@pulumi/ise
Version:
A Pulumi package for managing resources on a Cisco ISE (Identity Service Engine) instance.. Based on terraform-provider-ise: version v0.2.1
716 lines (715 loc) • 22.3 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* This resource can manage a Network Device.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as ise from "@pulumi/ise";
*
* const example = new ise.network.Device("example", {
* name: "Device1",
* description: "My device",
* authenticationEnableKeyWrap: true,
* authenticationEncryptionKey: "cisco123cisco123",
* authenticationEncryptionKeyFormat: "ASCII",
* authenticationMessageAuthenticatorCodeKey: "cisco123cisco1235678",
* authenticationNetworkProtocol: "RADIUS",
* authenticationRadiusSharedSecret: "cisco123",
* authenticationEnableMultiSecret: true,
* authenticationSecondRadiusSharedSecret: "cisco12345",
* authenticationDtlsRequired: true,
* coaPort: 12345,
* dtlsDnsName: "cisco.com",
* ips: [{
* ipaddress: "2.3.4.5",
* mask: "32",
* }],
* modelName: "Unknown",
* softwareVersion: "Unknown",
* profileName: "Cisco",
* snmpLinkTrapQuery: true,
* snmpMacTrapQuery: true,
* snmpPollingInterval: 1200,
* snmpVersion: "THREE",
* snmpUsername: "user123",
* snmpSecurityLevel: "PRIV",
* snmpAuthProtocol: "SHA2",
* snmpAuthPassword: "Cisco123",
* snmpPrivacyProtocol: "AES256",
* snmpPrivacyPassword: "Cisco12345",
* tacacsConnectModeOptions: "OFF",
* tacacsSharedSecret: "cisco123",
* trustsecDeviceId: "device123",
* trustsecDevicePassword: "cisco123",
* trustsecRestApiUsername: "user123",
* trustsecRestApiPassword: "Cisco123",
* trustsecEnableModePassword: "cisco123",
* trustsecExecModePassword: "cisco123",
* trustsecExecModeUsername: "user456",
* trustsecIncludeWhenDeployingSgtUpdates: true,
* trustsecDownloadEnvironmentDataEveryXSeconds: 1000,
* trustsecDownloadPeerAuthorizationPolicyEveryXSeconds: 1000,
* trustsecDownloadSgaclListsEveryXSeconds: 1000,
* trustsecOtherSgaDevicesToTrustThisDevice: true,
* trustsecReAuthenticationEveryXSeconds: 1000,
* trustsecSendConfigurationToDevice: true,
* trustsecSendConfigurationToDeviceUsing: "ENABLE_USING_COA",
* });
* ```
*
* ## Import
*
* The `pulumi import` command can be used, for example:
*
* ```sh
* $ pulumi import ise:network/device:Device example "76d24097-41c4-4558-a4d0-a8c07ac08470"
* ```
*/
export declare class Device extends pulumi.CustomResource {
/**
* Get an existing Device resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DeviceState, opts?: pulumi.CustomResourceOptions): Device;
/**
* Returns true if the given object is an instance of Device. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Device;
/**
* Enforce use of DTLS
*/
readonly authenticationDtlsRequired: pulumi.Output<boolean | undefined>;
/**
* Enable key wrap
*/
readonly authenticationEnableKeyWrap: pulumi.Output<boolean | undefined>;
/**
* Enable multiple RADIUS shared secrets
*/
readonly authenticationEnableMultiSecret: pulumi.Output<boolean | undefined>;
/**
* Encryption key
*/
readonly authenticationEncryptionKey: pulumi.Output<string | undefined>;
/**
* Key input format
* - Choices: `ASCII`, `HEXADECIMAL`
*/
readonly authenticationEncryptionKeyFormat: pulumi.Output<string | undefined>;
/**
* Message authenticator code key
*/
readonly authenticationMessageAuthenticatorCodeKey: pulumi.Output<string | undefined>;
/**
* Network protocol
* - Choices: `RADIUS`, `TACACS_PLUS`
*/
readonly authenticationNetworkProtocol: pulumi.Output<string | undefined>;
/**
* RADIUS shared secret
*/
readonly authenticationRadiusSharedSecret: pulumi.Output<string | undefined>;
/**
* Second RADIUS shared secret
*/
readonly authenticationSecondRadiusSharedSecret: pulumi.Output<string | undefined>;
/**
* CoA port
* - Default value: `1700`
*/
readonly coaPort: pulumi.Output<number>;
/**
* Description
*/
readonly description: pulumi.Output<string | undefined>;
/**
* This value is used to verify the client identity contained in the X.509 RADIUS/DTLS client certificate
*/
readonly dtlsDnsName: pulumi.Output<string | undefined>;
/**
* List of IP subnets
*/
readonly ips: pulumi.Output<outputs.network.DeviceIp[]>;
/**
* Model name
*/
readonly modelName: pulumi.Output<string | undefined>;
/**
* The name of the network device
*/
readonly name: pulumi.Output<string>;
/**
* List of network device groups, e.g. `Device Type#All Device Types#ACCESS`
*/
readonly networkDeviceGroups: pulumi.Output<string[] | undefined>;
/**
* Profile name
* - Default value: `Cisco`
*/
readonly profileName: pulumi.Output<string>;
/**
* SNMP authentication password. Required for snmp version 3 and securityLevel AUTH or PRIV.
