oci.NetworkFirewall.getNetworkFirewallPolicyDecryptionProfile

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

Example Usage

Coming soon!

Coming soon!

Coming soon!

Coming soon!

Coming soon!

variables:
  testNetworkFirewallPolicyDecryptionProfile:
    fn::invoke:
      function: oci:NetworkFirewall:getNetworkFirewallPolicyDecryptionProfile
      arguments:
        decryptionProfileName: ${ociNetworkFirewallNetworkFirewallPolicyDecryptionProfileName}
        networkFirewallPolicyId: ${testNetworkFirewallPolicy.id}

Using getNetworkFirewallPolicyDecryptionProfile

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getNetworkFirewallPolicyDecryptionProfile(args: GetNetworkFirewallPolicyDecryptionProfileArgs, opts?: InvokeOptions): Promise<GetNetworkFirewallPolicyDecryptionProfileResult>
function getNetworkFirewallPolicyDecryptionProfileOutput(args: GetNetworkFirewallPolicyDecryptionProfileOutputArgs, opts?: InvokeOptions): Output<GetNetworkFirewallPolicyDecryptionProfileResult>

def get_network_firewall_policy_decryption_profile(name: Optional[str] = None,
                                                   network_firewall_policy_id: Optional[str] = None,
                                                   opts: Optional[InvokeOptions] = None) -> GetNetworkFirewallPolicyDecryptionProfileResult
def get_network_firewall_policy_decryption_profile_output(name: Optional[pulumi.Input[str]] = None,
                                                   network_firewall_policy_id: Optional[pulumi.Input[str]] = None,
                                                   opts: Optional[InvokeOptions] = None) -> Output[GetNetworkFirewallPolicyDecryptionProfileResult]

func LookupNetworkFirewallPolicyDecryptionProfile(ctx *Context, args *LookupNetworkFirewallPolicyDecryptionProfileArgs, opts ...InvokeOption) (*LookupNetworkFirewallPolicyDecryptionProfileResult, error)
func LookupNetworkFirewallPolicyDecryptionProfileOutput(ctx *Context, args *LookupNetworkFirewallPolicyDecryptionProfileOutputArgs, opts ...InvokeOption) LookupNetworkFirewallPolicyDecryptionProfileResultOutput

> Note: This function is named LookupNetworkFirewallPolicyDecryptionProfile in the Go SDK.

public static class GetNetworkFirewallPolicyDecryptionProfile 
{
    public static Task<GetNetworkFirewallPolicyDecryptionProfileResult> InvokeAsync(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions? opts = null)
    public static Output<GetNetworkFirewallPolicyDecryptionProfileResult> Invoke(GetNetworkFirewallPolicyDecryptionProfileInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetNetworkFirewallPolicyDecryptionProfileResult> getNetworkFirewallPolicyDecryptionProfile(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions options)
public static Output<GetNetworkFirewallPolicyDecryptionProfileResult> getNetworkFirewallPolicyDecryptionProfile(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions options)

fn::invoke:
  function: oci:NetworkFirewall/getNetworkFirewallPolicyDecryptionProfile:getNetworkFirewallPolicyDecryptionProfile
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string: Unique Name of the decryption profile.
NetworkFirewallPolicyId string: Unique Network Firewall Policy identifier

Name string: Unique Name of the decryption profile.
NetworkFirewallPolicyId string: Unique Network Firewall Policy identifier

name String: Unique Name of the decryption profile.
networkFirewallPolicyId String: Unique Network Firewall Policy identifier

name string: Unique Name of the decryption profile.
networkFirewallPolicyId string: Unique Network Firewall Policy identifier

name str: Unique Name of the decryption profile.
network_firewall_policy_id str: Unique Network Firewall Policy identifier

name String: Unique Name of the decryption profile.
networkFirewallPolicyId String: Unique Network Firewall Policy identifier

getNetworkFirewallPolicyDecryptionProfile Result

The following output properties are available:

AreCertificateExtensionsRestricted bool: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
Id string
IsAutoIncludeAltName bool: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
IsExpiredCertificateBlocked bool: Whether to block sessions if server's certificate is expired.
IsOutOfCapacityBlocked bool: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
IsRevocationStatusTimeoutBlocked bool: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
IsUnknownRevocationStatusBlocked bool: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
IsUnsupportedCipherBlocked bool: Whether to block sessions if SSL cipher suite is not supported.
IsUnsupportedVersionBlocked bool: Whether to block sessions if SSL version is not supported.
IsUntrustedIssuerBlocked bool: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
Name string: Unique Name of the decryption profile.
NetworkFirewallPolicyId string
ParentResourceId string: OCID of the Network Firewall Policy this decryption profile belongs to.
Type string: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

