@pulumi/ise
Version:
A Pulumi package for managing resources on a Cisco ISE (Identity Service Engine) instance.. Based on terraform-provider-ise: version v0.2.1
1,075 lines (1,074 loc) • 36.8 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
/**
* This resource can manage an allowed protocols policy element.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as ise from "@pulumi/ise";
*
* const example = new ise.networkaccess.AllowedProtocols("example", {
* name: "Protocols1",
* description: "My allowed protocols",
* processHostLookup: true,
* allowPapAscii: true,
* allowChap: true,
* allowMsChapV1: true,
* allowMsChapV2: true,
* allowEapMd5: true,
* allowLeap: true,
* allowEapTls: true,
* allowEapTtls: true,
* allowEapFast: true,
* allowPeap: true,
* allowTeap: true,
* allowPreferredEapProtocol: true,
* preferredEapProtocol: "LEAP",
* eapTlsLBit: true,
* allowWeakCiphersForEap: true,
* requireMessageAuth: true,
* eapTlsAllowAuthOfExpiredCerts: true,
* eapTlsEnableStatelessSessionResume: true,
* eapTlsSessionTicketTtl: 5,
* eapTlsSessionTicketTtlUnit: "DAYS",
* eapTlsSessionTicketPercentage: 5,
* peapAllowPeapEapMsChapV2: true,
* peapAllowPeapEapMsChapV2PwdChange: true,
* peapAllowPeapEapMsChapV2PwdChangeRetries: 3,
* peapAllowPeapEapGtc: true,
* peapAllowPeapEapGtcPwdChange: true,
* peapAllowPeapEapGtcPwdChangeRetries: 3,
* peapAllowPeapEapTls: true,
* peapAllowPeapEapTlsAuthOfExpiredCerts: true,
* requireCryptobinding: true,
* peapPeapV0: true,
* eapTtlsPapAscii: true,
* eapTtlsChap: true,
* eapTtlsMsChapV1: true,
* eapTtlsMsChapV2: true,
* eapTtlsEapMd5: true,
* eapTtlsEapMsChapV2: true,
* eapTtlsEapMsChapV2PwdChange: true,
* eapTtlsEapMsChapV2PwdChangeRetries: 3,
* eapFastEapMsChapV2: true,
* eapFastEapMsChapV2PwdChange: true,
* eapFastEapMsChapV2PwdChangeRetries: 3,
* eapFastEapGtc: true,
* eapFastEapGtcPwdChange: true,
* eapFastEapGtcPwdChangeRetries: 3,
* eapFastEapTls: true,
* eapFastEapTlsAuthOfExpiredCerts: true,
* eapFastEnableEapChaining: true,
* eapFastUsePacs: true,
* eapFastPacsTunnelPacTtl: 5,
* eapFastPacsTunnelPacTtlUnit: "DAYS",
* eapFastPacsUseProactivePacUpdatePercentage: 5,
* eapFastPacsAllowAnonymousProvisioning: true,
* eapFastPacsAllowAuthenticatedProvisioning: true,
* eapFastPacsServerReturns: true,
* eapFastPacsAllowClientCert: true,
* eapFastPacsAllowMachineAuthentication: true,
* eapFastPacsMachinePacTtl: 5,
* eapFastPacsMachinePacTtlUnit: "DAYS",
* eapFastPacsStatelessSessionResume: true,
* eapFastPacsAuthorizationPacTtl: 5,
* eapFastPacsAuthorizationPacTtlUnit: "HOURS",
* teapEapMsChapV2: true,
* teapEapMsChapV2PwdChange: true,
* teapEapMsChapV2PwdChangeRetries: 3,
* teapEapTls: true,
* teapEapTlsAuthOfExpiredCerts: true,
* teapEapAcceptClientCertDuringTunnelEst: true,
* teapEapChaining: true,
* teapDowngradeMsk: true,
* teapRequestBasicPwdAuth: true,
* allow5g: true,
* });
* ```
*
* ## Import
*
* The `pulumi import` command can be used, for example:
*
* ```sh
* $ pulumi import ise:networkaccess/allowedProtocols:AllowedProtocols example "76d24097-41c4-4558-a4d0-a8c07ac08470"
* ```
*/
export declare class AllowedProtocols extends pulumi.CustomResource {
/**
* Get an existing AllowedProtocols resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AllowedProtocolsState, opts?: pulumi.CustomResourceOptions): AllowedProtocols;
/**
* Returns true if the given object is an instance of AllowedProtocols. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is AllowedProtocols;
/**
* Allow 5G. This field is only supported from ISE 3.2.