*/
readonly snmpAuthPassword: pulumi.Output<string | undefined>;
/**
* SNMP authentication protocol. Required for snmp version 3 and securityLevel AUTH or PRIV.
* - Choices: `MD5`, `SHA`, `SHA2`
*/
readonly snmpAuthProtocol: pulumi.Output<string | undefined>;
/**
* SNMP link Trap Query
*/
readonly snmpLinkTrapQuery: pulumi.Output<boolean | undefined>;
/**
* SNMP MAC Trap Query
*/
readonly snmpMacTrapQuery: pulumi.Output<boolean | undefined>;
/**
* Originating Policy Services Node
*/
readonly snmpOriginatingPolicyServiceNode: pulumi.Output<string | undefined>;
/**
* SNMP Polling Interval in seconds
* - Range: `600`-`86400`
*/
readonly snmpPollingInterval: pulumi.Output<number | undefined>;
/**
* SNMP privacy password. Required for snmp version 3 and securityLevel PRIV
*/
readonly snmpPrivacyPassword: pulumi.Output<string | undefined>;
/**
* SNMP privacy protocol. Required for snmp version 3 and securityLevel PRIV.
* - Choices: `DES`, `AES128`, `AES192`, `AES256`, `3DES`
*/
readonly snmpPrivacyProtocol: pulumi.Output<string | undefined>;
/**
* SNMP RO Community
*/
readonly snmpRoCommunity: pulumi.Output<string | undefined>;
/**
* SNMP security level. Required for snmp version 3.
* - Choices: `NO_AUTH`, `AUTH`, `PRIV`
*/
readonly snmpSecurityLevel: pulumi.Output<string | undefined>;
/**
* SNMP username. Required for snmp version 3.
*/
readonly snmpUsername: pulumi.Output<string | undefined>;
/**
* SNMP version
* - Choices: `ONE`, `TWO_C`, `THREE`
*/
readonly snmpVersion: pulumi.Output<string | undefined>;
/**
* Software version
*/
readonly softwareVersion: pulumi.Output<string | undefined>;
/**
* Connect mode options
* - Choices: `OFF`, `ON_LEGACY`, `ON_DRAFT_COMPLIANT`
*/
readonly tacacsConnectModeOptions: pulumi.Output<string | undefined>;
/**
* Shared secret
*/
readonly tacacsSharedSecret: pulumi.Output<string | undefined>;
/**
* CoA source host
*/
readonly trustsecCoaSourceHost: pulumi.Output<string | undefined>;
/**
* TrustSec device ID
*/
readonly trustsecDeviceId: pulumi.Output<string | undefined>;
/**
* TrustSec device password
*/
readonly trustsecDevicePassword: pulumi.Output<string | undefined>;
/**
* Download environment data every X seconds
*/
readonly trustsecDownloadEnvironmentDataEveryXSeconds: pulumi.Output<number | undefined>;
/**
* Download peer authorization policy every X seconds
*/
readonly trustsecDownloadPeerAuthorizationPolicyEveryXSeconds: pulumi.Output<number | undefined>;
/**
* Download SGACL lists every X seconds
*/
readonly trustsecDownloadSgaclListsEveryXSeconds: pulumi.Output<number | undefined>;
/**
* Enable mode password
*/
readonly trustsecEnableModePassword: pulumi.Output<string | undefined>;
/**
* EXEC mode password
*/
readonly trustsecExecModePassword: pulumi.Output<string | undefined>;
/**
* EXEC mode username
*/
readonly trustsecExecModeUsername: pulumi.Output<string | undefined>;
/**
* Include this device when deploying Security Group Tag Mapping Updates
*/
readonly trustsecIncludeWhenDeployingSgtUpdates: pulumi.Output<boolean | undefined>;
/**
* Other TrustSec devices to trust this device
*/
readonly trustsecOtherSgaDevicesToTrustThisDevice: pulumi.Output<boolean | undefined>;
/**
* Re-authenticate every X seconds
*/
readonly trustsecReAuthenticationEveryXSeconds: pulumi.Output<number | undefined>;
/**
* REST API password
*/
readonly trustsecRestApiPassword: pulumi.Output<string | undefined>;
/**
* REST API username
*/
readonly trustsecRestApiUsername: pulumi.Output<string | undefined>;
/**
* Send configuration to device
*/
readonly trustsecSendConfigurationToDevice: pulumi.Output<boolean | undefined>;
/**
* Send configuration to device using
* - Choices: `DISABLE_ALL`, `ENABLE_USING_CLI`, `ENABLE_USING_COA`
*/
readonly trustsecSendConfigurationToDeviceUsing: pulumi.Output<string | undefined>;
/**
* Create a Device resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: DeviceArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Device resources.
