1. Packages
  2. Cisco ISE Provider
  3. API Docs
  4. networkaccess
  5. AuthorizationExceptionRule
Cisco ISE v0.2.1 published on Saturday, Mar 15, 2025 by Pulumi

ise.networkaccess.AuthorizationExceptionRule

Explore with Pulumi AI

This resource can manage a Network Access Authorization Exception Rule.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as ise from "@pulumi/ise";

const example = new ise.networkaccess.AuthorizationExceptionRule("example", {
    policySetId: "d82952cb-b901-4b09-b363-5ebf39bdbaf9",
    name: "Rule1",
    "default": false,
    rank: 0,
    state: "enabled",
    conditionType: "ConditionAttributes",
    conditionIsNegate: false,
    conditionAttributeName: "Location",
    conditionAttributeValue: "All Locations",
    conditionDictionaryName: "DEVICE",
    conditionOperator: "equals",
    profiles: ["PermitAccess"],
    securityGroup: "BYOD",
});
Copy
import pulumi
import pulumi_ise as ise

example = ise.networkaccess.AuthorizationExceptionRule("example",
    policy_set_id="d82952cb-b901-4b09-b363-5ebf39bdbaf9",
    name="Rule1",
    default=False,
    rank=0,
    state="enabled",
    condition_type="ConditionAttributes",
    condition_is_negate=False,
    condition_attribute_name="Location",
    condition_attribute_value="All Locations",
    condition_dictionary_name="DEVICE",
    condition_operator="equals",
    profiles=["PermitAccess"],
    security_group="BYOD")
Copy
package main

import (
	"github.com/pulumi/pulumi-ise/sdk/go/ise/networkaccess"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networkaccess.NewAuthorizationExceptionRule(ctx, "example", &networkaccess.AuthorizationExceptionRuleArgs{
			PolicySetId:             pulumi.String("d82952cb-b901-4b09-b363-5ebf39bdbaf9"),
			Name:                    pulumi.String("Rule1"),
			Default:                 pulumi.Bool(false),
			Rank:                    pulumi.Int(0),
			State:                   pulumi.String("enabled"),
			ConditionType:           pulumi.String("ConditionAttributes"),
			ConditionIsNegate:       pulumi.Bool(false),
			ConditionAttributeName:  pulumi.String("Location"),
			ConditionAttributeValue: pulumi.String("All Locations"),
			ConditionDictionaryName: pulumi.String("DEVICE"),
			ConditionOperator:       pulumi.String("equals"),
			Profiles: pulumi.StringArray{
				pulumi.String("PermitAccess"),
			},
			SecurityGroup: pulumi.String("BYOD"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ise = Pulumi.Ise;

return await Deployment.RunAsync(() => 
{
    var example = new Ise.NetworkAccess.AuthorizationExceptionRule("example", new()
    {
        PolicySetId = "d82952cb-b901-4b09-b363-5ebf39bdbaf9",
        Name = "Rule1",
        Default = false,
        Rank = 0,
        State = "enabled",
        ConditionType = "ConditionAttributes",
        ConditionIsNegate = false,
        ConditionAttributeName = "Location",
        ConditionAttributeValue = "All Locations",
        ConditionDictionaryName = "DEVICE",
        ConditionOperator = "equals",
        Profiles = new[]
        {
            "PermitAccess",
        },
        SecurityGroup = "BYOD",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ise.networkaccess.AuthorizationExceptionRule;
import com.pulumi.ise.networkaccess.AuthorizationExceptionRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new AuthorizationExceptionRule("example", AuthorizationExceptionRuleArgs.builder()
            .policySetId("d82952cb-b901-4b09-b363-5ebf39bdbaf9")
            .name("Rule1")
            .default_(false)
            .rank(0)
            .state("enabled")
            .conditionType("ConditionAttributes")
            .conditionIsNegate(false)
            .conditionAttributeName("Location")
            .conditionAttributeValue("All Locations")
            .conditionDictionaryName("DEVICE")
            .conditionOperator("equals")
            .profiles("PermitAccess")
            .securityGroup("BYOD")
            .build());

