Aviatrix v0.0.11, Jun 17 23

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

aviatrix.AviatrixFirewallInstance

Explore with Pulumi AI

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

Create AviatrixFirewallInstance Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new AviatrixFirewallInstance(name: string, args: AviatrixFirewallInstanceArgs, opts?: CustomResourceOptions);

@overload
def AviatrixFirewallInstance(resource_name: str,
                             args: AviatrixFirewallInstanceArgs,
                             opts: Optional[ResourceOptions] = None)

@overload
def AviatrixFirewallInstance(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             firewall_image: Optional[str] = None,
                             vpc_id: Optional[str] = None,
                             firewall_size: Optional[str] = None,
                             firewall_name: Optional[str] = None,
                             egress_subnet: Optional[str] = None,
                             iam_role: Optional[str] = None,
                             password: Optional[str] = None,
                             file_share_folder: Optional[str] = None,
                             firenet_gw_name: Optional[str] = None,
                             egress_vpc_id: Optional[str] = None,
                             firewall_image_id: Optional[str] = None,
                             firewall_image_version: Optional[str] = None,
                             container_folder: Optional[str] = None,
                             bootstrap_storage_name: Optional[str] = None,
                             availability_domain: Optional[str] = None,
                             key_name: Optional[str] = None,
                             management_subnet: Optional[str] = None,
                             management_vpc_id: Optional[str] = None,
                             fault_domain: Optional[str] = None,
                             sas_url_config: Optional[str] = None,
                             sas_url_license: Optional[str] = None,
                             share_directory: Optional[str] = None,
                             sic_key: Optional[str] = None,
                             ssh_public_key: Optional[str] = None,
                             storage_access_key: Optional[str] = None,
                             tags: Optional[Mapping[str, str]] = None,
                             user_data: Optional[str] = None,
                             username: Optional[str] = None,
                             bootstrap_bucket_name: Optional[str] = None,
                             zone: Optional[str] = None)

func NewAviatrixFirewallInstance(ctx *Context, name string, args AviatrixFirewallInstanceArgs, opts ...ResourceOption) (*AviatrixFirewallInstance, error)

public AviatrixFirewallInstance(string name, AviatrixFirewallInstanceArgs args, CustomResourceOptions? opts = null)

public AviatrixFirewallInstance(String name, AviatrixFirewallInstanceArgs args)
public AviatrixFirewallInstance(String name, AviatrixFirewallInstanceArgs args, CustomResourceOptions options)

type: aviatrix:AviatrixFirewallInstance
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AviatrixFirewallInstanceArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AviatrixFirewallInstanceArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AviatrixFirewallInstanceArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AviatrixFirewallInstanceArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AviatrixFirewallInstanceArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var aviatrixFirewallInstanceResource = new Aviatrix.AviatrixFirewallInstance("aviatrixFirewallInstanceResource", new()
{
    FirewallImage = "string",
    VpcId = "string",
    FirewallSize = "string",
    FirewallName = "string",
    EgressSubnet = "string",
    IamRole = "string",
    Password = "string",
    FileShareFolder = "string",
    FirenetGwName = "string",
    EgressVpcId = "string",
    FirewallImageId = "string",
    FirewallImageVersion = "string",
    ContainerFolder = "string",
    BootstrapStorageName = "string",
    AvailabilityDomain = "string",
    KeyName = "string",
    ManagementSubnet = "string",
    ManagementVpcId = "string",
    FaultDomain = "string",
    SasUrlConfig = "string",
    SasUrlLicense = "string",
    ShareDirectory = "string",
    SicKey = "string",
    SshPublicKey = "string",
    StorageAccessKey = "string",
    Tags = 
    {
        { "string", "string" },
    },
    UserData = "string",
    Username = "string",
    BootstrapBucketName = "string",
    Zone = "string",
});

