Docs Home
Cisco Catalyst SD-WAN v0.3.0 published on Friday, Mar 28, 2025 by Pulumi
sdwan.DnsSecurityPolicy
Explore with Pulumi AI
This resource can manage a DNS Security Policy.
- Minimum SD-WAN Manager version:
20.12.0
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as sdwan from "@pulumi/sdwan";
const example = new sdwan.DnsSecurityPolicy("example", {
name: "Example",
description: "My Example",
featureProfileId: "f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac",
localDomainBypassListId: "0c4e096d-b06d-4052-93ed-70fe34fda6dc",
matchAllVpn: true,
umbrellaDefault: false,
dnsServerIp: "1.2.3.4",
localDomainBypassEnabled: true,
dnsCrypt: false,
childOrgId: "12334",
});
import pulumi
import pulumi_sdwan as sdwan
example = sdwan.DnsSecurityPolicy("example",
name="Example",
description="My Example",
feature_profile_id="f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac",
local_domain_bypass_list_id="0c4e096d-b06d-4052-93ed-70fe34fda6dc",
match_all_vpn=True,
umbrella_default=False,
dns_server_ip="1.2.3.4",
local_domain_bypass_enabled=True,
dns_crypt=False,
child_org_id="12334")
package main
import (
"github.com/pulumi/pulumi-sdwan/sdk/go/sdwan"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := sdwan.NewDnsSecurityPolicy(ctx, "example", &sdwan.DnsSecurityPolicyArgs{
Name: pulumi.String("Example"),
Description: pulumi.String("My Example"),
FeatureProfileId: pulumi.String("f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac"),
LocalDomainBypassListId: pulumi.String("0c4e096d-b06d-4052-93ed-70fe34fda6dc"),
MatchAllVpn: pulumi.Bool(true),
UmbrellaDefault: pulumi.Bool(false),
DnsServerIp: pulumi.String("1.2.3.4"),
LocalDomainBypassEnabled: pulumi.Bool(true),
DnsCrypt: pulumi.Bool(false),
ChildOrgId: pulumi.String("12334"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sdwan = Pulumi.Sdwan;
return await Deployment.RunAsync(() =>
{
var example = new Sdwan.DnsSecurityPolicy("example", new()
{
Name = "Example",
Description = "My Example",
FeatureProfileId = "f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac",
LocalDomainBypassListId = "0c4e096d-b06d-4052-93ed-70fe34fda6dc",
MatchAllVpn = true,
UmbrellaDefault = false,
DnsServerIp = "1.2.3.4",
LocalDomainBypassEnabled = true,
DnsCrypt = false,
ChildOrgId = "12334",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sdwan.DnsSecurityPolicy;
import com.pulumi.sdwan.DnsSecurityPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new DnsSecurityPolicy("example", DnsSecurityPolicyArgs.builder()
.name("Example")
.description("My Example")
.featureProfileId("f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac")
.localDomainBypassListId("0c4e096d-b06d-4052-93ed-70fe34fda6dc")
.matchAllVpn(true)
.umbrellaDefault(false)
.dnsServerIp("1.2.3.4")
.localDomainBypassEnabled(true)
.dnsCrypt(false)
.childOrgId("12334")
.build());
}
}
resources:
example:
type: sdwan:DnsSecurityPolicy
properties:
name: Example
description: My Example
featureProfileId: f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac
localDomainBypassListId: 0c4e096d-b06d-4052-93ed-70fe34fda6dc
matchAllVpn: true
umbrellaDefault: false
dnsServerIp: 1.2.3.4
localDomainBypassEnabled: true
dnsCrypt: false
childOrgId: '12334'
Create DnsSecurityPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DnsSecurityPolicy(name: string, args: DnsSecurityPolicyArgs, opts?: CustomResourceOptions);@overload
def DnsSecurityPolicy(resource_name: str,
args: DnsSecurityPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def DnsSecurityPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
child_org_id: Optional[str] = None,
dns_crypt: Optional[bool] = None,
dns_server_ip: Optional[str] = None,
feature_profile_id: Optional[str] = None,
local_domain_bypass_enabled: Optional[bool] = None,
local_domain_bypass_list_id: Optional[str] = None,
match_all_vpn: Optional[bool] = None,
umbrella_default: Optional[bool] = None,
description: Optional[str] = None,
name: Optional[str] = None,
target_vpns: Optional[Sequence[DnsSecurityPolicyTargetVpnArgs]] = None)func NewDnsSecurityPolicy(ctx *Context, name string, args DnsSecurityPolicyArgs, opts ...ResourceOption) (*DnsSecurityPolicy, error)public DnsSecurityPolicy(string name, DnsSecurityPolicyArgs args, CustomResourceOptions? opts = null)
public DnsSecurityPolicy(String name, DnsSecurityPolicyArgs args)
public DnsSecurityPolicy(String name, DnsSecurityPolicyArgs args, CustomResourceOptions options)
type: sdwan:DnsSecurityPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DnsSecurityPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DnsSecurityPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DnsSecurityPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DnsSecurityPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DnsSecurityPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var dnsSecurityPolicyResource = new Sdwan.DnsSecurityPolicy("dnsSecurityPolicyResource", new()
{
ChildOrgId = "string",
DnsCrypt = false,
DnsServerIp = "string",
FeatureProfileId = "string",
LocalDomainBypassEnabled = false,
LocalDomainBypassListId = "string",
MatchAllVpn = false,
UmbrellaDefault = false,
Description = "string",
Name = "string",