    }
}
Copy
resources:
  example:
    type: ise:networkaccess:AuthorizationExceptionRule
    properties:
      policySetId: d82952cb-b901-4b09-b363-5ebf39bdbaf9
      name: Rule1
      default: false
      rank: 0
      state: enabled
      conditionType: ConditionAttributes
      conditionIsNegate: false
      conditionAttributeName: Location
      conditionAttributeValue: All Locations
      conditionDictionaryName: DEVICE
      conditionOperator: equals
      profiles:
        - PermitAccess
      securityGroup: BYOD
Copy

Create AuthorizationExceptionRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new AuthorizationExceptionRule(name: string, args: AuthorizationExceptionRuleArgs, opts?: CustomResourceOptions);
@overload
def AuthorizationExceptionRule(resource_name: str,
                               args: AuthorizationExceptionRuleArgs,
                               opts: Optional[ResourceOptions] = None)

@overload
def AuthorizationExceptionRule(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               policy_set_id: Optional[str] = None,
                               condition_type: Optional[str] = None,
                               condition_attribute_name: Optional[str] = None,
                               condition_dictionary_name: Optional[str] = None,
                               condition_dictionary_value: Optional[str] = None,
                               condition_id: Optional[str] = None,
                               condition_is_negate: Optional[bool] = None,
                               condition_attribute_value: Optional[str] = None,
                               default: Optional[bool] = None,
                               condition_operator: Optional[str] = None,
                               name: Optional[str] = None,
                               childrens: Optional[Sequence[AuthorizationExceptionRuleChildrenArgs]] = None,
                               profiles: Optional[Sequence[str]] = None,
                               rank: Optional[int] = None,
                               security_group: Optional[str] = None,
                               state: Optional[str] = None)
func NewAuthorizationExceptionRule(ctx *Context, name string, args AuthorizationExceptionRuleArgs, opts ...ResourceOption) (*AuthorizationExceptionRule, error)
public AuthorizationExceptionRule(string name, AuthorizationExceptionRuleArgs args, CustomResourceOptions? opts = null)
public AuthorizationExceptionRule(String name, AuthorizationExceptionRuleArgs args)
public AuthorizationExceptionRule(String name, AuthorizationExceptionRuleArgs args, CustomResourceOptions options)
type: ise:networkaccess:AuthorizationExceptionRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. AuthorizationExceptionRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. AuthorizationExceptionRuleArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. AuthorizationExceptionRuleArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. AuthorizationExceptionRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. AuthorizationExceptionRuleArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var iseAuthorizationExceptionRuleResource = new Ise.NetworkAccess.AuthorizationExceptionRule("iseAuthorizationExceptionRuleResource", new()
{
    PolicySetId = "string",
    ConditionType = "string",
    ConditionAttributeName = "string",
    ConditionDictionaryName = "string",
    ConditionDictionaryValue = "string",
    ConditionId = "string",
    ConditionIsNegate = false,
    ConditionAttributeValue = "string",
    Default = false,
    ConditionOperator = "string",
    Name = "string",
    Childrens = new[]
    {
        new Ise.NetworkAccess.Inputs.AuthorizationExceptionRuleChildrenArgs
        {
            ConditionType = "string",
            AttributeName = "string",
            AttributeValue = "string",
            Childrens = new[]
            {
                new Ise.NetworkAccess.Inputs.AuthorizationExceptionRuleChildrenChildrenArgs
                {
                    ConditionType = "string",
                    AttributeName = "string",
                    AttributeValue = "string",
                    DictionaryName = "string",
                    DictionaryValue = "string",
                    Id = "string",
                    IsNegate = false,
                    Operator = "string",
                },
            },
            DictionaryName = "string",
            DictionaryValue = "string",
            Id = "string",
            IsNegate = false,
            Operator = "string",
        },
    },
    Profiles = new[]
    {
        "string",
    },
    Rank = 0,
    SecurityGroup = "string",
    State = "string",
});
Copy
example, err := networkaccess.NewAuthorizationExceptionRule(ctx, "iseAuthorizationExceptionRuleResource", &networkaccess.AuthorizationExceptionRuleArgs{
	PolicySetId:              pulumi.String("string"),
	ConditionType:            pulumi.String("string"),
	ConditionAttributeName:   pulumi.String("string"),
	ConditionDictionaryName:  pulumi.String("string"),
	ConditionDictionaryValue: pulumi.String("string"),
	ConditionId:              pulumi.String("string"),
	ConditionIsNegate:        pulumi.Bool(false),
	ConditionAttributeValue:  pulumi.String("string"),
	Default:                  pulumi.Bool(false),
	ConditionOperator:        pulumi.String("string"),
	Name:                     pulumi.String("string"),
	Childrens: networkaccess.AuthorizationExceptionRuleChildrenArray{
		&networkaccess.AuthorizationExceptionRuleChildrenArgs{
			ConditionType:  pulumi.String("string"),
			AttributeName:  pulumi.String("string"),