example, err := aviatrix.NewAviatrixFirewallInstance(ctx, "aviatrixFirewallInstanceResource", &aviatrix.AviatrixFirewallInstanceArgs{
	FirewallImage:        pulumi.String("string"),
	VpcId:                pulumi.String("string"),
	FirewallSize:         pulumi.String("string"),
	FirewallName:         pulumi.String("string"),
	EgressSubnet:         pulumi.String("string"),
	IamRole:              pulumi.String("string"),
	Password:             pulumi.String("string"),
	FileShareFolder:      pulumi.String("string"),
	FirenetGwName:        pulumi.String("string"),
	EgressVpcId:          pulumi.String("string"),
	FirewallImageId:      pulumi.String("string"),
	FirewallImageVersion: pulumi.String("string"),
	ContainerFolder:      pulumi.String("string"),
	BootstrapStorageName: pulumi.String("string"),
	AvailabilityDomain:   pulumi.String("string"),
	KeyName:              pulumi.String("string"),
	ManagementSubnet:     pulumi.String("string"),
	ManagementVpcId:      pulumi.String("string"),
	FaultDomain:          pulumi.String("string"),
	SasUrlConfig:         pulumi.String("string"),
	SasUrlLicense:        pulumi.String("string"),
	ShareDirectory:       pulumi.String("string"),
	SicKey:               pulumi.String("string"),
	SshPublicKey:         pulumi.String("string"),
	StorageAccessKey:     pulumi.String("string"),
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	UserData:            pulumi.String("string"),
	Username:            pulumi.String("string"),
	BootstrapBucketName: pulumi.String("string"),
	Zone:                pulumi.String("string"),
})

var aviatrixFirewallInstanceResource = new AviatrixFirewallInstance("aviatrixFirewallInstanceResource", AviatrixFirewallInstanceArgs.builder()
    .firewallImage("string")
    .vpcId("string")
    .firewallSize("string")
    .firewallName("string")
    .egressSubnet("string")
    .iamRole("string")
    .password("string")
    .fileShareFolder("string")
    .firenetGwName("string")
    .egressVpcId("string")
    .firewallImageId("string")
    .firewallImageVersion("string")
    .containerFolder("string")
    .bootstrapStorageName("string")
    .availabilityDomain("string")
    .keyName("string")
    .managementSubnet("string")
    .managementVpcId("string")
    .faultDomain("string")
    .sasUrlConfig("string")
    .sasUrlLicense("string")
    .shareDirectory("string")
    .sicKey("string")
    .sshPublicKey("string")
    .storageAccessKey("string")
    .tags(Map.of("string", "string"))
    .userData("string")
    .username("string")
    .bootstrapBucketName("string")
    .zone("string")
    .build());

aviatrix_firewall_instance_resource = aviatrix.AviatrixFirewallInstance("aviatrixFirewallInstanceResource",
    firewall_image="string",
    vpc_id="string",
    firewall_size="string",
    firewall_name="string",
    egress_subnet="string",
    iam_role="string",
    password="string",
    file_share_folder="string",
    firenet_gw_name="string",
    egress_vpc_id="string",
    firewall_image_id="string",
    firewall_image_version="string",
    container_folder="string",
    bootstrap_storage_name="string",
    availability_domain="string",
    key_name="string",
    management_subnet="string",
    management_vpc_id="string",
    fault_domain="string",
    sas_url_config="string",
    sas_url_license="string",
    share_directory="string",
    sic_key="string",
    ssh_public_key="string",
    storage_access_key="string",
    tags={
        "string": "string",
    },
    user_data="string",
    username="string",
    bootstrap_bucket_name="string",
    zone="string")

const aviatrixFirewallInstanceResource = new aviatrix.AviatrixFirewallInstance("aviatrixFirewallInstanceResource", {
    firewallImage: "string",
    vpcId: "string",
    firewallSize: "string",
    firewallName: "string",
    egressSubnet: "string",
    iamRole: "string",
    password: "string",
    fileShareFolder: "string",
    firenetGwName: "string",
    egressVpcId: "string",
    firewallImageId: "string",
    firewallImageVersion: "string",
    containerFolder: "string",
    bootstrapStorageName: "string",
    availabilityDomain: "string",
    keyName: "string",
    managementSubnet: "string",
    managementVpcId: "string",
    faultDomain: "string",
    sasUrlConfig: "string",
    sasUrlLicense: "string",
    shareDirectory: "string",
    sicKey: "string",
    sshPublicKey: "string",
    storageAccessKey: "string",
    tags: {
        string: "string",
    },
    userData: "string",
    username: "string",
    bootstrapBucketName: "string",
    zone: "string",
});

