UNPKG

@pulumi/cloudngfwaws

Version:

A Pulumi package for creating and managing Cloud NGFW for AWS resources.

pulumi.com

pulumi/pulumi-cloudngfwaws

184 lines (183 loc) 9.94 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
import * as pulumi from "@pulumi/pulumi"; /** * The provider type for the cloudngfwaws package. By default, resources use package-wide configuration * settings, however an explicit `Provider` instance may be created and passed during resource * construction to achieve fine-grained programmatic control over provider settings. See the * [documentation](https://www.pulumi.com/docs/reference/programming-model/#providers) for more information. */ export declare class Provider extends pulumi.ProviderResource { /** * Returns true if the given object is an instance of Provider. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Provider; /** * (Used for the initial `sts assume role`) AWS access key. Environment variable: `CLOUDNGFWAWS_ACCESS_KEY`. JSON conf file variable: `access-key`. */ readonly accessKey: pulumi.Output<string | undefined>; /** * The ARN allowing account admin permissions. Environment variable: `CLOUDNGFWAWS_ACCT_ADMIN_ARN`. JSON conf file variable: `account-admin-arn`. */ readonly accountAdminArn: pulumi.Output<string | undefined>; /** * The ARN allowing firewall, rulestack, and global rulestack admin permissions. Global rulestack admin permissions can be enabled only if the AWS account is onboarded by AWS Firewall Manager. Use 'lfa_arn' and 'lra_arn' if you want to enable only firewall and rulestack admin permissions. Environment variable: `CLOUDNGFWAWS_ARN`. JSON conf file variable: `arn`. */ readonly arn: pulumi.Output<string | undefined>; /** * The ARN allowing global rulestack admin permissions. Global rulestack admin permissions can be enabled only if the AWS account is onboarded by AWS Firewall Manager. 'gra_arn' is preferentially used over the `arn` param if both are specified. Environment variable: `CLOUDNGFWAWS_GRA_ARN`. JSON conf file variable: `gra-arn`. */ readonly graArn: pulumi.Output<string | undefined>; /** * The hostname of the API (default: `api.us-east-1.aws.cloudngfw.paloaltonetworks.com`). Environment variable: `CLOUDNGFWAWS_HOST`. JSON conf file variable: `host`. */ readonly host: pulumi.Output<string | undefined>; /** * Retrieve provider configuration from this JSON file. */ readonly jsonConfigFile: pulumi.Output<string | undefined>; /** * The ARN allowing firewall admin permissions. This is preferentially used over the `arn` param if both are specified. Environment variable: `CLOUDNGFWAWS_LFA_ARN`. JSON conf file variable: `lfa-arn`. */ readonly lfaArn: pulumi.Output<string | undefined>; /** * The ARN allowing rulestack admin permissions. This is preferentially used over the `arn` param if both are specified. Environment variable: `CLOUDNGFWAWS_LRA_ARN`. JSON conf file variable: `lra-arn`. */ readonly lraArn: pulumi.Output<string | undefined>; /** * AWS management plane region. Environment variable: `CLOUDNGFWAWS_MP_REGION`. JSON conf file variable: `mpRegion`. */ readonly mpRegion: pulumi.Output<string | undefined>; /** * AWS management plane MP region host Environment variable: `CLOUDNGFWAWS_MP_REGION_HOST`. JSON conf file variable: `mpRegionHost`. */ readonly mpRegionHost: pulumi.Output<string | undefined>; /** * (Used for the initial `sts assume role`) AWS PROFILE. Environment variable: `CLOUDNGFWAWS_PROFILE`. JSON conf file variable: `profile`. */ readonly profile: pulumi.Output<string | undefined>; /** * The protocol (defaults to `https`). Environment variable: `CLOUDNGFWAWS_PROTOCOL`. JSON conf file variable: `protocol`. Valid values are `https` or `http`. */ readonly protocol: pulumi.Output<string | undefined>; /** * AWS region. Environment variable: `CLOUDNGFWAWS_REGION`. JSON conf file variable: `region`. */ readonly region: pulumi.Output<string | undefined>; /** * (Used for the initial `sts assume role`) AWS secret key. Environment variable: `CLOUDNGFWAWS_SECRET_KEY`. JSON conf file variable: `secret-key`. */ readonly secretKey: pulumi.Output<string | undefined>; /** * The hostname of the V2 API (default: `api.us-east-1.aws.cloudngfw.paloaltonetworks.com`). Environment variable: `CLOUDNGFWAWS_V2_HOST`. JSON conf file variable: `v2Host`. */ readonly v2Host: pulumi.Output<string | undefined>; /** * Create a Provider resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: ProviderArgs, opts?: pulumi.ResourceOptions); /** * This function returns a Terraform config