*/
readonly allow5g: pulumi.Output<boolean | undefined>;
/**
* Allow CHAP
*/
readonly allowChap: pulumi.Output<boolean>;
/**
* Allow EAP Fast
*/
readonly allowEapFast: pulumi.Output<boolean>;
/**
* Allow EAP MD5
*/
readonly allowEapMd5: pulumi.Output<boolean>;
/**
* Allow EAP TLS
*/
readonly allowEapTls: pulumi.Output<boolean>;
/**
* Allow EAP TTLS
*/
readonly allowEapTtls: pulumi.Output<boolean>;
/**
* Allow LEAP
*/
readonly allowLeap: pulumi.Output<boolean>;
/**
* Allow MS CHAP v1
*/
readonly allowMsChapV1: pulumi.Output<boolean>;
/**
* Allow MS CHAP v2
*/
readonly allowMsChapV2: pulumi.Output<boolean>;
/**
* Allow PAP ASCII
*/
readonly allowPapAscii: pulumi.Output<boolean>;
/**
* Allow PEAP
*/
readonly allowPeap: pulumi.Output<boolean>;
/**
* Allow preferred EAP protocol
*/
readonly allowPreferredEapProtocol: pulumi.Output<boolean>;
/**
* Allow TEAP
*/
readonly allowTeap: pulumi.Output<boolean>;
/**
* Allow weak ciphers for EAP
*/
readonly allowWeakCiphersForEap: pulumi.Output<boolean>;
/**
* Description
*/
readonly description: pulumi.Output<string | undefined>;
/**
* Accept client certificates. Is required only if `eapFastUsePacs` is `false`.
*/
readonly eapFastAcceptClientCert: pulumi.Output<boolean | undefined>;
/**
* Allow machine authentication. Is required only if `eapFastUsePacs` is `false`.
*/
readonly eapFastAllowMachineAuthentication: pulumi.Output<boolean | undefined>;
/**
* Allow EAP GTC
*/
readonly eapFastEapGtc: pulumi.Output<boolean | undefined>;
/**
* Allow EAP GTC password change. Is required only if `eapFastEapGtc` is `true`.
*/
readonly eapFastEapGtcPwdChange: pulumi.Output<boolean | undefined>;
/**
* EAP GTC password change retries. Is required only if `eapFastEapGtc` is `true`. - Range: `0`-`3`
*/
readonly eapFastEapGtcPwdChangeRetries: pulumi.Output<number | undefined>;
/**
* Allow EAP MS CHAP v2
*/
readonly eapFastEapMsChapV2: pulumi.Output<boolean | undefined>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `eapFastEapMsChapV2` is `true`.
*/
readonly eapFastEapMsChapV2PwdChange: pulumi.Output<boolean | undefined>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `eapFastEapMsChapV2` is `true`. - Range: `0`-`3`
*/
readonly eapFastEapMsChapV2PwdChangeRetries: pulumi.Output<number | undefined>;
/**
* Allow EAP TLS
*/
readonly eapFastEapTls: pulumi.Output<boolean | undefined>;
/**
* Allow EAP TLS authentication of expired certificates. Is required only if `eapFastEapTls` is `true`.
*/
readonly eapFastEapTlsAuthOfExpiredCerts: pulumi.Output<boolean | undefined>;
/**
* Enable EAP chaining
*/
readonly eapFastEnableEapChaining: pulumi.Output<boolean | undefined>;
/**
* Allow anonymous provisioning. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsAllowAnonymousProvisioning: pulumi.Output<boolean | undefined>;
/**
* Allow authenticated provisioning. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsAllowAuthenticatedProvisioning: pulumi.Output<boolean | undefined>;
/**
* Accept client certification for provisioning. Is required only if `eapFastPacsAllowAuthenticatedProvisioning` is `true`.
*/
readonly eapFastPacsAllowClientCert: pulumi.Output<boolean | undefined>;
/**
* Allow machine authentication. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsAllowMachineAuthentication: pulumi.Output<boolean | undefined>;
/**
* Authorization PAC TTL. Is required only if `eapFastPacsStatelessSessionResume` is `true`.
*/
readonly eapFastPacsAuthorizationPacTtl: pulumi.Output<number | undefined>;
/**
* Authorization PAC TTL unit. Is required only if `eapFastPacsStatelessSessionResume` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
readonly eapFastPacsAuthorizationPacTtlUnit: pulumi.Output<string | undefined>;
/**
* Machine PAC TTL. Is required only if `eapFastPacsAllowMachineAuthentication` is `true`.
*/
readonly eapFastPacsMachinePacTtl: pulumi.Output<number | undefined>;
/**
* Machine PAC TTL unit. Is required only if `eapFastPacsAllowMachineAuthentication` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
readonly eapFastPacsMachinePacTtlUnit: pulumi.Output<string | undefined>;
/**
* Server returns access accept after authenticated provisioning. Is required only if
* `eapFastPacsAllowAuthenticatedProvisioning` is `true`.