type: aviatrix:AviatrixFirewallInstance
properties:
    availabilityDomain: string
    bootstrapBucketName: string
    bootstrapStorageName: string
    containerFolder: string
    egressSubnet: string
    egressVpcId: string
    faultDomain: string
    fileShareFolder: string
    firenetGwName: string
    firewallImage: string
    firewallImageId: string
    firewallImageVersion: string
    firewallName: string
    firewallSize: string
    iamRole: string
    keyName: string
    managementSubnet: string
    managementVpcId: string
    password: string
    sasUrlConfig: string
    sasUrlLicense: string
    shareDirectory: string
    sicKey: string
    sshPublicKey: string
    storageAccessKey: string
    tags:
        string: string
    userData: string
    username: string
    vpcId: string
    zone: string

AviatrixFirewallInstance Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The AviatrixFirewallInstance resource accepts the following input properties:

EgressSubnet string: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
FirewallImage string: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
FirewallName string: Name of the firewall instance to be created.
FirewallSize string: Instance size of the firewall. Example: "m5.xlarge".
VpcId string: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
BootstrapBucketName string: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
BootstrapStorageName string: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
ContainerFolder string: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
EgressVpcId string: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FileShareFolder string: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
FirenetGwName string: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
FirewallImageId string: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
FirewallImageVersion string: Version of firewall image. If not specified, Controller will automatically select the latest version available.
IamRole string: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
KeyName string: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
ManagementSubnet string: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
ManagementVpcId string: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
Password string: Applicable to Azure or AzureGov deployment only.
SasUrlConfig string: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
SasUrlLicense string: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
ShareDirectory string: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
SicKey string: Advanced option. Sic key. Applicable to Check Point Series deployment only.
SshPublicKey string: Applicable to Azure or AzureGov deployment only.
StorageAccessKey string: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
Tags Dictionary<string, string>: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
UserData string: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
Username string: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
Zone string: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

EgressSubnet string: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
FirewallImage string: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
FirewallName string: Name of the firewall instance to be created.
FirewallSize string: Instance size of the firewall. Example: "m5.xlarge".
VpcId string: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
BootstrapBucketName string: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
BootstrapStorageName string: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
ContainerFolder string: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
EgressVpcId string: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FileShareFolder string: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
FirenetGwName string: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
FirewallImageId string: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
FirewallImageVersion string: Version of firewall image. If not specified, Controller will automatically select the latest version available.
IamRole string: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
KeyName string: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
ManagementSubnet string: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
ManagementVpcId string: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
Password string: Applicable to Azure or AzureGov deployment only.
SasUrlConfig string: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
SasUrlLicense string: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
ShareDirectory string: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
SicKey string: Advanced option. Sic key. Applicable to Check Point Series deployment only.
SshPublicKey string: Applicable to Azure or AzureGov deployment only.
StorageAccessKey string: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
Tags map[string]string: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
UserData string: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
Username string: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
Zone string: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

egressSubnet String: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
firewallImage String: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
firewallName String: Name of the firewall instance to be created.
firewallSize String: Instance size of the firewall. Example: "m5.xlarge".
vpcId String: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
bootstrapBucketName String: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
bootstrapStorageName String: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
containerFolder String: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
egressVpcId String: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
fileShareFolder String: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
firenetGwName String: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
firewallImageId String: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
firewallImageVersion String: Version of firewall image. If not specified, Controller will automatically select the latest version available.
iamRole String: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
keyName String: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
managementSubnet String: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
managementVpcId String: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
password String: Applicable to Azure or AzureGov deployment only.
sasUrlConfig String: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
sasUrlLicense String: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
shareDirectory String: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
sicKey String: Advanced option. Sic key. Applicable to Check Point Series deployment only.
sshPublicKey String: Applicable to Azure or AzureGov deployment only.
storageAccessKey String: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
tags Map<String,String>: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
userData String: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
username String: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
zone String: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

