Docs Home
Palo Alto Networks Cloud NGFW for AWS v0.1.1 published on Saturday, Mar 15, 2025 by Pulumi
cloudngfwaws.getSecurityRule
Explore with Pulumi AI
Palo Alto Networks Cloud NGFW for AWS v0.1.1 published on Saturday, Mar 15, 2025 by Pulumi
Data source for retrieving security rule information.
Admin Permission Type
Rulestack(forscope="Local")Global Rulestack(forscope="Global")
Example Usage
Coming soon!
Coming soon!
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudngfwaws.Rulestack;
import com.pulumi.cloudngfwaws.RulestackArgs;
import com.pulumi.cloudngfwaws.inputs.RulestackProfileConfigArgs;
import com.pulumi.cloudngfwaws.CloudngfwawsFunctions;
import com.pulumi.cloudngfwaws.inputs.GetSecurityRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var r = new Rulestack("r", RulestackArgs.builder()
.name("my-rulestack")
.scope("Local")
.accountId("12345")
.description("Made by Pulumi")
.profileConfig(RulestackProfileConfigArgs.builder()
.antiSpyware("BestPractice")
.build())
.build());
final var example = CloudngfwawsFunctions.getSecurityRule(GetSecurityRuleArgs.builder()
.rulestack(r.name())
.name("foobar")
.build());
}
}
resources:
r:
type: cloudngfwaws:Rulestack
properties:
name: my-rulestack
scope: Local
accountId: '12345'
description: Made by Pulumi
profileConfig:
antiSpyware: BestPractice
variables:
example:
fn::invoke:
function: cloudngfwaws:getSecurityRule
arguments:
rulestack: ${r.name}
name: foobar
Using getSecurityRule
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getSecurityRule(args: GetSecurityRuleArgs, opts?: InvokeOptions): Promise<GetSecurityRuleResult>
function getSecurityRuleOutput(args: GetSecurityRuleOutputArgs, opts?: InvokeOptions): Output<GetSecurityRuleResult>def get_security_rule(config_type: Optional[str] = None,
priority: Optional[int] = None,
rule_list: Optional[str] = None,
rulestack: Optional[str] = None,
scope: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetSecurityRuleResult
def get_security_rule_output(config_type: Optional[pulumi.Input[str]] = None,
priority: Optional[pulumi.Input[int]] = None,
rule_list: Optional[pulumi.Input[str]] = None,
rulestack: Optional[pulumi.Input[str]] = None,
scope: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetSecurityRuleResult]func LookupSecurityRule(ctx *Context, args *LookupSecurityRuleArgs, opts ...InvokeOption) (*LookupSecurityRuleResult, error)
func LookupSecurityRuleOutput(ctx *Context, args *LookupSecurityRuleOutputArgs, opts ...InvokeOption) LookupSecurityRuleResultOutput> Note: This function is named LookupSecurityRule in the Go SDK.
public static class GetSecurityRule
{
public static Task<GetSecurityRuleResult> InvokeAsync(GetSecurityRuleArgs args, InvokeOptions? opts = null)
public static Output<GetSecurityRuleResult> Invoke(GetSecurityRuleInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetSecurityRuleResult> getSecurityRule(GetSecurityRuleArgs args, InvokeOptions options)
public static Output<GetSecurityRuleResult> getSecurityRule(GetSecurityRuleArgs args, InvokeOptions options)
fn::invoke:
function: cloudngfwaws:index/getSecurityRule:getSecurityRule
arguments:
# arguments dictionaryThe following arguments are supported:
- Priority int
- The rule priority.
- Rulestack string
- The rulestack.
- Config
Type string - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - Rule
List string - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - Scope string
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- Priority int
- The rule priority.
- Rulestack string
- The rulestack.
- Config
Type string - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - Rule
List string - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - Scope string
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- priority Integer
- The rule priority.
- rulestack String
- The rulestack.
- config
Type String - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - rule
List String - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - scope String
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- priority number
- The rule priority.
- rulestack string
- The rulestack.
- config
Type string - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - rule
List string - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - scope string
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- priority int
- The rule priority.
- rulestack str
- The rulestack.
- config_
type str - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - rule_
list str - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - scope str
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- priority Number
- The rule priority.
- rulestack String
- The rulestack.
- config
Type String - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - rule
List String - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - scope String
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
getSecurityRule Result
The following output properties are available:
- Action string
- The action to take. Valid values are
Allow,DenySilent,DenyResetServer, orDenyResetBoth. - Applications List<string>
- The list of applications.
- Audit
Comment string - The audit comment.
- Categories
List<Pulumi.
Cloud Ngfw Aws. Outputs. Get Security Rule Category> - The category spec.
- Decryption
Rule stringType - Decryption rule type. Valid values are ``or
SSLOutboundInspection. - Description string
- The description.
- Destinations
List<Pulumi.
Cloud Ngfw Aws. Outputs. Get Security Rule Destination> - The destination spec.
- Enabled bool
- Set to false to disable this rule.
