@pulumi/ise
Version:
A Pulumi package for managing resources on a Cisco ISE (Identity Service Engine) instance.. Based on terraform-provider-ise: version v0.2.1
375 lines (374 loc) • 10.9 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
/**
* This data source can read an allowed protocols policy element.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as ise from "@pulumi/ise";
*
* const example = ise.networkaccess.getAllowedProtocols({
* id: "76d24097-41c4-4558-a4d0-a8c07ac08470",
* });
* ```
*/
export declare function getAllowedProtocols(args?: GetAllowedProtocolsArgs, opts?: pulumi.InvokeOptions): Promise<GetAllowedProtocolsResult>;
/**
* A collection of arguments for invoking getAllowedProtocols.
*/
export interface GetAllowedProtocolsArgs {
/**
* The id of the object
*/
id?: string;
/**
* The name of the allowed protocols
*/
name?: string;
}
/**
* A collection of values returned by getAllowedProtocols.
*/
export interface GetAllowedProtocolsResult {
/**
* Allow 5G. This field is only supported from ISE 3.2.
*/
readonly allow5g: boolean;
/**
* Allow CHAP
*/
readonly allowChap: boolean;
/**
* Allow EAP Fast
*/
readonly allowEapFast: boolean;
/**
* Allow EAP MD5
*/
readonly allowEapMd5: boolean;
/**
* Allow EAP TLS
*/
readonly allowEapTls: boolean;
/**
* Allow EAP TTLS
*/
readonly allowEapTtls: boolean;
/**
* Allow LEAP
*/
readonly allowLeap: boolean;
/**
* Allow MS CHAP v1
*/
readonly allowMsChapV1: boolean;
/**
* Allow MS CHAP v2
*/
readonly allowMsChapV2: boolean;
/**
* Allow PAP ASCII
*/
readonly allowPapAscii: boolean;
/**
* Allow PEAP
*/
readonly allowPeap: boolean;
/**
* Allow preferred EAP protocol
*/
readonly allowPreferredEapProtocol: boolean;
/**
* Allow TEAP
*/
readonly allowTeap: boolean;
/**
* Allow weak ciphers for EAP
*/
readonly allowWeakCiphersForEap: boolean;
/**
* Description
*/
readonly description: string;
/**
* Accept client certificates. Is required only if `eapFastUsePacs` is `false`.
*/
readonly eapFastAcceptClientCert: boolean;
/**
* Allow machine authentication. Is required only if `eapFastUsePacs` is `false`.
*/
readonly eapFastAllowMachineAuthentication: boolean;
/**
* Allow EAP GTC
*/
readonly eapFastEapGtc: boolean;
/**
* Allow EAP GTC password change. Is required only if `eapFastEapGtc` is `true`.
*/
readonly eapFastEapGtcPwdChange: boolean;
/**
* EAP GTC password change retries. Is required only if `eapFastEapGtc` is `true`.
*/
readonly eapFastEapGtcPwdChangeRetries: number;
/**
* Allow EAP MS CHAP v2
*/
readonly eapFastEapMsChapV2: boolean;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `eapFastEapMsChapV2` is `true`.
*/
readonly eapFastEapMsChapV2PwdChange: boolean;
/**
* EAP MS CHAP v2 password change retries. Is required only if `eapFastEapMsChapV2` is `true`.
*/
readonly eapFastEapMsChapV2PwdChangeRetries: number;
/**
* Allow EAP TLS
*/
readonly eapFastEapTls: boolean;
/**
* Allow EAP TLS authentication of expired certificates. Is required only if `eapFastEapTls` is `true`.
*/
readonly eapFastEapTlsAuthOfExpiredCerts: boolean;
/**
* Enable EAP chaining
*/
readonly eapFastEnableEapChaining: boolean;
/**
* Allow anonymous provisioning. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsAllowAnonymousProvisioning: boolean;
/**
* Allow authenticated provisioning. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsAllowAuthenticatedProvisioning: boolean;
/**
* Accept client certification for provisioning. Is required only if `eapFastPacsAllowAuthenticatedProvisioning` is `true`.
*/
readonly eapFastPacsAllowClientCert: boolean;
/**
* Allow machine authentication. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsAllowMachineAuthentication: boolean;
/**
* Authorization PAC TTL. Is required only if `eapFastPacsStatelessSessionResume` is `true`.
*/
readonly eapFastPacsAuthorizationPacTtl: number;
/**
* Authorization PAC TTL unit. Is required only if `eapFastPacsStatelessSessionResume` is `true`.
*/
readonly eapFastPacsAuthorizationPacTtlUnit: string;
/**
* Machine PAC TTL. Is required only if `eapFastPacsAllowMachineAuthentication` is `true`.
*/
readonly eapFastPacsMachinePacTtl: number;
/**
* Machine PAC TTL unit. Is required only if `eapFastPacsAllowMachineAuthentication` is `true`.
*/
readonly eapFastPacsMachinePacTtlUnit: string;
/**
* Server returns access accept after authenticated provisioning. Is required only if `eapFastPacsAllowAuthenticatedProvisioning` is `true`.
*/
readonly eapFastPacsServerReturns: boolean;
/**
* Stateless session resume. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsStatelessSessionResume: boolean;
/**
* PACs tunnel PAC time to live. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsTunnelPacTtl: number;
/**
* PACs tunnel PAC time to live unit. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsTunnelPacTtlUnit: string;
/**
* Use proactive pac update percentage. Is required only if `eapFastUsePacs` is `true`.