egressSubnet string: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
firewallImage string: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
firewallName string: Name of the firewall instance to be created.
firewallSize string: Instance size of the firewall. Example: "m5.xlarge".
vpcId string: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
availabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
bootstrapBucketName string: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
bootstrapStorageName string: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
containerFolder string: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
egressVpcId string: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
faultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
fileShareFolder string: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
firenetGwName string: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
firewallImageId string: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
firewallImageVersion string: Version of firewall image. If not specified, Controller will automatically select the latest version available.
iamRole string: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
keyName string: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
managementSubnet string: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
managementVpcId string: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
password string: Applicable to Azure or AzureGov deployment only.
sasUrlConfig string: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
sasUrlLicense string: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
shareDirectory string: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
sicKey string: Advanced option. Sic key. Applicable to Check Point Series deployment only.
sshPublicKey string: Applicable to Azure or AzureGov deployment only.
storageAccessKey string: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
tags {[key: string]: string}: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
userData string: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
username string: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
zone string: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

egress_subnet str: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
firewall_image str: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
firewall_name str: Name of the firewall instance to be created.
firewall_size str: Instance size of the firewall. Example: "m5.xlarge".
vpc_id str: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
availability_domain str: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
bootstrap_bucket_name str: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
bootstrap_storage_name str: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
container_folder str: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
egress_vpc_id str: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
fault_domain str: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
file_share_folder str: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
firenet_gw_name str: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
firewall_image_id str: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
firewall_image_version str: Version of firewall image. If not specified, Controller will automatically select the latest version available.
iam_role str: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
key_name str: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
management_subnet str: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
management_vpc_id str: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
password str: Applicable to Azure or AzureGov deployment only.
sas_url_config str: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
sas_url_license str: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
share_directory str: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
sic_key str: Advanced option. Sic key. Applicable to Check Point Series deployment only.
ssh_public_key str: Applicable to Azure or AzureGov deployment only.
storage_access_key str: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
tags Mapping[str, str]: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
user_data str: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
username str: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
zone str: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

egressSubnet String: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
firewallImage String: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
firewallName String: Name of the firewall instance to be created.
firewallSize String: Instance size of the firewall. Example: "m5.xlarge".
vpcId String: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
bootstrapBucketName String: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
bootstrapStorageName String: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
containerFolder String: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
egressVpcId String: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
fileShareFolder String: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
firenetGwName String: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
firewallImageId String: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
firewallImageVersion String: Version of firewall image. If not specified, Controller will automatically select the latest version available.
iamRole String: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
keyName String: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
managementSubnet String: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
managementVpcId String: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
password String: Applicable to Azure or AzureGov deployment only.
sasUrlConfig String: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
sasUrlLicense String: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
shareDirectory String: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
sicKey String: Advanced option. Sic key. Applicable to Check Point Series deployment only.
sshPublicKey String: Applicable to Azure or AzureGov deployment only.
storageAccessKey String: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
tags Map<String>: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
userData String: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
username String: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
zone String: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

Outputs

All input properties are implicitly available as output properties. Additionally, the AviatrixFirewallInstance resource produces the following output properties:

CloudType int: Cloud Type.
EgressInterface string: ID of Egress Interface created.
GcpVpcId string: GCP Only. The current VPC ID.
Id string: The provider-assigned unique ID for this managed resource.
InstanceId string: ID of the firewall instance created.
LanInterface string: ID of Lan Interface created.
ManagementInterface string: ID of Management Interface created.
PublicIp string: Management Public IP.

