@pulumi/ise
Version:
A Pulumi package for managing resources on a Cisco ISE (Identity Service Engine) instance.. Based on terraform-provider-ise: version v0.2.1
534 lines (533 loc) • 15.5 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* This resource can manage an authorization profiles policy element.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as ise from "@pulumi/ise";
*
* const example = new ise.networkaccess.AuthorizationProfile("example", {
* name: "AuthzProfile1",
* description: "My Authorization Profile",
* vlanNameId: "VLAN10",
* vlanTagId: 0,
* webRedirectionType: "CentralizedWebAuth",
* webRedirectionAcl: "TEST_ACL",
* webRedirectionPortalName: "Sponsored Guest Portal (default)",
* webRedirectionStaticIpHostNameFqdn: "1.2.3.4",
* webRedirectionDisplayCertificatesRenewalMessages: true,
* agentlessPosture: false,
* accessType: "ACCESS_ACCEPT",
* profileName: "Cisco",
* airespaceAcl: "ACL1",
* acl: "ACL1",
* autoSmartPort: "PROFILE1",
* interfaceTemplate: "TEMP1",
* ipv6AclFilter: "ACL1",
* avcProfile: "PROF1",
* asaVpn: "1",
* uniqueIdentifier: "ID1234",
* trackMovement: false,
* serviceTemplate: false,
* easywiredSessionCandidate: false,
* voiceDomainPermission: false,
* neat: false,
* webAuth: false,
* macSecPolicy: "MUST_SECURE",
* reauthenticationConnectivity: "DEFAULT",
* reauthenticationTimer: 1,
* advancedAttributes: [{
* attributeLeftDictionaryName: "Cisco",
* attributeLeftName: "cisco-av-pair",
* attributeRightValueType: "AttributeValue",
* attributeRightValue: "set_nadprofile_vlan=true,vlan=TEST,tag=1",
* }],
* airespaceIpv6Acl: "ACL1",
* });
* ```
*
* ## Import
*
* The `pulumi import` command can be used, for example:
*
* ```sh
* $ pulumi import ise:networkaccess/authorizationProfile:AuthorizationProfile example "76d24097-41c4-4558-a4d0-a8c07ac08470"
* ```
*/
export declare class AuthorizationProfile extends pulumi.CustomResource {
/**
* Get an existing AuthorizationProfile resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AuthorizationProfileState, opts?: pulumi.CustomResourceOptions): AuthorizationProfile;
/**
* Returns true if the given object is an instance of AuthorizationProfile. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is AuthorizationProfile;
/**
* Access type
* - Choices: `ACCESS_ACCEPT`, `ACCESS_REJECT`
* - Default value: `ACCESS_ACCEPT`
*/
readonly accessType: pulumi.Output<string>;
/**
* ACL
*/
readonly acl: pulumi.Output<string | undefined>;
/**
* List of advanced attributes
*/
readonly advancedAttributes: pulumi.Output<outputs.networkaccess.AuthorizationProfileAdvancedAttribute[] | undefined>;
/**
* Agentless Posture.
*/
readonly agentlessPosture: pulumi.Output<boolean | undefined>;
/**
* Airespace ACL
*/
readonly airespaceAcl: pulumi.Output<string | undefined>;
/**
* Airespace IPv6 ACL
*/
readonly airespaceIpv6Acl: pulumi.Output<string | undefined>;
/**
* ASA VPN
*/
readonly asaVpn: pulumi.Output<string | undefined>;
/**
* Auto smart port
*/
readonly autoSmartPort: pulumi.Output<string | undefined>;
/**
* AVC profile
*/
readonly avcProfile: pulumi.Output<string | undefined>;
/**
* DACL name
*/
readonly daclName: pulumi.Output<string | undefined>;
/**
* Description
*/
readonly description: pulumi.Output<string | undefined>;
/**
* Easy wired session candidate
* - Default value: `false`
*/
readonly easywiredSessionCandidate: pulumi.Output<boolean>;
/**
* Interface template
*/
readonly interfaceTemplate: pulumi.Output<string | undefined>;
/**
* IPv6 ACL
*/
readonly ipv6AclFilter: pulumi.Output<string | undefined>;
/**
* IPv6 DACL name
*/
readonly ipv6DaclName: pulumi.Output<string | undefined>;
/**
* MacSec policy
* - Choices: `MUST_SECURE`, `MUST_NOT_SECURE`, `SHOULD_SECURE`
*/
readonly macSecPolicy: pulumi.Output<string | undefined>;
/**
* The name of the authorization profile
*/
readonly name: pulumi.Output<string>;
/**
* NEAT
* - Default value: `false`
*/
readonly neat: pulumi.Output<boolean>;
/**
* Value needs to be an existing Network Device Profile
* - Default value: `Cisco`
*/
readonly profileName: pulumi.Output<string>;
/**
* Maintain Connectivity During Reauthentication
* - Choices: `DEFAULT`, `RADIUS_REQUEST`
*/
readonly reauthenticationConnectivity: pulumi.Output<string | undefined>;
/**
* Reauthentication timer
* - Range: `1`-`65535`
*/
readonly reauthenticationTimer: pulumi.Output<number | undefined>;
/**
* Service template
* - Default value: `false`
*/
readonly serviceTemplate: pulumi.Output<boolean>;
/**
* Track movement
* - Default value: `false`
*/
readonly trackMovement: pulumi.Output<boolean>;
/**
* Unique identifier
*/
readonly uniqueIdentifier: pulumi.Output<string | undefined>;
/**
* Vlan name or ID
*/
readonly vlanNameId: pulumi.Output<string | undefined>;
/**
* Vlan tag ID
* - Range: `0`-`31`
*/
readonly vlanTagId: pulumi.Output<number | undefined>;
/**
* Voice domain permission
* - Default value: `false`
*/
readonly voiceDomainPermission: pulumi.Output<boolean>;
/**
* Web authentication (local)
* - Default value: `false`
*/
readonly webAuth: pulumi.Output<boolean>;
/**
* Web redirection ACL
*/
readonly webRedirectionAcl: pulumi.Output<string | undefined>;
/**
* This attribute is mandatory when `webRedirectionType` value is `CentralizedWebAuth`. For all other `webRedirectionType` values the field must be ignored.