*/
export interface DeviceState {
/**
* Enforce use of DTLS
*/
authenticationDtlsRequired?: pulumi.Input<boolean>;
/**
* Enable key wrap
*/
authenticationEnableKeyWrap?: pulumi.Input<boolean>;
/**
* Enable multiple RADIUS shared secrets
*/
authenticationEnableMultiSecret?: pulumi.Input<boolean>;
/**
* Encryption key
*/
authenticationEncryptionKey?: pulumi.Input<string>;
/**
* Key input format
* - Choices: `ASCII`, `HEXADECIMAL`
*/
authenticationEncryptionKeyFormat?: pulumi.Input<string>;
/**
* Message authenticator code key
*/
authenticationMessageAuthenticatorCodeKey?: pulumi.Input<string>;
/**
* Network protocol
* - Choices: `RADIUS`, `TACACS_PLUS`
*/
authenticationNetworkProtocol?: pulumi.Input<string>;
/**
* RADIUS shared secret
*/
authenticationRadiusSharedSecret?: pulumi.Input<string>;
/**
* Second RADIUS shared secret
*/
authenticationSecondRadiusSharedSecret?: pulumi.Input<string>;
/**
* CoA port
* - Default value: `1700`
*/
coaPort?: pulumi.Input<number>;
/**
* Description
*/
description?: pulumi.Input<string>;
/**
* This value is used to verify the client identity contained in the X.509 RADIUS/DTLS client certificate
*/
dtlsDnsName?: pulumi.Input<string>;
/**
* List of IP subnets
*/
ips?: pulumi.Input<pulumi.Input<inputs.network.DeviceIp>[]>;
/**
* Model name
*/
modelName?: pulumi.Input<string>;
/**
* The name of the network device
*/
name?: pulumi.Input<string>;
/**
* List of network device groups, e.g. `Device Type#All Device Types#ACCESS`
*/
networkDeviceGroups?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Profile name
* - Default value: `Cisco`
*/
profileName?: pulumi.Input<string>;
/**
* SNMP authentication password. Required for snmp version 3 and securityLevel AUTH or PRIV.
*/
snmpAuthPassword?: pulumi.Input<string>;
/**
* SNMP authentication protocol. Required for snmp version 3 and securityLevel AUTH or PRIV.
* - Choices: `MD5`, `SHA`, `SHA2`
*/
snmpAuthProtocol?: pulumi.Input<string>;
/**
* SNMP link Trap Query
*/
snmpLinkTrapQuery?: pulumi.Input<boolean>;
/**
* SNMP MAC Trap Query
*/
snmpMacTrapQuery?: pulumi.Input<boolean>;
/**
* Originating Policy Services Node
*/
snmpOriginatingPolicyServiceNode?: pulumi.Input<string>;
/**
* SNMP Polling Interval in seconds
* - Range: `600`-`86400`
*/
snmpPollingInterval?: pulumi.Input<number>;
/**
* SNMP privacy password. Required for snmp version 3 and securityLevel PRIV
*/
snmpPrivacyPassword?: pulumi.Input<string>;
/**
* SNMP privacy protocol. Required for snmp version 3 and securityLevel PRIV.
* - Choices: `DES`, `AES128`, `AES192`, `AES256`, `3DES`
*/
snmpPrivacyProtocol?: pulumi.Input<string>;
/**
* SNMP RO Community
*/
snmpRoCommunity?: pulumi.Input<string>;
/**
* SNMP security level. Required for snmp version 3.