CloudType int: Cloud Type.
EgressInterface string: ID of Egress Interface created.
GcpVpcId string: GCP Only. The current VPC ID.
Id string: The provider-assigned unique ID for this managed resource.
InstanceId string: ID of the firewall instance created.
LanInterface string: ID of Lan Interface created.
ManagementInterface string: ID of Management Interface created.
PublicIp string: Management Public IP.

cloudType Integer: Cloud Type.
egressInterface String: ID of Egress Interface created.
gcpVpcId String: GCP Only. The current VPC ID.
id String: The provider-assigned unique ID for this managed resource.
instanceId String: ID of the firewall instance created.
lanInterface String: ID of Lan Interface created.
managementInterface String: ID of Management Interface created.
publicIp String: Management Public IP.

cloudType number: Cloud Type.
egressInterface string: ID of Egress Interface created.
gcpVpcId string: GCP Only. The current VPC ID.
id string: The provider-assigned unique ID for this managed resource.
instanceId string: ID of the firewall instance created.
lanInterface string: ID of Lan Interface created.
managementInterface string: ID of Management Interface created.
publicIp string: Management Public IP.

cloud_type int: Cloud Type.
egress_interface str: ID of Egress Interface created.
gcp_vpc_id str: GCP Only. The current VPC ID.
id str: The provider-assigned unique ID for this managed resource.
instance_id str: ID of the firewall instance created.
lan_interface str: ID of Lan Interface created.
management_interface str: ID of Management Interface created.
public_ip str: Management Public IP.

cloudType Number: Cloud Type.
egressInterface String: ID of Egress Interface created.
gcpVpcId String: GCP Only. The current VPC ID.
id String: The provider-assigned unique ID for this managed resource.
instanceId String: ID of the firewall instance created.
lanInterface String: ID of Lan Interface created.
managementInterface String: ID of Management Interface created.
publicIp String: Management Public IP.

Look up Existing AviatrixFirewallInstance Resource

Get an existing AviatrixFirewallInstance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AviatrixFirewallInstanceState, opts?: CustomResourceOptions): AviatrixFirewallInstance

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        availability_domain: Optional[str] = None,
        bootstrap_bucket_name: Optional[str] = None,
        bootstrap_storage_name: Optional[str] = None,
        cloud_type: Optional[int] = None,
        container_folder: Optional[str] = None,
        egress_interface: Optional[str] = None,
        egress_subnet: Optional[str] = None,
        egress_vpc_id: Optional[str] = None,
        fault_domain: Optional[str] = None,
        file_share_folder: Optional[str] = None,
        firenet_gw_name: Optional[str] = None,
        firewall_image: Optional[str] = None,
        firewall_image_id: Optional[str] = None,
        firewall_image_version: Optional[str] = None,
        firewall_name: Optional[str] = None,
        firewall_size: Optional[str] = None,
        gcp_vpc_id: Optional[str] = None,
        iam_role: Optional[str] = None,
        instance_id: Optional[str] = None,
        key_name: Optional[str] = None,
        lan_interface: Optional[str] = None,
        management_interface: Optional[str] = None,
        management_subnet: Optional[str] = None,
        management_vpc_id: Optional[str] = None,
        password: Optional[str] = None,
        public_ip: Optional[str] = None,
        sas_url_config: Optional[str] = None,
        sas_url_license: Optional[str] = None,
        share_directory: Optional[str] = None,
        sic_key: Optional[str] = None,
        ssh_public_key: Optional[str] = None,
        storage_access_key: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        user_data: Optional[str] = None,
        username: Optional[str] = None,
        vpc_id: Optional[str] = None,
        zone: Optional[str] = None) -> AviatrixFirewallInstance

func GetAviatrixFirewallInstance(ctx *Context, name string, id IDInput, state *AviatrixFirewallInstanceState, opts ...ResourceOption) (*AviatrixFirewallInstance, error)

public static AviatrixFirewallInstance Get(string name, Input<string> id, AviatrixFirewallInstanceState? state, CustomResourceOptions? opts = null)