*/
readonly webRedirectionDisplayCertificatesRenewalMessages: pulumi.Output<boolean | undefined>;
/**
* A portal that exist in the DB and fits the `webRedirectionType`
*/
readonly webRedirectionPortalName: pulumi.Output<string | undefined>;
/**
* IP, hostname or FQDN
*/
readonly webRedirectionStaticIpHostNameFqdn: pulumi.Output<string | undefined>;
/**
* This type must fit the `webRedirectionPortalName`
* - Choices: `CentralizedWebAuth`, `HotSpot`, `NativeSupplicanProvisioning`, `ClientProvisioning`
*/
readonly webRedirectionType: pulumi.Output<string | undefined>;
/**
* Create a AuthorizationProfile resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args?: AuthorizationProfileArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering AuthorizationProfile resources.
*/
export interface AuthorizationProfileState {
/**
* Access type
* - Choices: `ACCESS_ACCEPT`, `ACCESS_REJECT`
* - Default value: `ACCESS_ACCEPT`
*/
accessType?: pulumi.Input<string>;
/**
* ACL
*/
acl?: pulumi.Input<string>;
/**
* List of advanced attributes
*/
advancedAttributes?: pulumi.Input<pulumi.Input<inputs.networkaccess.AuthorizationProfileAdvancedAttribute>[]>;
/**
* Agentless Posture.
*/
agentlessPosture?: pulumi.Input<boolean>;
/**
* Airespace ACL
*/
airespaceAcl?: pulumi.Input<string>;
/**
* Airespace IPv6 ACL
*/
airespaceIpv6Acl?: pulumi.Input<string>;
/**
* ASA VPN
*/
asaVpn?: pulumi.Input<string>;
/**
* Auto smart port
*/
autoSmartPort?: pulumi.Input<string>;
/**
* AVC profile
*/
avcProfile?: pulumi.Input<string>;
/**
* DACL name
*/
daclName?: pulumi.Input<string>;
/**
* Description
*/
description?: pulumi.Input<string>;
/**
* Easy wired session candidate
* - Default value: `false`
*/
easywiredSessionCandidate?: pulumi.Input<boolean>;
/**
* Interface template
*/
interfaceTemplate?: pulumi.Input<string>;
/**
* IPv6 ACL
*/
ipv6AclFilter?: pulumi.Input<string>;
/**
* IPv6 DACL name
*/
ipv6DaclName?: pulumi.Input<string>;
/**
* MacSec policy
* - Choices: `MUST_SECURE`, `MUST_NOT_SECURE`, `SHOULD_SECURE`
*/
macSecPolicy?: pulumi.Input<string>;
/**
* The name of the authorization profile
*/
name?: pulumi.Input<string>;
/**
* NEAT
* - Default value: `false`
*/
neat?: pulumi.Input<boolean>;
/**
* Value needs to be an existing Network Device Profile
* - Default value: `Cisco`
*/
profileName?: pulumi.Input<string>;
/**
* Maintain Connectivity During Reauthentication
* - Choices: `DEFAULT`, `RADIUS_REQUEST`
*/
reauthenticationConnectivity?: pulumi.Input<string>;
/**
* Reauthentication timer
* - Range: `1`-`65535`
*/
reauthenticationTimer?: pulumi.Input<number>;
/**
* Service template
* - Default value: `false`
*/
serviceTemplate?: pulumi.Input<boolean>;
/**
* Track movement
* - Default value: `false`
*/
trackMovement?: pulumi.Input<boolean>;
/**
* Unique identifier
*/
uniqueIdentifier?: pulumi.Input<string>;
/**
* Vlan name or ID
*/
vlanNameId?: pulumi.Input<string>;
/**
* Vlan tag ID
* - Range: `0`-`31`
*/
vlanTagId?: pulumi.Input<number>;
/**
* Voice domain permission
* - Default value: `false`
*/
voiceDomainPermission?: pulumi.Input<boolean>;
/**
* Web authentication (local)
* - Default value: `false`
*/
webAuth?: pulumi.Input<boolean>;
/**
* Web redirection ACL
*/
webRedirectionAcl?: pulumi.Input<string>;
/**
* This attribute is mandatory when `webRedirectionType` value is `CentralizedWebAuth`. For all other `webRedirectionType` values the field must be ignored.