TargetVpns = new[]
{
new Sdwan.Inputs.DnsSecurityPolicyTargetVpnArgs
{
DnsServerIp = "string",
LocalDomainBypassEnabled = false,
Uid = "string",
UmbrellaDefault = false,
Vpns = new[]
{
"string",
},
},
},
});
example, err := sdwan.NewDnsSecurityPolicy(ctx, "dnsSecurityPolicyResource", &sdwan.DnsSecurityPolicyArgs{
ChildOrgId: pulumi.String("string"),
DnsCrypt: pulumi.Bool(false),
DnsServerIp: pulumi.String("string"),
FeatureProfileId: pulumi.String("string"),
LocalDomainBypassEnabled: pulumi.Bool(false),
LocalDomainBypassListId: pulumi.String("string"),
MatchAllVpn: pulumi.Bool(false),
UmbrellaDefault: pulumi.Bool(false),
Description: pulumi.String("string"),
Name: pulumi.String("string"),
TargetVpns: sdwan.DnsSecurityPolicyTargetVpnArray{
&sdwan.DnsSecurityPolicyTargetVpnArgs{
DnsServerIp: pulumi.String("string"),
LocalDomainBypassEnabled: pulumi.Bool(false),
Uid: pulumi.String("string"),
UmbrellaDefault: pulumi.Bool(false),
Vpns: pulumi.StringArray{
pulumi.String("string"),
},
},
},
})
var dnsSecurityPolicyResource = new DnsSecurityPolicy("dnsSecurityPolicyResource", DnsSecurityPolicyArgs.builder()
.childOrgId("string")
.dnsCrypt(false)
.dnsServerIp("string")
.featureProfileId("string")
.localDomainBypassEnabled(false)
.localDomainBypassListId("string")
.matchAllVpn(false)
.umbrellaDefault(false)
.description("string")
.name("string")
.targetVpns(DnsSecurityPolicyTargetVpnArgs.builder()
.dnsServerIp("string")
.localDomainBypassEnabled(false)
.uid("string")
.umbrellaDefault(false)
.vpns("string")
.build())
.build());
dns_security_policy_resource = sdwan.DnsSecurityPolicy("dnsSecurityPolicyResource",
child_org_id="string",
dns_crypt=False,
dns_server_ip="string",
feature_profile_id="string",
local_domain_bypass_enabled=False,
local_domain_bypass_list_id="string",
match_all_vpn=False,
umbrella_default=False,
description="string",
name="string",
target_vpns=[{
"dns_server_ip": "string",
"local_domain_bypass_enabled": False,
"uid": "string",
"umbrella_default": False,
"vpns": ["string"],
}])
const dnsSecurityPolicyResource = new sdwan.DnsSecurityPolicy("dnsSecurityPolicyResource", {
childOrgId: "string",
dnsCrypt: false,
dnsServerIp: "string",
featureProfileId: "string",
localDomainBypassEnabled: false,
localDomainBypassListId: "string",
matchAllVpn: false,
umbrellaDefault: false,
description: "string",
name: "string",
targetVpns: [{
dnsServerIp: "string",
localDomainBypassEnabled: false,
uid: "string",
umbrellaDefault: false,
vpns: ["string"],
}],
});
type: sdwan:DnsSecurityPolicy
properties:
childOrgId: string
description: string
dnsCrypt: false
dnsServerIp: string
featureProfileId: string
localDomainBypassEnabled: false
localDomainBypassListId: string
matchAllVpn: false
name: string
targetVpns:
- dnsServerIp: string
localDomainBypassEnabled: false
uid: string
umbrellaDefault: false
vpns:
- string
umbrellaDefault: false
DnsSecurityPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DnsSecurityPolicy resource accepts the following input properties:
- Child
Org stringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- Dns
Crypt bool - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- Dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - Feature
Profile stringId - Feature Profile ID
- Local
Domain boolBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Local
Domain stringBypass List Id - Match
All boolVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- Umbrella
Default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Description string
- The description of the Policy
- Name string
- The name of the Policy
- Target
Vpns List<DnsSecurity Policy Target Vpn> - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse
- Child
Org stringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- Dns
Crypt bool - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- Dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - Feature
Profile stringId - Feature Profile ID
- Local
Domain boolBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Local
Domain stringBypass List Id - Match
All boolVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- Umbrella
Default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Description string
- The description of the Policy
- Name string
- The name of the Policy
- Target
Vpns []DnsSecurity Policy Target Vpn Args - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse
- child
Org StringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- dns
Crypt Boolean - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- dns
Server StringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - feature
Profile StringId - Feature Profile ID
- local
Domain BooleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain StringBypass List Id - match
All BooleanVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- umbrella
Default Boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- description String
- The description of the Policy
- name String
- The name of the Policy
- target
Vpns List<DnsSecurity Policy Target Vpn> - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse
- child
Org stringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- dns