- Id string
- The provider-assigned unique ID for this managed resource.
- Logging bool
- Enable logging at end.
- Name string
- The name.
- Negate
Destination bool - Negate the destination definition.
- Negate
Source bool - Negate the source definition.
- Priority int
- The rule priority.
- Prot
Port List<string>Lists - Protocol port list.
- Protocol string
- The protocol.
- Rulestack string
- The rulestack.
- Sources
List<Pulumi.
Cloud Ngfw Aws. Outputs. Get Security Rule Source> - The source spec.
- Dictionary<string, string>
- The tags.
- Update
Token string - The update token.
- Config
Type string - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - Rule
List string - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - Scope string
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- Action string
- The action to take. Valid values are
Allow,DenySilent,DenyResetServer, orDenyResetBoth. - Applications []string
- The list of applications.
- Audit
Comment string - The audit comment.
- Categories
[]Get
Security Rule Category - The category spec.
- Decryption
Rule stringType - Decryption rule type. Valid values are ``or
SSLOutboundInspection. - Description string
- The description.
- Destinations
[]Get
Security Rule Destination - The destination spec.
- Enabled bool
- Set to false to disable this rule.
- Id string
- The provider-assigned unique ID for this managed resource.
- Logging bool
- Enable logging at end.
- Name string
- The name.
- Negate
Destination bool - Negate the destination definition.
- Negate
Source bool - Negate the source definition.
- Priority int
- The rule priority.
- Prot
Port []stringLists - Protocol port list.
- Protocol string
- The protocol.
- Rulestack string
- The rulestack.
- Sources
[]Get
Security Rule Source - The source spec.
- map[string]string
- The tags.
- Update
Token string - The update token.
- Config
Type string - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - Rule
List string - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - Scope string
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- action String
- The action to take. Valid values are
Allow,DenySilent,DenyResetServer, orDenyResetBoth. - applications List<String>
- The list of applications.
- audit
Comment String - The audit comment.
- categories
List<Get
Security Rule Category> - The category spec.
- decryption
Rule StringType - Decryption rule type. Valid values are ``or
SSLOutboundInspection. - description String
- The description.
- destinations
List<Get
Security Rule Destination> - The destination spec.
- enabled Boolean
- Set to false to disable this rule.
- id String
- The provider-assigned unique ID for this managed resource.
- logging Boolean
- Enable logging at end.
- name String
- The name.
- negate
Destination Boolean - Negate the destination definition.
- negate
Source Boolean - Negate the source definition.
- priority Integer
- The rule priority.
- prot
Port List<String>Lists - Protocol port list.
- protocol String
- The protocol.
- rulestack String
- The rulestack.
- sources
List<Get
Security Rule Source> - The source spec.
- Map<String,String>
- The tags.
- update
Token String - The update token.
- config
Type String - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - rule
List String - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - scope String
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- action string
- The action to take. Valid values are
Allow,DenySilent,DenyResetServer, orDenyResetBoth. - applications string[]
- The list of applications.
- audit
Comment string - The audit comment.
- categories
Get
Security Rule Category[] - The category spec.
- decryption
Rule stringType - Decryption rule type. Valid values are ``or
SSLOutboundInspection. - description string
- The description.
- destinations
Get
Security Rule Destination[] - The destination spec.
- enabled boolean
- Set to false to disable this rule.
- id string
- The provider-assigned unique ID for this managed resource.
- logging boolean
- Enable logging at end.
- name string
- The name.
- negate
Destination boolean - Negate the destination definition.
- negate
Source boolean - Negate the source definition.
- priority number
- The rule priority.
- prot
Port string[]Lists - Protocol port list.
- protocol string
- The protocol.
- rulestack string
- The rulestack.
- sources
Get
Security Rule Source[] - The source spec.
- {[key: string]: string}
- The tags.
- update
Token string - The update token.
- config
Type string - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - rule
List string - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - scope string
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- action str
- The action to take. Valid values are
Allow,DenySilent,DenyResetServer, orDenyResetBoth. - applications Sequence[str]
- The list of applications.
- audit_
comment str - The audit comment.
- categories
Sequence[Get
Security Rule Category] - The category spec.
- decryption_
rule_ strtype - Decryption rule type. Valid values are ``or
SSLOutboundInspection. - description str
- The description.
- destinations
Sequence[Get
Security Rule Destination] - The destination spec.
- enabled bool
- Set to false to disable this rule.
- id str
- The provider-assigned unique ID for this managed resource.
- logging bool
- Enable logging at end.
- name str
- The name.
- negate_
destination bool - Negate the destination definition.
- negate_
source bool - Negate the source definition.
- priority int
- The rule priority.
- prot_
port_ Sequence[str]lists - Protocol port list.
- protocol str
- The protocol.
- rulestack str
- The rulestack.
- sources
Sequence[Get
Security Rule Source] - The source spec.
- Mapping[str, str]
- The tags.
- update_
token str - The update token.