*/
readonly eapFastPacsServerReturns: pulumi.Output<boolean | undefined>;
/**
* Stateless session resume. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsStatelessSessionResume: pulumi.Output<boolean | undefined>;
/**
* PACs tunnel PAC time to live. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsTunnelPacTtl: pulumi.Output<number | undefined>;
/**
* PACs tunnel PAC time to live unit. Is required only if `eapFastUsePacs` is `true`. - Choices: `SECONDS`, `MINUTES`,
* `HOURS`, `DAYS`, `WEEKS`
*/
readonly eapFastPacsTunnelPacTtlUnit: pulumi.Output<string | undefined>;
/**
* Use proactive pac update percentage. Is required only if `eapFastUsePacs` is `true`. - Range: `1`-`100`
*/
readonly eapFastPacsUseProactivePacUpdatePercentage: pulumi.Output<number | undefined>;
/**
* Use PACs
*/
readonly eapFastUsePacs: pulumi.Output<boolean | undefined>;
/**
* Allow authentication of expired certificates
*/
readonly eapTlsAllowAuthOfExpiredCerts: pulumi.Output<boolean | undefined>;
/**
* Enable stateless session resume
*/
readonly eapTlsEnableStatelessSessionResume: pulumi.Output<boolean | undefined>;
/**
* EAP TLS L-Bit
*/
readonly eapTlsLBit: pulumi.Output<boolean>;
/**
* Session ticket percentage. Is required only if `eapTlsEnableStatelessSessionResume` is `true`. - Range: `1`-`100`
*/
readonly eapTlsSessionTicketPercentage: pulumi.Output<number | undefined>;
/**
* Session ticket TTL. Is required only if `eapTlsEnableStatelessSessionResume` is `true`.
*/
readonly eapTlsSessionTicketTtl: pulumi.Output<number | undefined>;
/**
* Session ticket TTL unit. Is required only if `eapTlsEnableStatelessSessionResume` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
readonly eapTlsSessionTicketTtlUnit: pulumi.Output<string | undefined>;
/**
* Allow CHAP
*/
readonly eapTtlsChap: pulumi.Output<boolean | undefined>;
/**
* Allow EAP MD5
*/
readonly eapTtlsEapMd5: pulumi.Output<boolean | undefined>;
/**
* Allow EAP MS CHAP v2
*/
readonly eapTtlsEapMsChapV2: pulumi.Output<boolean | undefined>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `eapTtlsEapMsChapV2` is `true`.
*/
readonly eapTtlsEapMsChapV2PwdChange: pulumi.Output<boolean | undefined>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `eapTtlsEapMsChapV2` is `true`. - Range: `0`-`3`
*/
readonly eapTtlsEapMsChapV2PwdChangeRetries: pulumi.Output<number | undefined>;
/**
* Allow MS CHAP v1
*/
readonly eapTtlsMsChapV1: pulumi.Output<boolean | undefined>;
/**
* Allow MS CHAP v2
*/
readonly eapTtlsMsChapV2: pulumi.Output<boolean | undefined>;
/**
* Allow PAP ASCII
*/
readonly eapTtlsPapAscii: pulumi.Output<boolean | undefined>;
/**
* The name of the allowed protocols
*/
readonly name: pulumi.Output<string>;
/**
* Allow PEAP EAP GTC
*/
readonly peapAllowPeapEapGtc: pulumi.Output<boolean | undefined>;
/**
* Allow PEAP EAP GTC password change. Is required only if `allowPeapEapGtc` is `true`.
*/
readonly peapAllowPeapEapGtcPwdChange: pulumi.Output<boolean | undefined>;
/**
* PEAP EAP GTC password change retries. Is required only if `allowPeapEapGtc` is `true`. - Range: `0`-`3`
*/
readonly peapAllowPeapEapGtcPwdChangeRetries: pulumi.Output<number | undefined>;
/**
* Allow PEAP EAP MS CHAP v2
*/
readonly peapAllowPeapEapMsChapV2: pulumi.Output<boolean | undefined>;
/**
* Allow PEAP EAP MS CHAP v2 password change. Is required only if `allowPeapEapMsChapV2` is `true`.
*/
readonly peapAllowPeapEapMsChapV2PwdChange: pulumi.Output<boolean | undefined>;
/**
* Allow PEAP EAP MS CHAP v2 password change retries. Is required only if `allowPeapEapMsChapV2` is `true`. - Range:
* `0`-`3`
*/
readonly peapAllowPeapEapMsChapV2PwdChangeRetries: pulumi.Output<number | undefined>;
/**
* Allow PEAP EAP TLS
*/
readonly peapAllowPeapEapTls: pulumi.Output<boolean | undefined>;
/**
* Allow PEAP EAP TLS authentication of expired certificates. Is required only if `peapAllowPeapEapTls` is `true`.