* - Choices: `NO_AUTH`, `AUTH`, `PRIV`
*/
snmpSecurityLevel?: pulumi.Input<string>;
/**
* SNMP username. Required for snmp version 3.
*/
snmpUsername?: pulumi.Input<string>;
/**
* SNMP version
* - Choices: `ONE`, `TWO_C`, `THREE`
*/
snmpVersion?: pulumi.Input<string>;
/**
* Software version
*/
softwareVersion?: pulumi.Input<string>;
/**
* Connect mode options
* - Choices: `OFF`, `ON_LEGACY`, `ON_DRAFT_COMPLIANT`
*/
tacacsConnectModeOptions?: pulumi.Input<string>;
/**
* Shared secret
*/
tacacsSharedSecret?: pulumi.Input<string>;
/**
* CoA source host
*/
trustsecCoaSourceHost?: pulumi.Input<string>;
/**
* TrustSec device ID
*/
trustsecDeviceId?: pulumi.Input<string>;
/**
* TrustSec device password
*/
trustsecDevicePassword?: pulumi.Input<string>;
/**
* Download environment data every X seconds
*/
trustsecDownloadEnvironmentDataEveryXSeconds?: pulumi.Input<number>;
/**
* Download peer authorization policy every X seconds
*/
trustsecDownloadPeerAuthorizationPolicyEveryXSeconds?: pulumi.Input<number>;
/**
* Download SGACL lists every X seconds
*/
trustsecDownloadSgaclListsEveryXSeconds?: pulumi.Input<number>;
/**
* Enable mode password
*/
trustsecEnableModePassword?: pulumi.Input<string>;
/**
* EXEC mode password
*/
trustsecExecModePassword?: pulumi.Input<string>;
/**
* EXEC mode username
*/
trustsecExecModeUsername?: pulumi.Input<string>;
/**
* Include this device when deploying Security Group Tag Mapping Updates
*/
trustsecIncludeWhenDeployingSgtUpdates?: pulumi.Input<boolean>;
/**
* Other TrustSec devices to trust this device
*/
trustsecOtherSgaDevicesToTrustThisDevice?: pulumi.Input<boolean>;
/**
* Re-authenticate every X seconds
*/
trustsecReAuthenticationEveryXSeconds?: pulumi.Input<number>;
/**
* REST API password
*/
trustsecRestApiPassword?: pulumi.Input<string>;
/**
* REST API username
*/
trustsecRestApiUsername?: pulumi.Input<string>;
/**
* Send configuration to device
*/
trustsecSendConfigurationToDevice?: pulumi.Input<boolean>;
/**
* Send configuration to device using
* - Choices: `DISABLE_ALL`, `ENABLE_USING_CLI`, `ENABLE_USING_COA`
*/
trustsecSendConfigurationToDeviceUsing?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a Device resource.
*/
export interface DeviceArgs {
/**
* Enforce use of DTLS
*/
authenticationDtlsRequired?: pulumi.Input<boolean>;
/**
* Enable key wrap
*/
authenticationEnableKeyWrap?: pulumi.Input<boolean>;
/**
* Enable multiple RADIUS shared secrets
*/
authenticationEnableMultiSecret?: pulumi.Input<boolean>;
/**
* Encryption key
*/
authenticationEncryptionKey?: pulumi.Input<string>;
/**
* Key input format
* - Choices: `ASCII`, `HEXADECIMAL`
*/
authenticationEncryptionKeyFormat?: pulumi.Input<string>;
/**
* Message authenticator code key
*/
authenticationMessageAuthenticatorCodeKey?: pulumi.Input<string>;
/**
* Network protocol
* - Choices: `RADIUS`, `TACACS_PLUS`
*/
authenticationNetworkProtocol?: pulumi.Input<string>;
/**
* RADIUS shared secret
*/
authenticationRadiusSharedSecret?: pulumi.Input<string>;
/**
* Second RADIUS shared secret
*/
authenticationSecondRadiusSharedSecret?: pulumi.Input<string>;
/**
* CoA port
* - Default value: `1700`
*/
coaPort?: pulumi.Input<number>;
/**
* Description
*/
description?: pulumi.Input<string>;
/**
* This value is used to verify the client identity contained in the X.509 RADIUS/DTLS client certificate
*/
dtlsDnsName?: pulumi.Input<string>;
/**
* List of IP subnets
*/
ips: pulumi.Input<pulumi.Input<inputs.network.DeviceIp>[]>;
/**
* Model name
*/
modelName?: pulumi.Input<string>;
/**
* The name of the network device
*/
name?: pulumi.Input<string>;
/**
* List of network device groups, e.g. `Device Type#All Device Types#ACCESS`
*/
networkDeviceGroups?: pulumi.Input<pulumi.Input<string>[]>;
/**
* Profile name
* - Default value: `Cisco`
*/
profileName?: pulumi.Input<string>;
/**
* SNMP authentication password. Required for snmp version 3 and securityLevel AUTH or PRIV.