			AttributeValue: pulumi.String("string"),
			Childrens: networkaccess.AuthorizationExceptionRuleChildrenChildrenArray{
				&networkaccess.AuthorizationExceptionRuleChildrenChildrenArgs{
					ConditionType:   pulumi.String("string"),
					AttributeName:   pulumi.String("string"),
					AttributeValue:  pulumi.String("string"),
					DictionaryName:  pulumi.String("string"),
					DictionaryValue: pulumi.String("string"),
					Id:              pulumi.String("string"),
					IsNegate:        pulumi.Bool(false),
					Operator:        pulumi.String("string"),
				},
			},
			DictionaryName:  pulumi.String("string"),
			DictionaryValue: pulumi.String("string"),
			Id:              pulumi.String("string"),
			IsNegate:        pulumi.Bool(false),
			Operator:        pulumi.String("string"),
		},
	},
	Profiles: pulumi.StringArray{
		pulumi.String("string"),
	},
	Rank:          pulumi.Int(0),
	SecurityGroup: pulumi.String("string"),
	State:         pulumi.String("string"),
})
Copy
var iseAuthorizationExceptionRuleResource = new AuthorizationExceptionRule("iseAuthorizationExceptionRuleResource", AuthorizationExceptionRuleArgs.builder()
    .policySetId("string")
    .conditionType("string")
    .conditionAttributeName("string")
    .conditionDictionaryName("string")
    .conditionDictionaryValue("string")
    .conditionId("string")
    .conditionIsNegate(false)
    .conditionAttributeValue("string")
    .default_(false)
    .conditionOperator("string")
    .name("string")
    .childrens(AuthorizationExceptionRuleChildrenArgs.builder()
        .conditionType("string")
        .attributeName("string")
        .attributeValue("string")
        .childrens(AuthorizationExceptionRuleChildrenChildrenArgs.builder()
            .conditionType("string")
            .attributeName("string")
            .attributeValue("string")
            .dictionaryName("string")
            .dictionaryValue("string")
            .id("string")
            .isNegate(false)
            .operator("string")
            .build())
        .dictionaryName("string")
        .dictionaryValue("string")
        .id("string")
        .isNegate(false)
        .operator("string")
        .build())
    .profiles("string")
    .rank(0)
    .securityGroup("string")
    .state("string")
    .build());
Copy
ise_authorization_exception_rule_resource = ise.networkaccess.AuthorizationExceptionRule("iseAuthorizationExceptionRuleResource",
    policy_set_id="string",
    condition_type="string",
    condition_attribute_name="string",
    condition_dictionary_name="string",
    condition_dictionary_value="string",
    condition_id="string",
    condition_is_negate=False,
    condition_attribute_value="string",
    default=False,
    condition_operator="string",
    name="string",
    childrens=[{
        "condition_type": "string",
        "attribute_name": "string",
        "attribute_value": "string",
        "childrens": [{
            "condition_type": "string",
            "attribute_name": "string",
            "attribute_value": "string",
            "dictionary_name": "string",
            "dictionary_value": "string",
            "id": "string",
            "is_negate": False,
            "operator": "string",
        }],
        "dictionary_name": "string",
        "dictionary_value": "string",
        "id": "string",
        "is_negate": False,
        "operator": "string",
    }],
    profiles=["string"],
    rank=0,
    security_group="string",
    state="string")
Copy
const iseAuthorizationExceptionRuleResource = new ise.networkaccess.AuthorizationExceptionRule("iseAuthorizationExceptionRuleResource", {
    policySetId: "string",
    conditionType: "string",
    conditionAttributeName: "string",
    conditionDictionaryName: "string",
    conditionDictionaryValue: "string",
    conditionId: "string",
    conditionIsNegate: false,
    conditionAttributeValue: "string",
    "default": false,
    conditionOperator: "string",
    name: "string",
    childrens: [{
        conditionType: "string",
        attributeName: "string",
        attributeValue: "string",
        childrens: [{
            conditionType: "string",
            attributeName: "string",
            attributeValue: "string",
            dictionaryName: "string",
            dictionaryValue: "string",
            id: "string",
            isNegate: false,
            operator: "string",
        }],
        dictionaryName: "string",
        dictionaryValue: "string",
        id: "string",
        isNegate: false,
        operator: "string",
    }],
    profiles: ["string"],
    rank: 0,
    securityGroup: "string",
    state: "string",
});
Copy
type: ise:networkaccess:AuthorizationExceptionRule
properties:
    childrens:
        - attributeName: string
          attributeValue: string
          childrens:
            - attributeName: string
              attributeValue: string
              conditionType: string
              dictionaryName: string
              dictionaryValue: string
              id: string
              isNegate: false
              operator: string
          conditionType: string
          dictionaryName: string
          dictionaryValue: string
          id: string
          isNegate: false
          operator: string
    conditionAttributeName: string
    conditionAttributeValue: string
    conditionDictionaryName: string
    conditionDictionaryValue: string
    conditionId: string
    conditionIsNegate: false
    conditionOperator: string
    conditionType: string
    default: false
    name: string
    policySetId: string
    profiles:
        - string
    rank: 0
    securityGroup: string
    state: string
Copy

AuthorizationExceptionRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The AuthorizationExceptionRule resource accepts the following input properties:

PolicySetId This property is required. string
Policy set ID
Childrens List<AuthorizationExceptionRuleChildren>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
ConditionAttributeName string
Dictionary attribute name
ConditionAttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
ConditionDictionaryName string
Dictionary name
ConditionDictionaryValue string
Dictionary value
ConditionId string
UUID for condition
ConditionIsNegate bool
Indicates whereas this condition is in negate mode
ConditionOperator string
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
ConditionType string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
Default bool
Indicates if this rule is the default one
Name string
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
Profiles List<string>
The authorization profile(s)
Rank int
The rank (priority) in relation to other rules. Lower rank is higher priority.
SecurityGroup string
Security group used in authorization policies
State string
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
PolicySetId This property is required. string
Policy set ID
Childrens []AuthorizationExceptionRuleChildrenArgs
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
ConditionAttributeName string
Dictionary attribute name
ConditionAttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
ConditionDictionaryName string
Dictionary name
ConditionDictionaryValue string
Dictionary value
ConditionId string
UUID for condition
ConditionIsNegate bool
Indicates whereas this condition is in negate mode
ConditionOperator string
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
ConditionType string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
Default bool
Indicates if this rule is the default one
Name string
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
Profiles []string
The authorization profile(s)
Rank int
The rank (priority) in relation to other rules. Lower rank is higher priority.
SecurityGroup string
Security group used in authorization policies
State string
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
policySetId This property is required. String
Policy set ID
childrens List<AuthorizationExceptionRuleChildren>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
conditionAttributeName String
Dictionary attribute name
conditionAttributeValue String
Attribute value for condition. Value type is specified in dictionary object.
conditionDictionaryName String
Dictionary name
conditionDictionaryValue String
Dictionary value
conditionId String
UUID for condition
conditionIsNegate Boolean
Indicates whereas this condition is in negate mode
conditionOperator String
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType String
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
default_ Boolean
Indicates if this rule is the default one
name String
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
profiles List<String>
The authorization profile(s)
rank Integer
The rank (priority) in relation to other rules. Lower rank is higher priority.
securityGroup String
Security group used in authorization policies
state String
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
policySetId This property is required. string
Policy set ID
childrens AuthorizationExceptionRuleChildren[]
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
conditionAttributeName string
Dictionary attribute name
conditionAttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
conditionDictionaryName string
Dictionary name
conditionDictionaryValue string
Dictionary value
conditionId string
UUID for condition
conditionIsNegate boolean
Indicates whereas this condition is in negate mode
conditionOperator string
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
default boolean
Indicates if this rule is the default one
name string
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
profiles string[]
The authorization profile(s)
rank number
The rank (priority) in relation to other rules. Lower rank is higher priority.
securityGroup string
Security group used in authorization policies
state string
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
policy_set_id This property is required. str
Policy set ID
childrens Sequence[AuthorizationExceptionRuleChildrenArgs]
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
condition_attribute_name str
Dictionary attribute name
condition_attribute_value str
Attribute value for condition. Value type is specified in dictionary object.
condition_dictionary_name str
Dictionary name
condition_dictionary_value str
Dictionary value
condition_id str
UUID for condition
condition_is_negate bool
Indicates whereas this condition is in negate mode
condition_operator str
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
condition_type str
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
default bool
Indicates if this rule is the default one
name str
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
profiles Sequence[str]
The authorization profile(s)
rank int
The rank (priority) in relation to other rules. Lower rank is higher priority.
security_group str
Security group used in authorization policies
state str
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
policySetId This property is required. String
Policy set ID
childrens List<Property Map>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
conditionAttributeName String
Dictionary attribute name
conditionAttributeValue String
Attribute value for condition. Value type is specified in dictionary object.
conditionDictionaryName String
Dictionary name
conditionDictionaryValue String
Dictionary value
conditionId String
UUID for condition
conditionIsNegate Boolean
Indicates whereas this condition is in negate mode
conditionOperator String
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType String
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
default Boolean
Indicates if this rule is the default one
name String
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
profiles List<String>
The authorization profile(s)
rank Number
The rank (priority) in relation to other rules. Lower rank is higher priority.
securityGroup String
Security group used in authorization policies
state String
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor

Outputs

All input properties are implicitly available as output properties. Additionally, the AuthorizationExceptionRule resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing AuthorizationExceptionRule Resource

Get an existing AuthorizationExceptionRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: AuthorizationExceptionRuleState, opts?: CustomResourceOptions): AuthorizationExceptionRule
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        childrens: Optional[Sequence[AuthorizationExceptionRuleChildrenArgs]] = None,
        condition_attribute_name: Optional[str] = None,
        condition_attribute_value: Optional[str] = None,
        condition_dictionary_name: Optional[str] = None,
        condition_dictionary_value: Optional[str] = None,
        condition_id: Optional[str] = None,
        condition_is_negate: Optional[bool] = None,
        condition_operator: Optional[str] = None,
        condition_type: Optional[str] = None,
        default: Optional[bool] = None,
        name: Optional[str] = None,
        policy_set_id: Optional[str] = None,
        profiles: Optional[Sequence[str]] = None,
        rank: Optional[int] = None,
        security_group: Optional[str] = None,
        state: Optional[str] = None) -> AuthorizationExceptionRule
func GetAuthorizationExceptionRule(ctx *Context, name string, id IDInput, state *AuthorizationExceptionRuleState, opts ...ResourceOption) (*AuthorizationExceptionRule, error)
public static AuthorizationExceptionRule Get(string name, Input<string> id, AuthorizationExceptionRuleState? state, CustomResourceOptions? opts = null)
public static AuthorizationExceptionRule get(String name, Output<String> id, AuthorizationExceptionRuleState state, CustomResourceOptions options)
resources:  _:    type: ise:networkaccess:AuthorizationExceptionRule    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Childrens List<AuthorizationExceptionRuleChildren>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
ConditionAttributeName string
Dictionary attribute name
ConditionAttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
ConditionDictionaryName string
Dictionary name
ConditionDictionaryValue string
Dictionary value
ConditionId string
UUID for condition
ConditionIsNegate bool
Indicates whereas this condition is in negate mode
ConditionOperator string
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
ConditionType string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
Default bool
Indicates if this rule is the default one
Name string
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
PolicySetId string
Policy set ID
Profiles List<string>
The authorization profile(s)
Rank int
The rank (priority) in relation to other rules. Lower rank is higher priority.
SecurityGroup string
Security group used in authorization policies
State string
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
Childrens []AuthorizationExceptionRuleChildrenArgs
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
ConditionAttributeName string
Dictionary attribute name
ConditionAttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
ConditionDictionaryName string
Dictionary name
ConditionDictionaryValue string
Dictionary value
ConditionId string
UUID for condition
ConditionIsNegate bool
Indicates whereas this condition is in negate mode
ConditionOperator string
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
ConditionType string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
Default bool
Indicates if this rule is the default one
Name string
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
PolicySetId string
Policy set ID
Profiles []string
The authorization profile(s)
Rank int
The rank (priority) in relation to other rules. Lower rank is higher priority.
SecurityGroup string
Security group used in authorization policies
State string
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
childrens List<AuthorizationExceptionRuleChildren>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
conditionAttributeName String
Dictionary attribute name
conditionAttributeValue String
Attribute value for condition. Value type is specified in dictionary object.
conditionDictionaryName String
Dictionary name
conditionDictionaryValue String
Dictionary value
conditionId String
UUID for condition
conditionIsNegate Boolean
Indicates whereas this condition is in negate mode
conditionOperator String
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType String
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
default_ Boolean
Indicates if this rule is the default one
name String
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
policySetId String
Policy set ID
profiles List<String>
The authorization profile(s)
rank Integer
The rank (priority) in relation to other rules. Lower rank is higher priority.
securityGroup String
Security group used in authorization policies
state String
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
childrens AuthorizationExceptionRuleChildren[]
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
conditionAttributeName string
Dictionary attribute name
conditionAttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
conditionDictionaryName string
Dictionary name
conditionDictionaryValue string
Dictionary value
conditionId string
UUID for condition
conditionIsNegate boolean
Indicates whereas this condition is in negate mode
conditionOperator string
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
default boolean
Indicates if this rule is the default one
name string
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
policySetId string
Policy set ID
profiles string[]
The authorization profile(s)
rank number
The rank (priority) in relation to other rules. Lower rank is higher priority.
securityGroup string
Security group used in authorization policies
state string
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
childrens Sequence[AuthorizationExceptionRuleChildrenArgs]
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
condition_attribute_name str
Dictionary attribute name
condition_attribute_value str
Attribute value for condition. Value type is specified in dictionary object.
condition_dictionary_name str
Dictionary name
condition_dictionary_value str
Dictionary value
condition_id str
UUID for condition
condition_is_negate bool
Indicates whereas this condition is in negate mode
condition_operator str
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
condition_type str
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
default bool
Indicates if this rule is the default one
name str
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
policy_set_id str
Policy set ID
profiles Sequence[str]
The authorization profile(s)
rank int
The rank (priority) in relation to other rules. Lower rank is higher priority.
security_group str
Security group used in authorization policies
state str
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor
childrens List<Property Map>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
conditionAttributeName String
Dictionary attribute name
conditionAttributeValue String
Attribute value for condition. Value type is specified in dictionary object.
conditionDictionaryName String
Dictionary name
conditionDictionaryValue String
Dictionary value
conditionId String
UUID for condition
conditionIsNegate Boolean
Indicates whereas this condition is in negate mode
conditionOperator String
Equality operator - Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType String
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute. - Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
default Boolean
Indicates if this rule is the default one
name String
Rule name, [Valid characters are alphanumerics, underscore, hyphen, space, period, parentheses]
policySetId String
Policy set ID
profiles List<String>
The authorization profile(s)
rank Number
The rank (priority) in relation to other rules. Lower rank is higher priority.
securityGroup String
Security group used in authorization policies
state String
The state that the rule is in. A disabled rule cannot be matched. - Choices: disabled, enabled, monitor