*/
readonly eapFastPacsUseProactivePacUpdatePercentage: number;
/**
* Use PACs
*/
readonly eapFastUsePacs: boolean;
/**
* Allow authentication of expired certificates
*/
readonly eapTlsAllowAuthOfExpiredCerts: boolean;
/**
* Enable stateless session resume
*/
readonly eapTlsEnableStatelessSessionResume: boolean;
/**
* EAP TLS L-Bit
*/
readonly eapTlsLBit: boolean;
/**
* Session ticket percentage. Is required only if `eapTlsEnableStatelessSessionResume` is `true`.
*/
readonly eapTlsSessionTicketPercentage: number;
/**
* Session ticket TTL. Is required only if `eapTlsEnableStatelessSessionResume` is `true`.
*/
readonly eapTlsSessionTicketTtl: number;
/**
* Session ticket TTL unit. Is required only if `eapTlsEnableStatelessSessionResume` is `true`.
*/
readonly eapTlsSessionTicketTtlUnit: string;
/**
* Allow CHAP
*/
readonly eapTtlsChap: boolean;
/**
* Allow EAP MD5
*/
readonly eapTtlsEapMd5: boolean;
/**
* Allow EAP MS CHAP v2
*/
readonly eapTtlsEapMsChapV2: boolean;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `eapTtlsEapMsChapV2` is `true`.
*/
readonly eapTtlsEapMsChapV2PwdChange: boolean;
/**
* EAP MS CHAP v2 password change retries. Is required only if `eapTtlsEapMsChapV2` is `true`.
*/
readonly eapTtlsEapMsChapV2PwdChangeRetries: number;
/**
* Allow MS CHAP v1
*/
readonly eapTtlsMsChapV1: boolean;
/**
* Allow MS CHAP v2
*/
readonly eapTtlsMsChapV2: boolean;
/**
* Allow PAP ASCII
*/
readonly eapTtlsPapAscii: boolean;
/**
* The id of the object
*/
readonly id: string;
/**
* The name of the allowed protocols
*/
readonly name: string;
/**
* Allow PEAP EAP GTC
*/
readonly peapAllowPeapEapGtc: boolean;
/**
* Allow PEAP EAP GTC password change. Is required only if `allowPeapEapGtc` is `true`.
*/
readonly peapAllowPeapEapGtcPwdChange: boolean;
/**
* PEAP EAP GTC password change retries. Is required only if `allowPeapEapGtc` is `true`.
*/
readonly peapAllowPeapEapGtcPwdChangeRetries: number;
/**
* Allow PEAP EAP MS CHAP v2
*/
readonly peapAllowPeapEapMsChapV2: boolean;
/**
* Allow PEAP EAP MS CHAP v2 password change. Is required only if `allowPeapEapMsChapV2` is `true`.
*/
readonly peapAllowPeapEapMsChapV2PwdChange: boolean;
/**
* Allow PEAP EAP MS CHAP v2 password change retries. Is required only if `allowPeapEapMsChapV2` is `true`.
*/
readonly peapAllowPeapEapMsChapV2PwdChangeRetries: number;
/**
* Allow PEAP EAP TLS
*/
readonly peapAllowPeapEapTls: boolean;
/**
* Allow PEAP EAP TLS authentication of expired certificates. Is required only if `peapAllowPeapEapTls` is `true`.
*/
readonly peapAllowPeapEapTlsAuthOfExpiredCerts: boolean;
/**
* Allow PEAP v0
*/
readonly peapPeapV0: boolean;
/**
* Preferred EAP protocol
*/
readonly preferredEapProtocol: string;
/**
* Process host lookup
*/
readonly processHostLookup: boolean;
/**
* Require cryptobinding
*/
readonly requireCryptobinding: boolean;
/**
* Require message authentication
*/
readonly requireMessageAuth: boolean;
/**
* Allow downgrade to MSK
*/
readonly teapDowngradeMsk: boolean;
/**
* Accept client certificate during tunnel establishment
*/
readonly teapEapAcceptClientCertDuringTunnelEst: boolean;
/**
* Allow EAP chaining
*/
readonly teapEapChaining: boolean;
/**
* Allow EAP MS CHAP v2
*/
readonly teapEapMsChapV2: boolean;
/**
* Allow EAP MS CHAP v2 password change. Is required only if `teapEapMsChapV2` is `true`.
*/
readonly teapEapMsChapV2PwdChange: boolean;
/**
* EAP MS CHAP v2 password change retries. Is required only if `teapEapMsChapV2` is `true`.
*/
readonly teapEapMsChapV2PwdChangeRetries: number;
/**
* Allow EAP TLS
*/
readonly teapEapTls: boolean;
/**
* Allow EAP TLS authentication of expired certs. Is required only if `teapEapTls` is `true`.
*/
readonly teapEapTlsAuthOfExpiredCerts: boolean;
/**
* Request basic password authentication
*/
readonly teapRequestBasicPwdAuth: boolean;
}
/**
* This data source can read an allowed protocols policy element.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as ise from "@pulumi/ise";
*
* const example = ise.networkaccess.getAllowedProtocols({
* id: "76d24097-41c4-4558-a4d0-a8c07ac08470",
* });
* ```
*/
export declare function getAllowedProtocolsOutput(args?: GetAllowedProtocolsOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetAllowedProtocolsResult>;
/**
* A collection of arguments for invoking getAllowedProtocols.
*/
export interface GetAllowedProtocolsOutputArgs {
/**
* The id of the object
*/
id?: pulumi.Input<string>;
/**
* The name of the allowed protocols
*/
name?: pulumi.Input<string>;
}