Crypt boolean - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - feature
Profile stringId - Feature Profile ID
- local
Domain booleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain stringBypass List Id - match
All booleanVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- umbrella
Default boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- description string
- The description of the Policy
- name string
- The name of the Policy
- target
Vpns DnsSecurity Policy Target Vpn[] - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse
- child_
org_ strid - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- dns_
crypt bool - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- dns_
server_ strip - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - feature_
profile_ strid - Feature Profile ID
- local_
domain_ boolbypass_ enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local_
domain_ strbypass_ list_ id - match_
all_ boolvpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- umbrella_
default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- description str
- The description of the Policy
- name str
- The name of the Policy
- target_
vpns Sequence[DnsSecurity Policy Target Vpn Args] - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse
- child
Org StringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- dns
Crypt Boolean - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- dns
Server StringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - feature
Profile StringId - Feature Profile ID
- local
Domain BooleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain StringBypass List Id - match
All BooleanVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- umbrella
Default Boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- description String
- The description of the Policy
- name String
- The name of the Policy
- target
Vpns List<Property Map> - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse
Outputs
All input properties are implicitly available as output properties. Additionally, the DnsSecurityPolicy resource produces the following output properties:
Look up Existing DnsSecurityPolicy Resource
Get an existing DnsSecurityPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DnsSecurityPolicyState, opts?: CustomResourceOptions): DnsSecurityPolicy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
child_org_id: Optional[str] = None,
description: Optional[str] = None,
dns_crypt: Optional[bool] = None,
dns_server_ip: Optional[str] = None,
feature_profile_id: Optional[str] = None,
local_domain_bypass_enabled: Optional[bool] = None,
local_domain_bypass_list_id: Optional[str] = None,
match_all_vpn: Optional[bool] = None,
name: Optional[str] = None,
target_vpns: Optional[Sequence[DnsSecurityPolicyTargetVpnArgs]] = None,
umbrella_default: Optional[bool] = None,
version: Optional[int] = None) -> DnsSecurityPolicyfunc GetDnsSecurityPolicy(ctx *Context, name string, id IDInput, state *DnsSecurityPolicyState, opts ...ResourceOption) (*DnsSecurityPolicy, error)public static DnsSecurityPolicy Get(string name, Input<string> id, DnsSecurityPolicyState? state, CustomResourceOptions? opts = null)public static DnsSecurityPolicy get(String name, Output<String> id, DnsSecurityPolicyState state, CustomResourceOptions options)resources: _: type: sdwan:DnsSecurityPolicy get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Child
Org stringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- Description string
- The description of the Policy
- Dns
Crypt bool - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- Dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - Feature
Profile stringId - Feature Profile ID
- Local
Domain boolBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Local
Domain stringBypass List Id - Match
All boolVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- Name string
- The name of the Policy
- Target
Vpns List<DnsSecurity Policy Target Vpn> - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse - Umbrella
Default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Version int
- The version of the Policy
- Child
Org stringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- Description string
- The description of the Policy
- Dns
Crypt bool - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- Dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - Feature
Profile stringId - Feature Profile ID
- Local
Domain boolBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Local
Domain stringBypass List Id - Match
All boolVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- Name string
- The name of the Policy
- Target
Vpns []DnsSecurity Policy Target Vpn Args - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse - Umbrella
Default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Version int
- The version of the Policy
- child
Org StringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- description String
- The description of the Policy
- dns
Crypt Boolean - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- dns
Server StringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - feature