Supporting Types

AuthorizationExceptionRuleChildren
, AuthorizationExceptionRuleChildrenArgs

ConditionType This property is required. string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.

  • Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
AttributeName string
Dictionary attribute name
AttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
Childrens List<AuthorizationExceptionRuleChildrenChildren>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
DictionaryName string
Dictionary name
DictionaryValue string
Dictionary value
Id string
UUID for condition
IsNegate bool
Indicates whereas this condition is in negate mode
Operator string
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
ConditionType This property is required. string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.

  • Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
AttributeName string
Dictionary attribute name
AttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
Childrens []AuthorizationExceptionRuleChildrenChildren
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
DictionaryName string
Dictionary name
DictionaryValue string
Dictionary value
Id string
UUID for condition
IsNegate bool
Indicates whereas this condition is in negate mode
Operator string
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType This property is required. String
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.

  • Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
attributeName String
Dictionary attribute name
attributeValue String
Attribute value for condition. Value type is specified in dictionary object.
childrens List<AuthorizationExceptionRuleChildrenChildren>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
dictionaryName String
Dictionary name
dictionaryValue String
Dictionary value
id String
UUID for condition
isNegate Boolean
Indicates whereas this condition is in negate mode
operator String
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType This property is required. string
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.

  • Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
attributeName string
Dictionary attribute name
attributeValue string
Attribute value for condition. Value type is specified in dictionary object.
childrens AuthorizationExceptionRuleChildrenChildren[]
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
dictionaryName string
Dictionary name
dictionaryValue string
Dictionary value
id string
UUID for condition
isNegate boolean
Indicates whereas this condition is in negate mode
operator string
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
condition_type This property is required. str
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.

  • Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
attribute_name str
Dictionary attribute name
attribute_value str
Attribute value for condition. Value type is specified in dictionary object.
childrens Sequence[AuthorizationExceptionRuleChildrenChildren]
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
dictionary_name str
Dictionary name
dictionary_value str
Dictionary value
id str
UUID for condition
is_negate bool
Indicates whereas this condition is in negate mode
operator str
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType This property is required. String
Indicates whether the record is the condition itself or a logical aggregation. Logical aggreation indicates that additional conditions are present under the children attribute.

  • Choices: ConditionAndBlock, ConditionAttributes, ConditionOrBlock, ConditionReference
attributeName String
Dictionary attribute name
attributeValue String
Attribute value for condition. Value type is specified in dictionary object.
childrens List<Property Map>
List of child conditions. condition_type must be one of ConditionAndBlock or ConditionOrBlock.
dictionaryName String
Dictionary name
dictionaryValue String
Dictionary value
id String
UUID for condition
isNegate Boolean
Indicates whereas this condition is in negate mode
operator String
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith

AuthorizationExceptionRuleChildrenChildren
, AuthorizationExceptionRuleChildrenChildrenArgs

ConditionType This property is required. string
Condition type.

  • Choices: ConditionAttributes, ConditionReference
AttributeName string
Dictionary attribute name
AttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
DictionaryName string
Dictionary name
DictionaryValue string
Dictionary value
Id string
UUID for condition
IsNegate bool
Indicates whereas this condition is in negate mode
Operator string
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
ConditionType This property is required. string
Condition type.

  • Choices: ConditionAttributes, ConditionReference
AttributeName string
Dictionary attribute name
AttributeValue string
Attribute value for condition. Value type is specified in dictionary object.
DictionaryName string
Dictionary name
DictionaryValue string
Dictionary value
Id string
UUID for condition
IsNegate bool
Indicates whereas this condition is in negate mode
Operator string
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType This property is required. String
Condition type.

  • Choices: ConditionAttributes, ConditionReference
attributeName String
Dictionary attribute name
attributeValue String
Attribute value for condition. Value type is specified in dictionary object.
dictionaryName String
Dictionary name
dictionaryValue String
Dictionary value
id String
UUID for condition
isNegate Boolean
Indicates whereas this condition is in negate mode
operator String
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType This property is required. string
Condition type.

  • Choices: ConditionAttributes, ConditionReference
attributeName string
Dictionary attribute name
attributeValue string
Attribute value for condition. Value type is specified in dictionary object.
dictionaryName string
Dictionary name
dictionaryValue string
Dictionary value
id string
UUID for condition
isNegate boolean
Indicates whereas this condition is in negate mode
operator string
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
condition_type This property is required. str
Condition type.

  • Choices: ConditionAttributes, ConditionReference
attribute_name str
Dictionary attribute name
attribute_value str
Attribute value for condition. Value type is specified in dictionary object.
dictionary_name str
Dictionary name
dictionary_value str
Dictionary value
id str
UUID for condition
is_negate bool
Indicates whereas this condition is in negate mode
operator str
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith
conditionType This property is required. String
Condition type.

  • Choices: ConditionAttributes, ConditionReference
attributeName String
Dictionary attribute name
attributeValue String
Attribute value for condition. Value type is specified in dictionary object.
dictionaryName String
Dictionary name
dictionaryValue String
Dictionary value
id String
UUID for condition
isNegate Boolean
Indicates whereas this condition is in negate mode
operator String
Equality operator

  • Choices: contains, endsWith, equals, greaterOrEquals, greaterThan, in, ipEquals, ipGreaterThan, ipLessThan, ipNotEquals, lessOrEquals, lessThan, matches, notContains, notEndsWith, notEquals, notIn, notStartsWith, startsWith

Import

$ pulumi import ise:networkaccess/authorizationExceptionRule:AuthorizationExceptionRule example "76d24097-41c4-4558-a4d0-a8c07ac08470,76d24097-41c4-4558-a4d0-a8c07ac08470"
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
ise pulumi/pulumi-ise
License
Apache-2.0
Notes
This Pulumi package is based on the ise Terraform Provider.