*/
snmpAuthPassword?: pulumi.Input<string>;
/**
* SNMP authentication protocol. Required for snmp version 3 and securityLevel AUTH or PRIV.
* - Choices: `MD5`, `SHA`, `SHA2`
*/
snmpAuthProtocol?: pulumi.Input<string>;
/**
* SNMP link Trap Query
*/
snmpLinkTrapQuery?: pulumi.Input<boolean>;
/**
* SNMP MAC Trap Query
*/
snmpMacTrapQuery?: pulumi.Input<boolean>;
/**
* Originating Policy Services Node
*/
snmpOriginatingPolicyServiceNode?: pulumi.Input<string>;
/**
* SNMP Polling Interval in seconds
* - Range: `600`-`86400`
*/
snmpPollingInterval?: pulumi.Input<number>;
/**
* SNMP privacy password. Required for snmp version 3 and securityLevel PRIV
*/
snmpPrivacyPassword?: pulumi.Input<string>;
/**
* SNMP privacy protocol. Required for snmp version 3 and securityLevel PRIV.
* - Choices: `DES`, `AES128`, `AES192`, `AES256`, `3DES`
*/
snmpPrivacyProtocol?: pulumi.Input<string>;
/**
* SNMP RO Community
*/
snmpRoCommunity?: pulumi.Input<string>;
/**
* SNMP security level. Required for snmp version 3.
* - Choices: `NO_AUTH`, `AUTH`, `PRIV`
*/
snmpSecurityLevel?: pulumi.Input<string>;
/**
* SNMP username. Required for snmp version 3.
*/
snmpUsername?: pulumi.Input<string>;
/**
* SNMP version
* - Choices: `ONE`, `TWO_C`, `THREE`
*/
snmpVersion?: pulumi.Input<string>;
/**
* Software version
*/
softwareVersion?: pulumi.Input<string>;
/**
* Connect mode options
* - Choices: `OFF`, `ON_LEGACY`, `ON_DRAFT_COMPLIANT`
*/
tacacsConnectModeOptions?: pulumi.Input<string>;
/**
* Shared secret
*/
tacacsSharedSecret?: pulumi.Input<string>;
/**
* CoA source host
*/
trustsecCoaSourceHost?: pulumi.Input<string>;
/**
* TrustSec device ID
*/
trustsecDeviceId?: pulumi.Input<string>;
/**
* TrustSec device password
*/
trustsecDevicePassword?: pulumi.Input<string>;
/**
* Download environment data every X seconds
*/
trustsecDownloadEnvironmentDataEveryXSeconds?: pulumi.Input<number>;
/**
* Download peer authorization policy every X seconds
*/
trustsecDownloadPeerAuthorizationPolicyEveryXSeconds?: pulumi.Input<number>;
/**
* Download SGACL lists every X seconds
*/
trustsecDownloadSgaclListsEveryXSeconds?: pulumi.Input<number>;
/**
* Enable mode password
*/
trustsecEnableModePassword?: pulumi.Input<string>;
/**
* EXEC mode password
*/
trustsecExecModePassword?: pulumi.Input<string>;
/**
* EXEC mode username
*/
trustsecExecModeUsername?: pulumi.Input<string>;
/**
* Include this device when deploying Security Group Tag Mapping Updates
*/
trustsecIncludeWhenDeployingSgtUpdates?: pulumi.Input<boolean>;
/**
* Other TrustSec devices to trust this device
*/
trustsecOtherSgaDevicesToTrustThisDevice?: pulumi.Input<boolean>;
/**
* Re-authenticate every X seconds
*/
trustsecReAuthenticationEveryXSeconds?: pulumi.Input<number>;
/**
* REST API password
*/
trustsecRestApiPassword?: pulumi.Input<string>;
/**
* REST API username
*/
trustsecRestApiUsername?: pulumi.Input<string>;
/**
* Send configuration to device
*/
trustsecSendConfigurationToDevice?: pulumi.Input<boolean>;
/**
* Send configuration to device using
* - Choices: `DISABLE_ALL`, `ENABLE_USING_CLI`, `ENABLE_USING_COA`
*/
trustsecSendConfigurationToDeviceUsing?: pulumi.Input<string>;
}