public static AviatrixFirewallInstance get(String name, Output<String> id, AviatrixFirewallInstanceState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
BootstrapBucketName string: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
BootstrapStorageName string: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
CloudType int: Cloud Type.
ContainerFolder string: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
EgressInterface string: ID of Egress Interface created.
EgressSubnet string: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
EgressVpcId string: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FileShareFolder string: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
FirenetGwName string: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
FirewallImage string: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
FirewallImageId string: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
FirewallImageVersion string: Version of firewall image. If not specified, Controller will automatically select the latest version available.
FirewallName string: Name of the firewall instance to be created.
FirewallSize string: Instance size of the firewall. Example: "m5.xlarge".
GcpVpcId string: GCP Only. The current VPC ID.
IamRole string: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
InstanceId string: ID of the firewall instance created.
KeyName string: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
LanInterface string: ID of Lan Interface created.
ManagementInterface string: ID of Management Interface created.
ManagementSubnet string: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
ManagementVpcId string: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
Password string: Applicable to Azure or AzureGov deployment only.
PublicIp string: Management Public IP.
SasUrlConfig string: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
SasUrlLicense string: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
ShareDirectory string: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
SicKey string: Advanced option. Sic key. Applicable to Check Point Series deployment only.
SshPublicKey string: Applicable to Azure or AzureGov deployment only.
StorageAccessKey string: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
Tags Dictionary<string, string>: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
UserData string: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
Username string: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
VpcId string: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
Zone string: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

AvailabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
BootstrapBucketName string: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
BootstrapStorageName string: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
CloudType int: Cloud Type.
ContainerFolder string: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
EgressInterface string: ID of Egress Interface created.
EgressSubnet string: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
EgressVpcId string: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
FaultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
FileShareFolder string: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
FirenetGwName string: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
FirewallImage string: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
FirewallImageId string: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
FirewallImageVersion string: Version of firewall image. If not specified, Controller will automatically select the latest version available.
FirewallName string: Name of the firewall instance to be created.
FirewallSize string: Instance size of the firewall. Example: "m5.xlarge".
GcpVpcId string: GCP Only. The current VPC ID.
IamRole string: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
InstanceId string: ID of the firewall instance created.
KeyName string: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
LanInterface string: ID of Lan Interface created.
ManagementInterface string: ID of Management Interface created.
ManagementSubnet string: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
ManagementVpcId string: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
Password string: Applicable to Azure or AzureGov deployment only.
PublicIp string: Management Public IP.
SasUrlConfig string: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
SasUrlLicense string: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
ShareDirectory string: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
SicKey string: Advanced option. Sic key. Applicable to Check Point Series deployment only.
SshPublicKey string: Applicable to Azure or AzureGov deployment only.
StorageAccessKey string: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
Tags map[string]string: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
UserData string: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
Username string: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
VpcId string: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
Zone string: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
bootstrapBucketName String: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
bootstrapStorageName String: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
cloudType Integer: Cloud Type.
containerFolder String: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
egressInterface String: ID of Egress Interface created.
egressSubnet String: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
egressVpcId String: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
fileShareFolder String: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
firenetGwName String: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
firewallImage String: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
firewallImageId String: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
firewallImageVersion String: Version of firewall image. If not specified, Controller will automatically select the latest version available.
firewallName String: Name of the firewall instance to be created.
firewallSize String: Instance size of the firewall. Example: "m5.xlarge".
gcpVpcId String: GCP Only. The current VPC ID.
iamRole String: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
instanceId String: ID of the firewall instance created.
keyName String: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
lanInterface String: ID of Lan Interface created.
managementInterface String: ID of Management Interface created.
managementSubnet String: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
managementVpcId String: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
password String: Applicable to Azure or AzureGov deployment only.
publicIp String: Management Public IP.
sasUrlConfig String: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
sasUrlLicense String: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
shareDirectory String: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
sicKey String: Advanced option. Sic key. Applicable to Check Point Series deployment only.
sshPublicKey String: Applicable to Azure or AzureGov deployment only.
storageAccessKey String: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
tags Map<String,String>: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
userData String: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
username String: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
vpcId String: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
zone String: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