AreCertificateExtensionsRestricted bool: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
Id string
IsAutoIncludeAltName bool: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
IsExpiredCertificateBlocked bool: Whether to block sessions if server's certificate is expired.
IsOutOfCapacityBlocked bool: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
IsRevocationStatusTimeoutBlocked bool: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
IsUnknownRevocationStatusBlocked bool: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
IsUnsupportedCipherBlocked bool: Whether to block sessions if SSL cipher suite is not supported.
IsUnsupportedVersionBlocked bool: Whether to block sessions if SSL version is not supported.
IsUntrustedIssuerBlocked bool: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
Name string: Unique Name of the decryption profile.
NetworkFirewallPolicyId string
ParentResourceId string: OCID of the Network Firewall Policy this decryption profile belongs to.
Type string: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

areCertificateExtensionsRestricted Boolean: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
id String
isAutoIncludeAltName Boolean: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
isExpiredCertificateBlocked Boolean: Whether to block sessions if server's certificate is expired.
isOutOfCapacityBlocked Boolean: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
isRevocationStatusTimeoutBlocked Boolean: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
isUnknownRevocationStatusBlocked Boolean: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
isUnsupportedCipherBlocked Boolean: Whether to block sessions if SSL cipher suite is not supported.
isUnsupportedVersionBlocked Boolean: Whether to block sessions if SSL version is not supported.
isUntrustedIssuerBlocked Boolean: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
name String: Unique Name of the decryption profile.
networkFirewallPolicyId String
parentResourceId String: OCID of the Network Firewall Policy this decryption profile belongs to.
type String: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

areCertificateExtensionsRestricted boolean: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
id string
isAutoIncludeAltName boolean: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
isExpiredCertificateBlocked boolean: Whether to block sessions if server's certificate is expired.
isOutOfCapacityBlocked boolean: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
isRevocationStatusTimeoutBlocked boolean: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
isUnknownRevocationStatusBlocked boolean: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
isUnsupportedCipherBlocked boolean: Whether to block sessions if SSL cipher suite is not supported.
isUnsupportedVersionBlocked boolean: Whether to block sessions if SSL version is not supported.
isUntrustedIssuerBlocked boolean: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
name string: Unique Name of the decryption profile.
networkFirewallPolicyId string
parentResourceId string: OCID of the Network Firewall Policy this decryption profile belongs to.
type string: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

are_certificate_extensions_restricted bool: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
id str
is_auto_include_alt_name bool: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
is_expired_certificate_blocked bool: Whether to block sessions if server's certificate is expired.
is_out_of_capacity_blocked bool: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
is_revocation_status_timeout_blocked bool: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
is_unknown_revocation_status_blocked bool: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
is_unsupported_cipher_blocked bool: Whether to block sessions if SSL cipher suite is not supported.
is_unsupported_version_blocked bool: Whether to block sessions if SSL version is not supported.
is_untrusted_issuer_blocked bool: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
name str: Unique Name of the decryption profile.
network_firewall_policy_id str
parent_resource_id str: OCID of the Network Firewall Policy this decryption profile belongs to.
type str: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

areCertificateExtensionsRestricted Boolean: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
id String
isAutoIncludeAltName Boolean: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
isExpiredCertificateBlocked Boolean: Whether to block sessions if server's certificate is expired.
isOutOfCapacityBlocked Boolean: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
isRevocationStatusTimeoutBlocked Boolean: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
isUnknownRevocationStatusBlocked Boolean: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
isUnsupportedCipherBlocked Boolean: Whether to block sessions if SSL cipher suite is not supported.
isUnsupportedVersionBlocked Boolean: Whether to block sessions if SSL version is not supported.
isUntrustedIssuerBlocked Boolean: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
name String: Unique Name of the decryption profile.
networkFirewallPolicyId String
parentResourceId String: OCID of the Network Firewall Policy this decryption profile belongs to.
type String: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.33.0 published on Thursday, May 1, 2025 by Pulumi

pulumi/pulumi-oci

oci.NetworkFirewall.getNetworkFirewallPolicyDecryptionProfile

On this page

On this page

Example Usage

Using getNetworkFirewallPolicyDecryptionProfile

getNetworkFirewallPolicyDecryptionProfile Result

Package Details

On this page

On this page