Oracle Cloud Infrastructure v2.11.0, Sep 19 24

Oracle Cloud Infrastructure v2.11.0 published on Thursday, Sep 19, 2024 by Pulumi

oci.NetworkFirewall.getNetworkFirewallPolicyDecryptionProfile

Explore with Pulumi AI

Oracle Cloud Infrastructure v2.11.0 published on Thursday, Sep 19, 2024 by Pulumi

Example Usage

Coming soon!

Coming soon!

Coming soon!

Coming soon!

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.NetworkFirewall.NetworkFirewallFunctions;
import com.pulumi.oci.NetworkFirewall.inputs.GetNetworkFirewallPolicyDecryptionProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var testNetworkFirewallPolicyDecryptionProfile = NetworkFirewallFunctions.getNetworkFirewallPolicyDecryptionProfile(GetNetworkFirewallPolicyDecryptionProfileArgs.builder()
            .decryptionProfileName(ociNetworkFirewallNetworkFirewallPolicyDecryptionProfileName)
            .networkFirewallPolicyId(testNetworkFirewallPolicy.id())
            .build());

    }
}

variables:
  testNetworkFirewallPolicyDecryptionProfile:
    fn::invoke:
      Function: oci:NetworkFirewall:getNetworkFirewallPolicyDecryptionProfile
      Arguments:
        decryptionProfileName: ${ociNetworkFirewallNetworkFirewallPolicyDecryptionProfileName}
        networkFirewallPolicyId: ${testNetworkFirewallPolicy.id}

Using getNetworkFirewallPolicyDecryptionProfile

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getNetworkFirewallPolicyDecryptionProfile(args: GetNetworkFirewallPolicyDecryptionProfileArgs, opts?: InvokeOptions): Promise<GetNetworkFirewallPolicyDecryptionProfileResult>
function getNetworkFirewallPolicyDecryptionProfileOutput(args: GetNetworkFirewallPolicyDecryptionProfileOutputArgs, opts?: InvokeOptions): Output<GetNetworkFirewallPolicyDecryptionProfileResult>

def get_network_firewall_policy_decryption_profile(name: Optional[str] = None,
                                                   network_firewall_policy_id: Optional[str] = None,
                                                   opts: Optional[InvokeOptions] = None) -> GetNetworkFirewallPolicyDecryptionProfileResult
def get_network_firewall_policy_decryption_profile_output(name: Optional[pulumi.Input[str]] = None,
                                                   network_firewall_policy_id: Optional[pulumi.Input[str]] = None,
                                                   opts: Optional[InvokeOptions] = None) -> Output[GetNetworkFirewallPolicyDecryptionProfileResult]

func GetNetworkFirewallPolicyDecryptionProfile(ctx *Context, args *GetNetworkFirewallPolicyDecryptionProfileArgs, opts ...InvokeOption) (*GetNetworkFirewallPolicyDecryptionProfileResult, error)
func GetNetworkFirewallPolicyDecryptionProfileOutput(ctx *Context, args *GetNetworkFirewallPolicyDecryptionProfileOutputArgs, opts ...InvokeOption) GetNetworkFirewallPolicyDecryptionProfileResultOutput

> Note: This function is named GetNetworkFirewallPolicyDecryptionProfile in the Go SDK.

public static class GetNetworkFirewallPolicyDecryptionProfile 
{
    public static Task<GetNetworkFirewallPolicyDecryptionProfileResult> InvokeAsync(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions? opts = null)
    public static Output<GetNetworkFirewallPolicyDecryptionProfileResult> Invoke(GetNetworkFirewallPolicyDecryptionProfileInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetNetworkFirewallPolicyDecryptionProfileResult> getNetworkFirewallPolicyDecryptionProfile(GetNetworkFirewallPolicyDecryptionProfileArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: oci:NetworkFirewall/getNetworkFirewallPolicyDecryptionProfile:getNetworkFirewallPolicyDecryptionProfile
  arguments:
    # arguments dictionary

The following arguments are supported:

Name string: Unique Name of the decryption profile.
NetworkFirewallPolicyId string: Unique Network Firewall Policy identifier

Name string: Unique Name of the decryption profile.
NetworkFirewallPolicyId string: Unique Network Firewall Policy identifier

name String: Unique Name of the decryption profile.
networkFirewallPolicyId String: Unique Network Firewall Policy identifier

name string: Unique Name of the decryption profile.
networkFirewallPolicyId string: Unique Network Firewall Policy identifier

name str: Unique Name of the decryption profile.
network_firewall_policy_id str: Unique Network Firewall Policy identifier

name String: Unique Name of the decryption profile.
networkFirewallPolicyId String: Unique Network Firewall Policy identifier

getNetworkFirewallPolicyDecryptionProfile Result

The following output properties are available:

AreCertificateExtensionsRestricted bool: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
Id string
IsAutoIncludeAltName bool: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
IsExpiredCertificateBlocked bool: Whether to block sessions if server's certificate is expired.
IsOutOfCapacityBlocked bool: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
IsRevocationStatusTimeoutBlocked bool: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
IsUnknownRevocationStatusBlocked bool: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
IsUnsupportedCipherBlocked bool: Whether to block sessions if SSL cipher suite is not supported.
IsUnsupportedVersionBlocked bool: Whether to block sessions if SSL version is not supported.
IsUntrustedIssuerBlocked bool: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
Name string: Unique Name of the decryption profile.
NetworkFirewallPolicyId string
ParentResourceId string: OCID of the Network Firewall Policy this decryption profile belongs to.
Type string: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