*/
readonly peapAllowPeapEapTlsAuthOfExpiredCerts: pulumi.Output<boolean | undefined>;
/**
* Allow PEAP v0
*/
readonly peapPeapV0: pulumi.Output<boolean | undefined>;
/**
* Preferred EAP protocol - Choices: `EAP_FAST`, `PEAP`, `LEAP`, `EAP_MD5`, `EAP_TLS`, `EAP_TTLS`, `TEAP`
*/
readonly preferredEapProtocol: pulumi.Output<string | undefined>;
/**
* Process host lookup
*/
readonly processHostLookup: pulumi.Output<boolean>;
/**
* Require cryptobinding
*/
readonly requireCryptobinding: pulumi.Output<boolean | undefined>;
/**
* Require message authentication
*/
readonly requireMessageAuth: pulumi.Output<boolean>;
/**
* Allow downgrade to MSK
*/
readonly teapDowngradeMsk: pulumi.Output<boolean | undefined>;
/**
* Accept client certificate during tunnel establishment
*/
readonly teapEapAcceptClientCertDuringTunnelEst: pulumi.Output<boolean | undefined>;
/**
* Allow EAP chaining
*/
readonly teapEapChaining: pulumi.Output<boolean | undefined>;
/**
* Allow EAP MS CHAP v2
*/
readonly teapEapMsChapV2: pulumi.Output<boolean | undefined>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `teapEapMsChapV2` is `true`.
*/
readonly teapEapMsChapV2PwdChange: pulumi.Output<boolean | undefined>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `teapEapMsChapV2` is `true`. - Range: `0`-`3`
*/
readonly teapEapMsChapV2PwdChangeRetries: pulumi.Output<number | undefined>;
/**
* Allow EAP TLS
*/
readonly teapEapTls: pulumi.Output<boolean | undefined>;
/**
* Allow EAP TLS authentication of expired certs. Is required only if `teapEapTls` is `true`.
*/
readonly teapEapTlsAuthOfExpiredCerts: pulumi.Output<boolean | undefined>;
/**
* Request basic password authentication
*/
readonly teapRequestBasicPwdAuth: pulumi.Output<boolean | undefined>;
/**
* Create a AllowedProtocols resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: AllowedProtocolsArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering AllowedProtocols resources.
*/
export interface AllowedProtocolsState {
/**
* Allow 5G. This field is only supported from ISE 3.2.
*/
allow5g?: pulumi.Input<boolean>;
/**
* Allow CHAP
*/
allowChap?: pulumi.Input<boolean>;
/**
* Allow EAP Fast
*/
allowEapFast?: pulumi.Input<boolean>;
/**
* Allow EAP MD5
*/
allowEapMd5?: pulumi.Input<boolean>;
/**
* Allow EAP TLS
*/
allowEapTls?: pulumi.Input<boolean>;
/**
* Allow EAP TTLS
*/
allowEapTtls?: pulumi.Input<boolean>;
/**
* Allow LEAP
*/
allowLeap?: pulumi.Input<boolean>;
/**
* Allow MS CHAP v1
*/
allowMsChapV1?: pulumi.Input<boolean>;
/**
* Allow MS CHAP v2
*/
allowMsChapV2?: pulumi.Input<boolean>;
/**
* Allow PAP ASCII
*/
allowPapAscii?: pulumi.Input<boolean>;
/**
* Allow PEAP
*/
allowPeap?: pulumi.Input<boolean>;
/**
* Allow preferred EAP protocol
*/
allowPreferredEapProtocol?: pulumi.Input<boolean>;
/**
* Allow TEAP
*/
allowTeap?: pulumi.Input<boolean>;
/**
* Allow weak ciphers for EAP
*/
allowWeakCiphersForEap?: pulumi.Input<boolean>;
/**
* Description
*/
description?: pulumi.Input<string>;
/**
* Accept client certificates. Is required only if `eapFastUsePacs` is `false`.
*/
eapFastAcceptClientCert?: pulumi.Input<boolean>;
/**
* Allow machine authentication. Is required only if `eapFastUsePacs` is `false`.
*/
eapFastAllowMachineAuthentication?: pulumi.Input<boolean>;
/**
* Allow EAP GTC
*/
eapFastEapGtc?: pulumi.Input<boolean>;
/**
* Allow EAP GTC password change. Is required only if `eapFastEapGtc` is `true`.
*/
eapFastEapGtcPwdChange?: pulumi.Input<boolean>;
/**
* EAP GTC password change retries. Is required only if `eapFastEapGtc` is `true`. - Range: `0`-`3`
*/
eapFastEapGtcPwdChangeRetries?: pulumi.Input<number>;
/**
* Allow EAP MS CHAP v2
*/
eapFastEapMsChapV2?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `eapFastEapMsChapV2` is `true`.