*/
webRedirectionDisplayCertificatesRenewalMessages?: pulumi.Input<boolean>;
/**
* A portal that exist in the DB and fits the `webRedirectionType`
*/
webRedirectionPortalName?: pulumi.Input<string>;
/**
* IP, hostname or FQDN
*/
webRedirectionStaticIpHostNameFqdn?: pulumi.Input<string>;
/**
* This type must fit the `webRedirectionPortalName`
* - Choices: `CentralizedWebAuth`, `HotSpot`, `NativeSupplicanProvisioning`, `ClientProvisioning`
*/
webRedirectionType?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a AuthorizationProfile resource.
*/
export interface AuthorizationProfileArgs {
/**
* Access type
* - Choices: `ACCESS_ACCEPT`, `ACCESS_REJECT`
* - Default value: `ACCESS_ACCEPT`
*/
accessType?: pulumi.Input<string>;
/**
* ACL
*/
acl?: pulumi.Input<string>;
/**
* List of advanced attributes
*/
advancedAttributes?: pulumi.Input<pulumi.Input<inputs.networkaccess.AuthorizationProfileAdvancedAttribute>[]>;
/**
* Agentless Posture.
*/
agentlessPosture?: pulumi.Input<boolean>;
/**
* Airespace ACL
*/
airespaceAcl?: pulumi.Input<string>;
/**
* Airespace IPv6 ACL
*/
airespaceIpv6Acl?: pulumi.Input<string>;
/**
* ASA VPN
*/
asaVpn?: pulumi.Input<string>;
/**
* Auto smart port
*/
autoSmartPort?: pulumi.Input<string>;
/**
* AVC profile
*/
avcProfile?: pulumi.Input<string>;
/**
* DACL name
*/
daclName?: pulumi.Input<string>;
/**
* Description
*/
description?: pulumi.Input<string>;
/**
* Easy wired session candidate
* - Default value: `false`
*/
easywiredSessionCandidate?: pulumi.Input<boolean>;
/**
* Interface template
*/
interfaceTemplate?: pulumi.Input<string>;
/**
* IPv6 ACL
*/
ipv6AclFilter?: pulumi.Input<string>;
/**
* IPv6 DACL name
*/
ipv6DaclName?: pulumi.Input<string>;
/**
* MacSec policy
* - Choices: `MUST_SECURE`, `MUST_NOT_SECURE`, `SHOULD_SECURE`
*/
macSecPolicy?: pulumi.Input<string>;
/**
* The name of the authorization profile
*/
name?: pulumi.Input<string>;
/**
* NEAT
* - Default value: `false`
*/
neat?: pulumi.Input<boolean>;
/**
* Value needs to be an existing Network Device Profile
* - Default value: `Cisco`
*/
profileName?: pulumi.Input<string>;
/**
* Maintain Connectivity During Reauthentication
* - Choices: `DEFAULT`, `RADIUS_REQUEST`
*/
reauthenticationConnectivity?: pulumi.Input<string>;
/**
* Reauthentication timer
* - Range: `1`-`65535`
*/
reauthenticationTimer?: pulumi.Input<number>;
/**
* Service template
* - Default value: `false`
*/
serviceTemplate?: pulumi.Input<boolean>;
/**
* Track movement
* - Default value: `false`
*/
trackMovement?: pulumi.Input<boolean>;
/**
* Unique identifier
*/
uniqueIdentifier?: pulumi.Input<string>;
/**
* Vlan name or ID
*/
vlanNameId?: pulumi.Input<string>;
/**
* Vlan tag ID
* - Range: `0`-`31`
*/
vlanTagId?: pulumi.Input<number>;
/**
* Voice domain permission
* - Default value: `false`
*/
voiceDomainPermission?: pulumi.Input<boolean>;
/**
* Web authentication (local)
* - Default value: `false`
*/
webAuth?: pulumi.Input<boolean>;
/**
* Web redirection ACL
*/
webRedirectionAcl?: pulumi.Input<string>;
/**
* This attribute is mandatory when `webRedirectionType` value is `CentralizedWebAuth`. For all other `webRedirectionType` values the field must be ignored.
*/
webRedirectionDisplayCertificatesRenewalMessages?: pulumi.Input<boolean>;
/**
* A portal that exist in the DB and fits the `webRedirectionType`
*/
webRedirectionPortalName?: pulumi.Input<string>;
/**
* IP, hostname or FQDN
*/
webRedirectionStaticIpHostNameFqdn?: pulumi.Input<string>;
/**
* This type must fit the `webRedirectionPortalName`
* - Choices: `CentralizedWebAuth`, `HotSpot`, `NativeSupplicanProvisioning`, `ClientProvisioning`
*/
webRedirectionType?: pulumi.Input<string>;
}