Profile StringId - Feature Profile ID
- local
Domain BooleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain StringBypass List Id - match
All BooleanVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- name String
- The name of the Policy
- target
Vpns List<DnsSecurity Policy Target Vpn> - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse - umbrella
Default Boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- version Integer
- The version of the Policy
- child
Org stringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- description string
- The description of the Policy
- dns
Crypt boolean - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - feature
Profile stringId - Feature Profile ID
- local
Domain booleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain stringBypass List Id - match
All booleanVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- name string
- The name of the Policy
- target
Vpns DnsSecurity Policy Target Vpn[] - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse - umbrella
Default boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- version number
- The version of the Policy
- child_
org_ strid - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- description str
- The description of the Policy
- dns_
crypt bool - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- dns_
server_ strip - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - feature_
profile_ strid - Feature Profile ID
- local_
domain_ boolbypass_ enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local_
domain_ strbypass_ list_ id - match_
all_ boolvpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- name str
- The name of the Policy
- target_
vpns Sequence[DnsSecurity Policy Target Vpn Args] - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse - umbrella_
default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- version int
- The version of the Policy
- child
Org StringId - String that is a number that corresponds to Umbrella Multi Org, can be empty if not using Umbrella Multi Org
- description String
- The description of the Policy
- dns
Crypt Boolean - If matchAllVpn is false, this field is only true if at least one of the targetVpns entires contains an umbrellaDefault true
- dns
Server StringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry, Attribute conditional on
match_all_vpnbeing equal totrue - feature
Profile StringId - Feature Profile ID
- local
Domain BooleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain StringBypass List Id - match
All BooleanVpn - If this is true, there shouldn't be a targetVpns field, if false then targetVpns field should be there
- name String
- The name of the Policy
- target
Vpns List<Property Map> - Will be under data field only if matchAllVpn is false, if matchAllVpn is true field should not be in payload, Attribute conditional on
match_all_vpnbeing equal tofalse - umbrella
Default Boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- version Number
- The version of the Policy
Supporting Types
DnsSecurityPolicyTargetVpn, DnsSecurityPolicyTargetVpnArgs
- Dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Local
Domain boolBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Uid string
- non empty interger string
- Umbrella
Default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Vpns List<string>
- Dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Local
Domain boolBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Uid string
- non empty interger string
- Umbrella
Default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- Vpns []string
- dns
Server StringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain BooleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- uid String
- non empty interger string
- umbrella
Default Boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- vpns List<String>
- dns
Server stringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain booleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- uid string
- non empty interger string
- umbrella
Default boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- vpns string[]
- dns_
server_ strip - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local_
domain_ boolbypass_ enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- uid str
- non empty interger string
- umbrella_
default bool - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- vpns Sequence[str]
- dns
Server StringIp - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- local
Domain BooleanBypass Enabled - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- uid String
- non empty interger string
- umbrella
Default Boolean - Field will only be under data field if matchAllVpn is true, otherwise field will be under targetVpns and set per entry
- vpns List<String>
Import
Expected import identifier with the format: “dns_security_policy_id,feature_profile_id”
$ pulumi import sdwan:index/dnsSecurityPolicy:DnsSecurityPolicy example "f6b2c44c-693c-4763-b010-895aa3d236bd,f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- sdwan pulumi/pulumi-sdwan
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
sdwanTerraform Provider.