*/
eapFastEapMsChapV2PwdChange?: pulumi.Input<boolean>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `eapFastEapMsChapV2` is `true`. - Range: `0`-`3`
*/
eapFastEapMsChapV2PwdChangeRetries?: pulumi.Input<number>;
/**
* Allow EAP TLS
*/
eapFastEapTls?: pulumi.Input<boolean>;
/**
* Allow EAP TLS authentication of expired certificates. Is required only if `eapFastEapTls` is `true`.
*/
eapFastEapTlsAuthOfExpiredCerts?: pulumi.Input<boolean>;
/**
* Enable EAP chaining
*/
eapFastEnableEapChaining?: pulumi.Input<boolean>;
/**
* Allow anonymous provisioning. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsAllowAnonymousProvisioning?: pulumi.Input<boolean>;
/**
* Allow authenticated provisioning. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsAllowAuthenticatedProvisioning?: pulumi.Input<boolean>;
/**
* Accept client certification for provisioning. Is required only if `eapFastPacsAllowAuthenticatedProvisioning` is `true`.
*/
eapFastPacsAllowClientCert?: pulumi.Input<boolean>;
/**
* Allow machine authentication. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsAllowMachineAuthentication?: pulumi.Input<boolean>;
/**
* Authorization PAC TTL. Is required only if `eapFastPacsStatelessSessionResume` is `true`.
*/
eapFastPacsAuthorizationPacTtl?: pulumi.Input<number>;
/**
* Authorization PAC TTL unit. Is required only if `eapFastPacsStatelessSessionResume` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
eapFastPacsAuthorizationPacTtlUnit?: pulumi.Input<string>;
/**
* Machine PAC TTL. Is required only if `eapFastPacsAllowMachineAuthentication` is `true`.
*/
eapFastPacsMachinePacTtl?: pulumi.Input<number>;
/**
* Machine PAC TTL unit. Is required only if `eapFastPacsAllowMachineAuthentication` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
eapFastPacsMachinePacTtlUnit?: pulumi.Input<string>;
/**
* Server returns access accept after authenticated provisioning. Is required only if
* `eapFastPacsAllowAuthenticatedProvisioning` is `true`.
*/
eapFastPacsServerReturns?: pulumi.Input<boolean>;
/**
* Stateless session resume. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsStatelessSessionResume?: pulumi.Input<boolean>;
/**
* PACs tunnel PAC time to live. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsTunnelPacTtl?: pulumi.Input<number>;
/**
* PACs tunnel PAC time to live unit. Is required only if `eapFastUsePacs` is `true`. - Choices: `SECONDS`, `MINUTES`,
* `HOURS`, `DAYS`, `WEEKS`
*/
eapFastPacsTunnelPacTtlUnit?: pulumi.Input<string>;
/**
* Use proactive pac update percentage. Is required only if `eapFastUsePacs` is `true`. - Range: `1`-`100`
*/
eapFastPacsUseProactivePacUpdatePercentage?: pulumi.Input<number>;
/**
* Use PACs
*/
eapFastUsePacs?: pulumi.Input<boolean>;
/**
* Allow authentication of expired certificates
*/
eapTlsAllowAuthOfExpiredCerts?: pulumi.Input<boolean>;
/**
* Enable stateless session resume
*/
eapTlsEnableStatelessSessionResume?: pulumi.Input<boolean>;
/**
* EAP TLS L-Bit
*/
eapTlsLBit?: pulumi.Input<boolean>;
/**
* Session ticket percentage. Is required only if `eapTlsEnableStatelessSessionResume` is `true`. - Range: `1`-`100`
*/
eapTlsSessionTicketPercentage?: pulumi.Input<number>;
/**
* Session ticket TTL. Is required only if `eapTlsEnableStatelessSessionResume` is `true`.
*/
eapTlsSessionTicketTtl?: pulumi.Input<number>;
/**
* Session ticket TTL unit. Is required only if `eapTlsEnableStatelessSessionResume` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
eapTlsSessionTicketTtlUnit?: pulumi.Input<string>;
/**
* Allow CHAP
*/
eapTtlsChap?: pulumi.Input<boolean>;
/**
* Allow EAP MD5
*/
eapTtlsEapMd5?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2
*/
eapTtlsEapMsChapV2?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `eapTtlsEapMsChapV2` is `true`.
*/
eapTtlsEapMsChapV2PwdChange?: pulumi.Input<boolean>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `eapTtlsEapMsChapV2` is `true`. - Range: `0`-`3`
*/
eapTtlsEapMsChapV2PwdChangeRetries?: pulumi.Input<number>;
/**
* Allow MS CHAP v1
*/
eapTtlsMsChapV1?: pulumi.Input<boolean>;
/**
* Allow MS CHAP v2
*/
eapTtlsMsChapV2?: pulumi.Input<boolean>;
/**
* Allow PAP ASCII
*/
eapTtlsPapAscii?: pulumi.Input<boolean>;
/**
* The name of the allowed protocols
*/
name?: pulumi.Input<string>;
/**
* Allow PEAP EAP GTC
*/
peapAllowPeapEapGtc?: pulumi.Input<boolean>;
/**
* Allow PEAP EAP GTC password change. Is required only if `allowPeapEapGtc` is `true`.