availabilityDomain string: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
bootstrapBucketName string: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
bootstrapStorageName string: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
cloudType number: Cloud Type.
containerFolder string: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
egressInterface string: ID of Egress Interface created.
egressSubnet string: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
egressVpcId string: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
faultDomain string: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
fileShareFolder string: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
firenetGwName string: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
firewallImage string: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
firewallImageId string: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
firewallImageVersion string: Version of firewall image. If not specified, Controller will automatically select the latest version available.
firewallName string: Name of the firewall instance to be created.
firewallSize string: Instance size of the firewall. Example: "m5.xlarge".
gcpVpcId string: GCP Only. The current VPC ID.
iamRole string: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
instanceId string: ID of the firewall instance created.
keyName string: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
lanInterface string: ID of Lan Interface created.
managementInterface string: ID of Management Interface created.
managementSubnet string: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
managementVpcId string: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
password string: Applicable to Azure or AzureGov deployment only.
publicIp string: Management Public IP.
sasUrlConfig string: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
sasUrlLicense string: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
shareDirectory string: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
sicKey string: Advanced option. Sic key. Applicable to Check Point Series deployment only.
sshPublicKey string: Applicable to Azure or AzureGov deployment only.
storageAccessKey string: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
tags {[key: string]: string}: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
userData string: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
username string: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
vpcId string: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
zone string: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

availability_domain str: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
bootstrap_bucket_name str: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
bootstrap_storage_name str: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
cloud_type int: Cloud Type.
container_folder str: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
egress_interface str: ID of Egress Interface created.
egress_subnet str: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
egress_vpc_id str: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
fault_domain str: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
file_share_folder str: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
firenet_gw_name str: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
firewall_image str: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
firewall_image_id str: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
firewall_image_version str: Version of firewall image. If not specified, Controller will automatically select the latest version available.
firewall_name str: Name of the firewall instance to be created.
firewall_size str: Instance size of the firewall. Example: "m5.xlarge".
gcp_vpc_id str: GCP Only. The current VPC ID.
iam_role str: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
instance_id str: ID of the firewall instance created.
key_name str: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
lan_interface str: ID of Lan Interface created.
management_interface str: ID of Management Interface created.
management_subnet str: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
management_vpc_id str: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
password str: Applicable to Azure or AzureGov deployment only.
public_ip str: Management Public IP.
sas_url_config str: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
sas_url_license str: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
share_directory str: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
sic_key str: Advanced option. Sic key. Applicable to Check Point Series deployment only.
ssh_public_key str: Applicable to Azure or AzureGov deployment only.
storage_access_key str: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
tags Mapping[str, str]: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
user_data str: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
username str: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
vpc_id str: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
zone str: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

