rank Number
- The rank (priority) in relation to other rules. Lower rank is higher priority.
- security
Group String - Security group used in authorization policies
- state String
- The state that the rule is in. A disabled rule cannot be matched. - Choices:
disabled,enabled,monitor
Supporting Types
AuthorizationRuleChildren, AuthorizationRuleChildrenArgs
- Condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
- Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference
- Choices:
- Attribute
Name string - Dictionary attribute name
- Attribute
Value string - Attribute value for condition. Value type is specified in dictionary object.
- Childrens
List<Authorization
Rule Children Children> - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - Dictionary
Name string - Dictionary name
- Dictionary
Value string - Dictionary value
- Id string
- UUID for condition
- Is
Negate bool - Indicates whereas this condition is in negate mode
- Operator string
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- Condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
- Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference
- Choices:
- Attribute
Name string - Dictionary attribute name
- Attribute
Value string - Attribute value for condition. Value type is specified in dictionary object.
- Childrens
[]Authorization
Rule Children Children - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - Dictionary
Name string - Dictionary name
- Dictionary
Value string - Dictionary value
- Id string
- UUID for condition
- Is
Negate bool - Indicates whereas this condition is in negate mode
- Operator string
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- condition
Type String - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
- Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference
- Choices:
- attribute
Name String - Dictionary attribute name
- attribute
Value String - Attribute value for condition. Value type is specified in dictionary object.
- childrens
List<Authorization
Rule Children Children> - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - dictionary
Name String - Dictionary name
- dictionary
Value String - Dictionary value
- id String
- UUID for condition
- is
Negate Boolean - Indicates whereas this condition is in negate mode
- operator String
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- condition
Type string - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
- Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference
- Choices:
- attribute
Name string - Dictionary attribute name
- attribute
Value string - Attribute value for condition. Value type is specified in dictionary object.
- childrens
Authorization
Rule Children Children[] - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - dictionary
Name string - Dictionary name
- dictionary
Value string - Dictionary value
- id string
- UUID for condition
- is
Negate boolean - Indicates whereas this condition is in negate mode
- operator string
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- condition_
type str - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
- Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference
- Choices:
- attribute_
name str - Dictionary attribute name
- attribute_
value str - Attribute value for condition. Value type is specified in dictionary object.
- childrens
Sequence[Authorization
Rule Children Children] - List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - dictionary_
name str - Dictionary name
- dictionary_
value str - Dictionary value
- id str
- UUID for condition
- is_
negate bool - Indicates whereas this condition is in negate mode
- operator str
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- condition
Type String - Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.
- Choices:
ConditionAndBlock,ConditionAttributes,ConditionOrBlock,ConditionReference
- Choices:
- attribute
Name String - Dictionary attribute name
- attribute
Value String - Attribute value for condition. Value type is specified in dictionary object.
- childrens List<Property Map>
- List of child conditions.
condition_typemust be one ofConditionAndBlockorConditionOrBlock. - dictionary
Name String - Dictionary name
- dictionary
Value String - Dictionary value
- id String
- UUID for condition
- is
Negate Boolean - Indicates whereas this condition is in negate mode
- operator String
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
AuthorizationRuleChildrenChildren, AuthorizationRuleChildrenChildrenArgs
- Condition
Type string - Condition type.
- Choices:
ConditionAttributes,ConditionReference
- Choices:
- Attribute
Name string - Dictionary attribute name
- Attribute
Value string - Attribute value for condition. Value type is specified in dictionary object.
- Dictionary
Name string - Dictionary name
- Dictionary
Value string - Dictionary value
- Id string
- UUID for condition
- Is
Negate bool - Indicates whereas this condition is in negate mode
- Operator string
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- Condition
Type string - Condition type.
- Choices:
ConditionAttributes,ConditionReference
- Choices:
- Attribute
Name string - Dictionary attribute name
- Attribute
Value string - Attribute value for condition. Value type is specified in dictionary object.
- Dictionary
Name string - Dictionary name
- Dictionary
Value string - Dictionary value
- Id string
- UUID for condition
- Is
Negate bool - Indicates whereas this condition is in negate mode
- Operator string
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- condition
Type String - Condition type.
- Choices:
ConditionAttributes,ConditionReference
- Choices:
- attribute
Name String - Dictionary attribute name
- attribute
Value String - Attribute value for condition. Value type is specified in dictionary object.
- dictionary
Name String - Dictionary name
- dictionary
Value String - Dictionary value
- id String
- UUID for condition
- is
Negate Boolean - Indicates whereas this condition is in negate mode
- operator String
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- condition
Type string - Condition type.
- Choices:
ConditionAttributes,ConditionReference
- Choices:
- attribute
Name string - Dictionary attribute name
- attribute
Value string - Attribute value for condition. Value type is specified in dictionary object.
- dictionary
Name string - Dictionary name
- dictionary
Value string - Dictionary value
- id string
- UUID for condition
- is
Negate boolean - Indicates whereas this condition is in negate mode
- operator string
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- condition_
type str - Condition type.
- Choices:
ConditionAttributes,ConditionReference
- Choices:
- attribute_
name str - Dictionary attribute name
- attribute_
value str - Attribute value for condition. Value type is specified in dictionary object.
- dictionary_
name str - Dictionary name
- dictionary_
value str - Dictionary value
- id str
- UUID for condition
- is_
negate bool - Indicates whereas this condition is in negate mode
- operator str
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
- condition
Type String - Condition type.
- Choices:
ConditionAttributes,ConditionReference
- Choices:
- attribute
Name String - Dictionary attribute name
- attribute
Value String - Attribute value for condition. Value type is specified in dictionary object.
- dictionary
Name String - Dictionary name
- dictionary
Value String - Dictionary value
- id String
- UUID for condition
- is
Negate Boolean - Indicates whereas this condition is in negate mode
- operator String
- Equality operator
- Choices:
contains,endsWith,equals,greaterOrEquals,greaterThan,in,ipEquals,ipGreaterThan,ipLessThan,ipNotEquals,lessOrEquals,lessThan,matches,notContains,notEndsWith,notEquals,notIn,notStartsWith,startsWith
- Choices:
Import
$ pulumi import ise:networkaccess/authorizationRule:AuthorizationRule example "76d24097-41c4-4558-a4d0-a8c07ac08470,76d24097-41c4-4558-a4d0-a8c07ac08470"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- ise pulumi/pulumi-ise
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
iseTerraform Provider.