*/
peapAllowPeapEapGtcPwdChange?: pulumi.Input<boolean>;
/**
* PEAP EAP GTC password change retries. Is required only if `allowPeapEapGtc` is `true`. - Range: `0`-`3`
*/
peapAllowPeapEapGtcPwdChangeRetries?: pulumi.Input<number>;
/**
* Allow PEAP EAP MS CHAP v2
*/
peapAllowPeapEapMsChapV2?: pulumi.Input<boolean>;
/**
* Allow PEAP EAP MS CHAP v2 password change. Is required only if `allowPeapEapMsChapV2` is `true`.
*/
peapAllowPeapEapMsChapV2PwdChange?: pulumi.Input<boolean>;
/**
* Allow PEAP EAP MS CHAP v2 password change retries. Is required only if `allowPeapEapMsChapV2` is `true`. - Range:
* `0`-`3`
*/
peapAllowPeapEapMsChapV2PwdChangeRetries?: pulumi.Input<number>;
/**
* Allow PEAP EAP TLS
*/
peapAllowPeapEapTls?: pulumi.Input<boolean>;
/**
* Allow PEAP EAP TLS authentication of expired certificates. Is required only if `peapAllowPeapEapTls` is `true`.
*/
peapAllowPeapEapTlsAuthOfExpiredCerts?: pulumi.Input<boolean>;
/**
* Allow PEAP v0
*/
peapPeapV0?: pulumi.Input<boolean>;
/**
* Preferred EAP protocol - Choices: `EAP_FAST`, `PEAP`, `LEAP`, `EAP_MD5`, `EAP_TLS`, `EAP_TTLS`, `TEAP`
*/
preferredEapProtocol?: pulumi.Input<string>;
/**
* Process host lookup
*/
processHostLookup?: pulumi.Input<boolean>;
/**
* Require cryptobinding
*/
requireCryptobinding?: pulumi.Input<boolean>;
/**
* Require message authentication
*/
requireMessageAuth?: pulumi.Input<boolean>;
/**
* Allow downgrade to MSK
*/
teapDowngradeMsk?: pulumi.Input<boolean>;
/**
* Accept client certificate during tunnel establishment
*/
teapEapAcceptClientCertDuringTunnelEst?: pulumi.Input<boolean>;
/**
* Allow EAP chaining
*/
teapEapChaining?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2
*/
teapEapMsChapV2?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `teapEapMsChapV2` is `true`.
*/
teapEapMsChapV2PwdChange?: pulumi.Input<boolean>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `teapEapMsChapV2` is `true`. - Range: `0`-`3`
*/
teapEapMsChapV2PwdChangeRetries?: pulumi.Input<number>;
/**
* Allow EAP TLS
*/
teapEapTls?: pulumi.Input<boolean>;
/**
* Allow EAP TLS authentication of expired certs. Is required only if `teapEapTls` is `true`.
*/
teapEapTlsAuthOfExpiredCerts?: pulumi.Input<boolean>;
/**
* Request basic password authentication
*/
teapRequestBasicPwdAuth?: pulumi.Input<boolean>;
}
/**
* The set of arguments for constructing a AllowedProtocols resource.
*/
export interface AllowedProtocolsArgs {
/**
* Allow 5G. This field is only supported from ISE 3.2.
*/
allow5g?: pulumi.Input<boolean>;
/**
* Allow CHAP
*/
allowChap: pulumi.Input<boolean>;
/**
* Allow EAP Fast
*/
allowEapFast: pulumi.Input<boolean>;
/**
* Allow EAP MD5
*/
allowEapMd5: pulumi.Input<boolean>;
/**
* Allow EAP TLS
*/
allowEapTls: pulumi.Input<boolean>;
/**
* Allow EAP TTLS
*/
allowEapTtls: pulumi.Input<boolean>;
/**
* Allow LEAP
*/
allowLeap: pulumi.Input<boolean>;
/**
* Allow MS CHAP v1
*/
allowMsChapV1: pulumi.Input<boolean>;
/**
* Allow MS CHAP v2
*/
allowMsChapV2: pulumi.Input<boolean>;
/**
* Allow PAP ASCII
*/
allowPapAscii: pulumi.Input<boolean>;
/**
* Allow PEAP
*/
allowPeap: pulumi.Input<boolean>;
/**
* Allow preferred EAP protocol
*/
allowPreferredEapProtocol: pulumi.Input<boolean>;
/**
* Allow TEAP
*/
allowTeap: pulumi.Input<boolean>;
/**
* Allow weak ciphers for EAP
*/
allowWeakCiphersForEap: pulumi.Input<boolean>;
/**
* Description
*/
description?: pulumi.Input<string>;
/**
* Accept client certificates. Is required only if `eapFastUsePacs` is `false`.
