@pulumi/f5bigip

import * as pulumi from "@pulumi/pulumi"; /** * `f5bigip.IpsecPolicy` Manage IPSec policies on a BIG-IP * * Resources should be named with their "full path". The full path is the combination of the partition + name (example: /Common/test-policy) * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as f5bigip from "@pulumi/f5bigip"; * * const test_policy = new f5bigip.IpsecPolicy("test-policy", { * name: "/Common/test-policy", * description: "created by terraform provider", * protocol: "esp", * mode: "tunnel", * tunnelLocalAddress: "192.168.1.1", * tunnelRemoteAddress: "10.10.1.1", * authAlgorithm: "sha1", * encryptAlgorithm: "3des", * lifetime: 3, * ipcomp: "deflate", * }); * ``` */ export declare class IpsecPolicy extends pulumi.CustomResource { /** * Get an existing IpsecPolicy resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IpsecPolicyState, opts?: pulumi.CustomResourceOptions): IpsecPolicy; /** * Returns true if the given object is an instance of IpsecPolicy. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is IpsecPolicy; /** * Specifies the algorithm to use for IKE authentication. Valid choices are: `sha1, sha256, sha384, sha512, aes-gcm128, * aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256` */ readonly authAlgorithm: pulumi.Output<string>; /** * Description of the IPSec policy. */ readonly description: pulumi.Output<string>; /** * Specifies the algorithm to use for IKE encryption. Valid choices are: `null, 3des, aes128, aes192, aes256, aes-gmac256, * aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128` */ readonly encryptAlgorithm: pulumi.Output<string>; /** * Specifies whether to use IPComp encapsulation. Valid choices are: `none", null", deflate` */ readonly ipcomp: pulumi.Output<string>; /** * Specifies the length of time before the IKE security association expires, in kilobytes. */ readonly kbLifetime: pulumi.Output<number>; /** * Specifies the length of time before the IKE security association expires, in minutes. */ readonly lifetime: pulumi.Output<number>; /** * Specifies the processing mode. Valid choices are: `transport, interface, isession, tunnel` */ readonly mode: pulumi.Output<string>; /** * Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example `/Common/test-policy`) */ readonly name: pulumi.Output<string>; /** * Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: `none, modp768, modp1024, modp1536, modp2048, modp3072, * modp4096, modp6144, modp8192` */ readonly perfectForwardSecrecy: pulumi.Output<string>; /** * Specifies the IPsec protocol. Valid choices are: `ah, esp` */ readonly protocol: pulumi.Output<string>; /** * Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel. */ readonly tunnelLocalAddress: pulumi.Output<string>; /** * Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel. */ readonly tunnelRemoteAddress: pulumi.Output<string>; /** * Create a IpsecPolicy resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: IpsecPolicyArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering IpsecPolicy resources. */ export interface IpsecPolicyState { /** * Specifies the algorithm to use for IKE authentication. Valid choices are: `sha1, sha256, sha384, sha512, aes-gcm128, * aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256` */ authAlgorithm?: pulumi.Input<string>; /** * Description of the IPSec policy. */ description?: pulumi.Input<string>; /** * Specifies the algorithm to use for IKE encryption. Valid choices are: `null, 3des, aes128, aes192, aes256, aes-gmac256, * aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128` */ encryptAlgorithm?: pulumi.Input<string>; /** * Specifies whether to use IPComp encapsulation. Valid choices are: `none", null", deflate` */ ipcomp?: pulumi.Input<string>; /** * Specifies the length of time before the IKE security association expires, in kilobytes. */ kbLifetime?: pulumi.Input<number>; /** * Specifies the length of time before the IKE security association expires, in minutes. */ lifetime?: pulumi.Input<number>; /** * Specifies the processing mode. Valid choices are: `transport, interface, isession, tunnel` */ mode?: pulumi.Input<string>; /** * Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example `/Common/test-policy`) */ name?: pulumi.Input<string>; /** * Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: `none, modp768, modp1024, modp1536, modp2048, modp3072, * modp4096, modp6144, modp8192` */ perfectForwardSecrecy?: pulumi.Input<string>; /** * Specifies the IPsec protocol. Valid choices are: `ah, esp` */ protocol?: pulumi.Input<string>; /** * Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel. */ tunnelLocalAddress?: pulumi.Input<string>; /** * Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel. */ tunnelRemoteAddress?: pulumi.Input<string>; } /** * The set of arguments for constructing a IpsecPolicy resource. */ export interface IpsecPolicyArgs { /** * Specifies the algorithm to use for IKE authentication. Valid choices are: `sha1, sha256, sha384, sha512, aes-gcm128, * aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256` */ authAlgorithm?: pulumi.Input<string>; /** * Description of the IPSec policy. */ description?: pulumi.Input<string>; /** * Specifies the algorithm to use for IKE encryption. Valid choices are: `null, 3des, aes128, aes192, aes256, aes-gmac256, * aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128` */ encryptAlgorithm?: pulumi.Input<string>; /** * Specifies whether to use IPComp encapsulation. Valid choices are: `none", null", deflate` */ ipcomp?: pulumi.Input<string>; /** * Specifies the length of time before the IKE security association expires, in kilobytes. */ kbLifetime?: pulumi.Input<number>; /** * Specifies the length of time before the IKE security association expires, in minutes. */ lifetime?: pulumi.Input<number>; /** * Specifies the processing mode. Valid choices are: `transport, interface, isession, tunnel` */ mode?: pulumi.Input<string>; /** * Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example `/Common/test-policy`) */ name: pulumi.Input<string>; /** * Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: `none, modp768, modp1024, modp1536, modp2048, modp3072, * modp4096, modp6144, modp8192` */ perfectForwardSecrecy?: pulumi.Input<string>; /** * Specifies the IPsec protocol. Valid choices are: `ah, esp` */ protocol?: pulumi.Input<string>; /** * Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel. */ tunnelLocalAddress?: pulumi.Input<string>; /** * Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel. */ tunnelRemoteAddress?: pulumi.Input<string>; }