- config_
type str - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - rule_
list str - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - scope str
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
- action String
- The action to take. Valid values are
Allow,DenySilent,DenyResetServer, orDenyResetBoth. - applications List<String>
- The list of applications.
- audit
Comment String - The audit comment.
- categories List<Property Map>
- The category spec.
- decryption
Rule StringType - Decryption rule type. Valid values are ``or
SSLOutboundInspection. - description String
- The description.
- destinations List<Property Map>
- The destination spec.
- enabled Boolean
- Set to false to disable this rule.
- id String
- The provider-assigned unique ID for this managed resource.
- logging Boolean
- Enable logging at end.
- name String
- The name.
- negate
Destination Boolean - Negate the destination definition.
- negate
Source Boolean - Negate the source definition.
- priority Number
- The rule priority.
- prot
Port List<String>Lists - Protocol port list.
- protocol String
- The protocol.
- rulestack String
- The rulestack.
- sources List<Property Map>
- The source spec.
- Map<String>
- The tags.
- update
Token String - The update token.
- config
Type String - Retrieve either the candidate or running config. Valid values are
candidateorrunning. Defaults tocandidate. - rule
List String - The rulebase. Valid values are
PreRule,PostRule, orLocalRule. Defaults toPreRule. - scope String
- The rulestack's scope. A local rulestack will require that you've retrieved a LRA JWT. A global rulestack will require that you've retrieved a GRA JWT. Valid values are
LocalorGlobal. Defaults toLocal.
Supporting Types
GetSecurityRuleCategory
- Feeds List<string>
- List of feeds.
- Url
Category List<string>Names - List of URL category names.
- Feeds []string
- List of feeds.
- Url
Category []stringNames - List of URL category names.
- feeds List<String>
- List of feeds.
- url
Category List<String>Names - List of URL category names.
- feeds string[]
- List of feeds.
- url
Category string[]Names - List of URL category names.
- feeds Sequence[str]
- List of feeds.
- url_
category_ Sequence[str]names - List of URL category names.
- feeds List<String>
- List of feeds.
- url
Category List<String>Names - List of URL category names.
GetSecurityRuleDestination
- Cidrs List<string>
- List of CIDRs.
- Countries List<string>
- List of countries.
- Feeds List<string>
- List of feeds.
- Fqdn
Lists List<string> - List of FQDN lists.
- Prefix
Lists List<string> - List of prefix list.
- Cidrs []string
- List of CIDRs.
- Countries []string
- List of countries.
- Feeds []string
- List of feeds.
- Fqdn
Lists []string - List of FQDN lists.
- Prefix
Lists []string - List of prefix list.
- cidrs List<String>
- List of CIDRs.
- countries List<String>
- List of countries.
- feeds List<String>
- List of feeds.
- fqdn
Lists List<String> - List of FQDN lists.
- prefix
Lists List<String> - List of prefix list.
- cidrs string[]
- List of CIDRs.
- countries string[]
- List of countries.
- feeds string[]
- List of feeds.
- fqdn
Lists string[] - List of FQDN lists.
- prefix
Lists string[] - List of prefix list.
- cidrs Sequence[str]
- List of CIDRs.
- countries Sequence[str]
- List of countries.
- feeds Sequence[str]
- List of feeds.
- fqdn_
lists Sequence[str] - List of FQDN lists.
- prefix_
lists Sequence[str] - List of prefix list.
- cidrs List<String>
- List of CIDRs.
- countries List<String>
- List of countries.
- feeds List<String>
- List of feeds.
- fqdn
Lists List<String> - List of FQDN lists.
- prefix
Lists List<String> - List of prefix list.
GetSecurityRuleSource
- Cidrs List<string>
- List of CIDRs.
- Countries List<string>
- List of countries.
- Feeds List<string>
- List of feeds.
- Prefix
Lists List<string> - List of prefix list.
- Cidrs []string
- List of CIDRs.
- Countries []string
- List of countries.
- Feeds []string
- List of feeds.
- Prefix
Lists []string - List of prefix list.
- cidrs List<String>
- List of CIDRs.
- countries List<String>
- List of countries.
- feeds List<String>
- List of feeds.
- prefix
Lists List<String> - List of prefix list.
- cidrs string[]
- List of CIDRs.
- countries string[]
- List of countries.
- feeds string[]
- List of feeds.
- prefix
Lists string[] - List of prefix list.
- cidrs Sequence[str]
- List of CIDRs.
- countries Sequence[str]
- List of countries.
- feeds Sequence[str]
- List of feeds.
- prefix_
lists Sequence[str] - List of prefix list.
- cidrs List<String>
- List of CIDRs.
- countries List<String>
- List of countries.
- feeds List<String>
- List of feeds.
- prefix
Lists List<String> - List of prefix list.
Package Details
- Repository
- cloudngfwaws pulumi/pulumi-cloudngfwaws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudngfwawsTerraform Provider.
Palo Alto Networks Cloud NGFW for AWS v0.1.1 published on Saturday, Mar 15, 2025 by Pulumi