*/
eapFastAcceptClientCert?: pulumi.Input<boolean>;
/**
* Allow machine authentication. Is required only if `eapFastUsePacs` is `false`.
*/
eapFastAllowMachineAuthentication?: pulumi.Input<boolean>;
/**
* Allow EAP GTC
*/
eapFastEapGtc?: pulumi.Input<boolean>;
/**
* Allow EAP GTC password change. Is required only if `eapFastEapGtc` is `true`.
*/
eapFastEapGtcPwdChange?: pulumi.Input<boolean>;
/**
* EAP GTC password change retries. Is required only if `eapFastEapGtc` is `true`. - Range: `0`-`3`
*/
eapFastEapGtcPwdChangeRetries?: pulumi.Input<number>;
/**
* Allow EAP MS CHAP v2
*/
eapFastEapMsChapV2?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `eapFastEapMsChapV2` is `true`.
*/
eapFastEapMsChapV2PwdChange?: pulumi.Input<boolean>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `eapFastEapMsChapV2` is `true`. - Range: `0`-`3`
*/
eapFastEapMsChapV2PwdChangeRetries?: pulumi.Input<number>;
/**
* Allow EAP TLS
*/
eapFastEapTls?: pulumi.Input<boolean>;
/**
* Allow EAP TLS authentication of expired certificates. Is required only if `eapFastEapTls` is `true`.
*/
eapFastEapTlsAuthOfExpiredCerts?: pulumi.Input<boolean>;
/**
* Enable EAP chaining
*/
eapFastEnableEapChaining?: pulumi.Input<boolean>;
/**
* Allow anonymous provisioning. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsAllowAnonymousProvisioning?: pulumi.Input<boolean>;
/**
* Allow authenticated provisioning. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsAllowAuthenticatedProvisioning?: pulumi.Input<boolean>;
/**
* Accept client certification for provisioning. Is required only if `eapFastPacsAllowAuthenticatedProvisioning` is `true`.
*/
eapFastPacsAllowClientCert?: pulumi.Input<boolean>;
/**
* Allow machine authentication. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsAllowMachineAuthentication?: pulumi.Input<boolean>;
/**
* Authorization PAC TTL. Is required only if `eapFastPacsStatelessSessionResume` is `true`.
*/
eapFastPacsAuthorizationPacTtl?: pulumi.Input<number>;
/**
* Authorization PAC TTL unit. Is required only if `eapFastPacsStatelessSessionResume` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
eapFastPacsAuthorizationPacTtlUnit?: pulumi.Input<string>;
/**
* Machine PAC TTL. Is required only if `eapFastPacsAllowMachineAuthentication` is `true`.
*/
eapFastPacsMachinePacTtl?: pulumi.Input<number>;
/**
* Machine PAC TTL unit. Is required only if `eapFastPacsAllowMachineAuthentication` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
eapFastPacsMachinePacTtlUnit?: pulumi.Input<string>;
/**
* Server returns access accept after authenticated provisioning. Is required only if
* `eapFastPacsAllowAuthenticatedProvisioning` is `true`.
*/
eapFastPacsServerReturns?: pulumi.Input<boolean>;
/**
* Stateless session resume. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsStatelessSessionResume?: pulumi.Input<boolean>;
/**
* PACs tunnel PAC time to live. Is required only if `eapFastUsePacs` is `true`.
*/
eapFastPacsTunnelPacTtl?: pulumi.Input<number>;
/**
* PACs tunnel PAC time to live unit. Is required only if `eapFastUsePacs` is `true`. - Choices: `SECONDS`, `MINUTES`,
* `HOURS`, `DAYS`, `WEEKS`
*/
eapFastPacsTunnelPacTtlUnit?: pulumi.Input<string>;
/**
* Use proactive pac update percentage. Is required only if `eapFastUsePacs` is `true`. - Range: `1`-`100`
*/
eapFastPacsUseProactivePacUpdatePercentage?: pulumi.Input<number>;
/**
* Use PACs
*/
eapFastUsePacs?: pulumi.Input<boolean>;
/**
* Allow authentication of expired certificates
*/
eapTlsAllowAuthOfExpiredCerts?: pulumi.Input<boolean>;
/**
* Enable stateless session resume
*/
eapTlsEnableStatelessSessionResume?: pulumi.Input<boolean>;
/**
* EAP TLS L-Bit
*/
eapTlsLBit: pulumi.Input<boolean>;
/**
* Session ticket percentage. Is required only if `eapTlsEnableStatelessSessionResume` is `true`. - Range: `1`-`100`
*/
eapTlsSessionTicketPercentage?: pulumi.Input<number>;
/**
* Session ticket TTL. Is required only if `eapTlsEnableStatelessSessionResume` is `true`.