AreCertificateExtensionsRestricted bool: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
Id string
IsAutoIncludeAltName bool: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
IsExpiredCertificateBlocked bool: Whether to block sessions if server's certificate is expired.
IsOutOfCapacityBlocked bool: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
IsRevocationStatusTimeoutBlocked bool: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
IsUnknownRevocationStatusBlocked bool: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
IsUnsupportedCipherBlocked bool: Whether to block sessions if SSL cipher suite is not supported.
IsUnsupportedVersionBlocked bool: Whether to block sessions if SSL version is not supported.
IsUntrustedIssuerBlocked bool: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
Name string: Unique Name of the decryption profile.
NetworkFirewallPolicyId string
ParentResourceId string: OCID of the Network Firewall Policy this decryption profile belongs to.
Type string: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

areCertificateExtensionsRestricted Boolean: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
id String
isAutoIncludeAltName Boolean: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
isExpiredCertificateBlocked Boolean: Whether to block sessions if server's certificate is expired.
isOutOfCapacityBlocked Boolean: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
isRevocationStatusTimeoutBlocked Boolean: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
isUnknownRevocationStatusBlocked Boolean: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
isUnsupportedCipherBlocked Boolean: Whether to block sessions if SSL cipher suite is not supported.
isUnsupportedVersionBlocked Boolean: Whether to block sessions if SSL version is not supported.
isUntrustedIssuerBlocked Boolean: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
name String: Unique Name of the decryption profile.
networkFirewallPolicyId String
parentResourceId String: OCID of the Network Firewall Policy this decryption profile belongs to.
type String: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

areCertificateExtensionsRestricted boolean: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
id string
isAutoIncludeAltName boolean: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
isExpiredCertificateBlocked boolean: Whether to block sessions if server's certificate is expired.
isOutOfCapacityBlocked boolean: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
isRevocationStatusTimeoutBlocked boolean: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
isUnknownRevocationStatusBlocked boolean: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
isUnsupportedCipherBlocked boolean: Whether to block sessions if SSL cipher suite is not supported.
isUnsupportedVersionBlocked boolean: Whether to block sessions if SSL version is not supported.
isUntrustedIssuerBlocked boolean: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
name string: Unique Name of the decryption profile.
networkFirewallPolicyId string
parentResourceId string: OCID of the Network Firewall Policy this decryption profile belongs to.
type string: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

are_certificate_extensions_restricted bool: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
id str
is_auto_include_alt_name bool: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
is_expired_certificate_blocked bool: Whether to block sessions if server's certificate is expired.
is_out_of_capacity_blocked bool: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
is_revocation_status_timeout_blocked bool: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
is_unknown_revocation_status_blocked bool: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
is_unsupported_cipher_blocked bool: Whether to block sessions if SSL cipher suite is not supported.
is_unsupported_version_blocked bool: Whether to block sessions if SSL version is not supported.
is_untrusted_issuer_blocked bool: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
name str: Unique Name of the decryption profile.
network_firewall_policy_id str
parent_resource_id str: OCID of the Network Firewall Policy this decryption profile belongs to.
type str: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

areCertificateExtensionsRestricted Boolean: Whether to block sessions if the server's certificate uses extensions other than key usage and/or extended key usage.
id String
isAutoIncludeAltName Boolean: Whether to automatically append SAN to impersonating certificate if server certificate is missing SAN.
isExpiredCertificateBlocked Boolean: Whether to block sessions if server's certificate is expired.
isOutOfCapacityBlocked Boolean: Whether to block sessions if the firewall is temporarily unable to decrypt their traffic.
isRevocationStatusTimeoutBlocked Boolean: Whether to block sessions if the revocation status check for server's certificate does not succeed within the maximum allowed time (defaulting to 5 seconds).
isUnknownRevocationStatusBlocked Boolean: Whether to block sessions if the revocation status check for server's certificate results in "unknown".
isUnsupportedCipherBlocked Boolean: Whether to block sessions if SSL cipher suite is not supported.
isUnsupportedVersionBlocked Boolean: Whether to block sessions if SSL version is not supported.
isUntrustedIssuerBlocked Boolean: Whether to block sessions if server's certificate is issued by an untrusted certificate authority (CA).
name String: Unique Name of the decryption profile.
networkFirewallPolicyId String
parentResourceId String: OCID of the Network Firewall Policy this decryption profile belongs to.
type String: Describes the type of Decryption Profile SslForwardProxy or SslInboundInspection.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v2.11.0 published on Thursday, Sep 19, 2024 by Pulumi

pulumi/pulumi-oci

oci.NetworkFirewall.getNetworkFirewallPolicyDecryptionProfile

On this page

On this page

Example Usage

Using getNetworkFirewallPolicyDecryptionProfile

getNetworkFirewallPolicyDecryptionProfile Result

Package Details

On this page

On this page