availabilityDomain String: Availability domain. Required and valid only for OCI. Available as of provider version R2.19.3.
bootstrapBucketName String: Only available for AWS and GCP. For GCP, only Palo Alto Networks VM-Series deployment can use this attribute. In advanced mode, specify a bootstrap bucket name where the initial configuration and policy file is stored.
bootstrapStorageName String: Advanced option. Bootstrap storage name. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series/Fortinet Series deployment only. Available as of provider version R2.17.1+.
cloudType Number: Cloud Type.
containerFolder String: Advanced option. Container folder. Applicable to Azure or AzureGov and Fortinet Series deployment only.
egressInterface String: ID of Egress Interface created.
egressSubnet String: Egress Interface Subnet. Select the subnet whose name contains “FW-ingress-egress”. For GCP, egress_subnet must be in the form cidr~~region~~name.
egressVpcId String: Egress VPC ID. Required for GCP. Available as of provider version R2.18.1+.
faultDomain String: Fault domain. Required and valid only for OCI. Available as of provider version R2.19.3.
fileShareFolder String: Advanced option. File share folder. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
firenetGwName String: Name of the primary FireNet gateway. Required for all FireNet deployments that do not utilize the TGW-Integrated FireNet with AWS Native GWLB VPC.
firewallImage String: One of the AWS/Azure/GCP AMIs from various vendors such as Palo Alto Networks.
firewallImageId String: Firewall image ID. Applicable to AWS and Azure only. For AWS, please use AMI ID. For Azure, the format is “Publisher:Offer:Plan:Version”. Available as of provider version R2.19+.
firewallImageVersion String: Version of firewall image. If not specified, Controller will automatically select the latest version available.
firewallName String: Name of the firewall instance to be created.
firewallSize String: Instance size of the firewall. Example: "m5.xlarge".
gcpVpcId String: GCP Only. The current VPC ID.
iamRole String: Only available for AWS. In advanced mode, create an IAM Role on the AWS account that launched the FireNet gateway. Create a policy to attach to the role. The policy is to allow access to "Bootstrap Bucket".
instanceId String: ID of the firewall instance created.
keyName String: Applicable to AWS deployment only. AWS Key Pair name. If not provided a Key Pair will be generated.
lanInterface String: ID of Lan Interface created.
managementInterface String: ID of Management Interface created.
managementSubnet String: Management Interface Subnet. Select the subnet whose name contains “gateway and firewall management”. For GCP, management_subnet must be in the form cidr~~region~~name. Required for Palo Alto Networks VM-Series and OCI Check Point firewalls. Otherwise, it must be empty.
managementVpcId String: Management VPC ID. Only used for GCP firewall. Required for Palo Alto Networks VM-Series, and required to be empty for Check Point or Fortinet series. Available as of provider version R2.18.1+.
password String: Applicable to Azure or AzureGov deployment only.
publicIp String: Management Public IP.
sasUrlConfig String: Advanced option. SAS URL Config. Applicable to Azure or AzureGov and Fortinet Series deployment only.
sasUrlLicense String: Advanced option. SAS URL License. Applicable to Azure or AzureGov and Fortinet Series deployment only.
shareDirectory String: Advanced option. Share directory. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
sicKey String: Advanced option. Sic key. Applicable to Check Point Series deployment only.
sshPublicKey String: Applicable to Azure or AzureGov deployment only.
storageAccessKey String: Advanced option. Storage access key. Applicable to Azure or AzureGov and Palo Alto Networks VM-Series deployment only. Available as of provider version R2.17.1+.
tags Map<String>: Mapping of key value pairs of tags for a firewall instance. Only available for AWS, AWSGov, GCP and Azure firewall instances. For AWS, AWSGov and Azure allowed characters are: letters, spaces, and numbers plus the following special characters: + - = . _ : @. For GCP allowed characters are: lowercase letters, numbers, "-" and "_". Example: {"key1" = "value1", "key2" = "value2"}.
userData String: Advanced option. User Data. Applicable to Check Point Series and Fortinet Series deployment only. Type: String.
username String: Applicable to Azure or AzureGov deployment only. "admin" as a username is not accepted.
vpcId String: VPC ID of the Security VPC. For GCP, vpc_id must be in the form vpc_id~-~gcloud_project_id.
zone String: Availability Zone. Required if creating a Firewall Instance with a Native AWS GWLB-enabled VPC. Applicable to AWS, Azure, and GCP only. Available as of provider version R2.17+.

Import

firewall_instance can be imported using the instance_id. For Azure or AzureGov FireNet instances, the value will be the firewall_name concatenated with a “:” and the Resource Group of the vpc_id set for that instance. e.g.

 $ pulumi import aviatrix:index/aviatrixFirewallInstance:AviatrixFirewallInstance test instance_id

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: aviatrix astipkovits/pulumi-aviatrix
License: Apache-2.0
Notes: This Pulumi package is based on the aviatrix Terraform Provider.

Aviatrix v0.0.11 published on Saturday, Jun 17, 2023 by Aviatrix

astipkovits/pulumi-aviatrix

aviatrix.AviatrixFirewallInstance

On this page

On this page

Create AviatrixFirewallInstance Resource

Constructor syntax

Parameters

Constructor example

AviatrixFirewallInstance Resource Properties

Inputs

Outputs

Look up Existing AviatrixFirewallInstance Resource

Import

Package Details

On this page

On this page