object with terraform-namecased keys,to be used with the Terraform Module Provider. */ terraformConfig(): pulumi.Output<Provider.TerraformConfigResult>; } /** * The set of arguments for constructing a Provider resource. */ export interface ProviderArgs { /** * (Used for the initial `sts assume role`) AWS access key. Environment variable: `CLOUDNGFWAWS_ACCESS_KEY`. JSON conf file variable: `access-key`. */ accessKey?: pulumi.Input<string>; /** * The ARN allowing account admin permissions. Environment variable: `CLOUDNGFWAWS_ACCT_ADMIN_ARN`. JSON conf file variable: `account-admin-arn`. */ accountAdminArn?: pulumi.Input<string>; /** * The ARN allowing firewall, rulestack, and global rulestack admin permissions. Global rulestack admin permissions can be enabled only if the AWS account is onboarded by AWS Firewall Manager. Use 'lfa_arn' and 'lra_arn' if you want to enable only firewall and rulestack admin permissions. Environment variable: `CLOUDNGFWAWS_ARN`. JSON conf file variable: `arn`. */ arn?: pulumi.Input<string>; /** * The ARN allowing global rulestack admin permissions. Global rulestack admin permissions can be enabled only if the AWS account is onboarded by AWS Firewall Manager. 'gra_arn' is preferentially used over the `arn` param if both are specified. Environment variable: `CLOUDNGFWAWS_GRA_ARN`. JSON conf file variable: `gra-arn`. */ graArn?: pulumi.Input<string>; /** * Additional HTTP headers to send with API calls. Environment variable: `CLOUDNGFWAWS_HEADERS`. JSON conf file variable: `headers`. */ headers?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * The hostname of the API (default: `api.us-east-1.aws.cloudngfw.paloaltonetworks.com`). Environment variable: `CLOUDNGFWAWS_HOST`. JSON conf file variable: `host`. */ host?: pulumi.Input<string>; /** * Retrieve provider configuration from this JSON file. */ jsonConfigFile?: pulumi.Input<string>; /** * The ARN allowing firewall admin permissions. This is preferentially used over the `arn` param if both are specified. Environment variable: `CLOUDNGFWAWS_LFA_ARN`. JSON conf file variable: `lfa-arn`. */ lfaArn?: pulumi.Input<string>; /** * The logging options for the provider. Environment variable: `CLOUDNGFWAWS_LOGGING`. JSON conf file variable: `logging`. */ loggings?: pulumi.Input<pulumi.Input<string>[]>; /** * The ARN allowing rulestack admin permissions. This is preferentially used over the `arn` param if both are specified. Environment variable: `CLOUDNGFWAWS_LRA_ARN`. JSON conf file variable: `lra-arn`. */ lraArn?: pulumi.Input<string>; /** * AWS management plane region. Environment variable: `CLOUDNGFWAWS_MP_REGION`. JSON conf file variable: `mpRegion`. */ mpRegion?: pulumi.Input<string>; /** * AWS management plane MP region host Environment variable: `CLOUDNGFWAWS_MP_REGION_HOST`. JSON conf file variable: `mpRegionHost`. */ mpRegionHost?: pulumi.Input<string>; /** * (Used for the initial `sts assume role`) AWS PROFILE. Environment variable: `CLOUDNGFWAWS_PROFILE`. JSON conf file variable: `profile`. */ profile?: pulumi.Input<string>; /** * The protocol (defaults to `https`). Environment variable: `CLOUDNGFWAWS_PROTOCOL`. JSON conf file variable: `protocol`. Valid values are `https` or `http`. */ protocol?: pulumi.Input<string>; /** * AWS region. Environment variable: `CLOUDNGFWAWS_REGION`. JSON conf file variable: `region`. */ region?: pulumi.Input<string>; /** * (Used for the initial `sts assume role`) AWS secret key. Environment variable: `CLOUDNGFWAWS_SECRET_KEY`. JSON conf file variable: `secret-key`. */ secretKey?: pulumi.Input<string>; /** * Skip verifying the SSL certificate. Environment variable: `CLOUDNGFWAWS_SKIP_VERIFY_CERTIFICATE`. JSON conf file variable: `skip-verify-certificate`. */ skipVerifyCertificate?: pulumi.Input<boolean>; /** * Enable synchronous mode while creating resources Environment variable: `CLOUDNGFWAWS_SYNC_MODE`. JSON conf file variable: `syncMode`. */ syncMode?: pulumi.Input<boolean>; /** * The timeout for any single API call (default: `30`). Environment variable: `CLOUDNGFWAWS_TIMEOUT`. JSON conf file variable: `timeout`. */ timeout?: pulumi.Input<number>; /** * The hostname of the V2 API (default: `api.us-east-1.aws.cloudngfw.paloaltonetworks.com`). Environment variable: `CLOUDNGFWAWS_V2_HOST`. JSON conf file variable: `v2Host`. */ v2Host?: pulumi.Input<string>; } export declare namespace Provider { /** * The results of the Provider.terraformConfig method. */ interface TerraformConfigResult { readonly result: { [key: string]: any; }; } }