*/
eapTlsSessionTicketTtl?: pulumi.Input<number>;
/**
* Session ticket TTL unit. Is required only if `eapTlsEnableStatelessSessionResume` is `true`. - Choices: `SECONDS`,
* `MINUTES`, `HOURS`, `DAYS`, `WEEKS`
*/
eapTlsSessionTicketTtlUnit?: pulumi.Input<string>;
/**
* Allow CHAP
*/
eapTtlsChap?: pulumi.Input<boolean>;
/**
* Allow EAP MD5
*/
eapTtlsEapMd5?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2
*/
eapTtlsEapMsChapV2?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `eapTtlsEapMsChapV2` is `true`.
*/
eapTtlsEapMsChapV2PwdChange?: pulumi.Input<boolean>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `eapTtlsEapMsChapV2` is `true`. - Range: `0`-`3`
*/
eapTtlsEapMsChapV2PwdChangeRetries?: pulumi.Input<number>;
/**
* Allow MS CHAP v1
*/
eapTtlsMsChapV1?: pulumi.Input<boolean>;
/**
* Allow MS CHAP v2
*/
eapTtlsMsChapV2?: pulumi.Input<boolean>;
/**
* Allow PAP ASCII
*/
eapTtlsPapAscii?: pulumi.Input<boolean>;
/**
* The name of the allowed protocols
*/
name?: pulumi.Input<string>;
/**
* Allow PEAP EAP GTC
*/
peapAllowPeapEapGtc?: pulumi.Input<boolean>;
/**
* Allow PEAP EAP GTC password change. Is required only if `allowPeapEapGtc` is `true`.
*/
peapAllowPeapEapGtcPwdChange?: pulumi.Input<boolean>;
/**
* PEAP EAP GTC password change retries. Is required only if `allowPeapEapGtc` is `true`. - Range: `0`-`3`
*/
peapAllowPeapEapGtcPwdChangeRetries?: pulumi.Input<number>;
/**
* Allow PEAP EAP MS CHAP v2
*/
peapAllowPeapEapMsChapV2?: pulumi.Input<boolean>;
/**
* Allow PEAP EAP MS CHAP v2 password change. Is required only if `allowPeapEapMsChapV2` is `true`.
*/
peapAllowPeapEapMsChapV2PwdChange?: pulumi.Input<boolean>;
/**
* Allow PEAP EAP MS CHAP v2 password change retries. Is required only if `allowPeapEapMsChapV2` is `true`. - Range:
* `0`-`3`
*/
peapAllowPeapEapMsChapV2PwdChangeRetries?: pulumi.Input<number>;
/**
* Allow PEAP EAP TLS
*/
peapAllowPeapEapTls?: pulumi.Input<boolean>;
/**
* Allow PEAP EAP TLS authentication of expired certificates. Is required only if `peapAllowPeapEapTls` is `true`.
*/
peapAllowPeapEapTlsAuthOfExpiredCerts?: pulumi.Input<boolean>;
/**
* Allow PEAP v0
*/
peapPeapV0?: pulumi.Input<boolean>;
/**
* Preferred EAP protocol - Choices: `EAP_FAST`, `PEAP`, `LEAP`, `EAP_MD5`, `EAP_TLS`, `EAP_TTLS`, `TEAP`
*/
preferredEapProtocol?: pulumi.Input<string>;
/**
* Process host lookup
*/
processHostLookup: pulumi.Input<boolean>;
/**
* Require cryptobinding
*/
requireCryptobinding?: pulumi.Input<boolean>;
/**
* Require message authentication
*/
requireMessageAuth: pulumi.Input<boolean>;
/**
* Allow downgrade to MSK
*/
teapDowngradeMsk?: pulumi.Input<boolean>;
/**
* Accept client certificate during tunnel establishment
*/
teapEapAcceptClientCertDuringTunnelEst?: pulumi.Input<boolean>;
/**
* Allow EAP chaining
*/
teapEapChaining?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2
*/
teapEapMsChapV2?: pulumi.Input<boolean>;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `teapEapMsChapV2` is `true`.
*/
teapEapMsChapV2PwdChange?: pulumi.Input<boolean>;
/**
* EAP MS CHAP v2 password change retries. Is required only if `teapEapMsChapV2` is `true`. - Range: `0`-`3`
*/
teapEapMsChapV2PwdChangeRetries?: pulumi.Input<number>;
/**
* Allow EAP TLS
*/
teapEapTls?: pulumi.Input<boolean>;
/**
* Allow EAP TLS authentication of expired certs. Is required only if `teapEapTls` is `true`.
*/
teapEapTlsAuthOfExpiredCerts?: pulumi.Input<boolean>;
/**
* Request basic password authentication
*/
teapRequestBasicPwdAuth?: pulumi.Input<boolean>;
}