1. Packages
  2. F5 BIG-IP
  3. API Docs
  4. IpsecPolicy
f5 BIG-IP v3.17.2 published on Wednesday, Jun 26, 2024 by Pulumi

f5bigip.IpsecPolicy

Explore with Pulumi AI

f5bigip logo
f5 BIG-IP v3.17.2 published on Wednesday, Jun 26, 2024 by Pulumi

    f5bigip.IpsecPolicy Manage IPSec policies on a BIG-IP

    Resources should be named with their “full path”. The full path is the combination of the partition + name (example: /Common/test-policy)

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as f5bigip from "@pulumi/f5bigip";
    
    const test_policy = new f5bigip.IpsecPolicy("test-policy", {
        name: "/Common/test-policy",
        description: "created by terraform provider",
        protocol: "esp",
        mode: "tunnel",
        tunnelLocalAddress: "192.168.1.1",
        tunnelRemoteAddress: "10.10.1.1",
        authAlgorithm: "sha1",
        encryptAlgorithm: "3des",
        lifetime: 3,
        ipcomp: "deflate",
    });
    
    import pulumi
    import pulumi_f5bigip as f5bigip
    
    test_policy = f5bigip.IpsecPolicy("test-policy",
        name="/Common/test-policy",
        description="created by terraform provider",
        protocol="esp",
        mode="tunnel",
        tunnel_local_address="192.168.1.1",
        tunnel_remote_address="10.10.1.1",
        auth_algorithm="sha1",
        encrypt_algorithm="3des",
        lifetime=3,
        ipcomp="deflate")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-f5bigip/sdk/v3/go/f5bigip"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := f5bigip.NewIpsecPolicy(ctx, "test-policy", &f5bigip.IpsecPolicyArgs{
    			Name:                pulumi.String("/Common/test-policy"),
    			Description:         pulumi.String("created by terraform provider"),
    			Protocol:            pulumi.String("esp"),
    			Mode:                pulumi.String("tunnel"),
    			TunnelLocalAddress:  pulumi.String("192.168.1.1"),
    			TunnelRemoteAddress: pulumi.String("10.10.1.1"),
    			AuthAlgorithm:       pulumi.String("sha1"),
    			EncryptAlgorithm:    pulumi.String("3des"),
    			Lifetime:            pulumi.Int(3),
    			Ipcomp:              pulumi.String("deflate"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using F5BigIP = Pulumi.F5BigIP;
    
    return await Deployment.RunAsync(() => 
    {
        var test_policy = new F5BigIP.IpsecPolicy("test-policy", new()
        {
            Name = "/Common/test-policy",
            Description = "created by terraform provider",
            Protocol = "esp",
            Mode = "tunnel",
            TunnelLocalAddress = "192.168.1.1",
            TunnelRemoteAddress = "10.10.1.1",
            AuthAlgorithm = "sha1",
            EncryptAlgorithm = "3des",
            Lifetime = 3,
            Ipcomp = "deflate",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.f5bigip.IpsecPolicy;
    import com.pulumi.f5bigip.IpsecPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test_policy = new IpsecPolicy("test-policy", IpsecPolicyArgs.builder()
                .name("/Common/test-policy")
                .description("created by terraform provider")
                .protocol("esp")
                .mode("tunnel")
                .tunnelLocalAddress("192.168.1.1")
                .tunnelRemoteAddress("10.10.1.1")
                .authAlgorithm("sha1")
                .encryptAlgorithm("3des")
                .lifetime(3)
                .ipcomp("deflate")
                .build());
    
        }
    }
    
    resources:
      test-policy:
        type: f5bigip:IpsecPolicy
        properties:
          name: /Common/test-policy
          description: created by terraform provider
          protocol: esp
          mode: tunnel
          tunnelLocalAddress: 192.168.1.1
          tunnelRemoteAddress: 10.10.1.1
          authAlgorithm: sha1
          encryptAlgorithm: 3des
          lifetime: 3
          ipcomp: deflate
    

    Create IpsecPolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new IpsecPolicy(name: string, args: IpsecPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def IpsecPolicy(resource_name: str,
                    args: IpsecPolicyArgs,
                    opts: Optional[ResourceOptions] = None)
    
    @overload
    def IpsecPolicy(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    name: Optional[str] = None,
                    auth_algorithm: Optional[str] = None,
                    description: Optional[str] = None,
                    encrypt_algorithm: Optional[str] = None,
                    ipcomp: Optional[str] = None,
                    kb_lifetime: Optional[int] = None,
                    lifetime: Optional[int] = None,
                    mode: Optional[str] = None,
                    perfect_forward_secrecy: Optional[str] = None,
                    protocol: Optional[str] = None,
                    tunnel_local_address: Optional[str] = None,
                    tunnel_remote_address: Optional[str] = None)
    func NewIpsecPolicy(ctx *Context, name string, args IpsecPolicyArgs, opts ...ResourceOption) (*IpsecPolicy, error)
    public IpsecPolicy(string name, IpsecPolicyArgs args, CustomResourceOptions? opts = null)
    public IpsecPolicy(String name, IpsecPolicyArgs args)
    public IpsecPolicy(String name, IpsecPolicyArgs args, CustomResourceOptions options)
    
    type: f5bigip:IpsecPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args IpsecPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args IpsecPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args IpsecPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args IpsecPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args IpsecPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var ipsecPolicyResource = new F5BigIP.IpsecPolicy("ipsecPolicyResource", new()
    {
        Name = "string",
        AuthAlgorithm = "string",
        Description = "string",
        EncryptAlgorithm = "string",
        Ipcomp = "string",
        KbLifetime = 0,
        Lifetime = 0,
        Mode = "string",
        PerfectForwardSecrecy = "string",
        Protocol = "string",
        TunnelLocalAddress = "string",
        TunnelRemoteAddress = "string",
    });
    
    example, err := f5bigip.NewIpsecPolicy(ctx, "ipsecPolicyResource", &f5bigip.IpsecPolicyArgs{
    	Name:                  pulumi.String("string"),
    	AuthAlgorithm:         pulumi.String("string"),
    	Description:           pulumi.String("string"),
    	EncryptAlgorithm:      pulumi.String("string"),
    	Ipcomp:                pulumi.String("string"),
    	KbLifetime:            pulumi.Int(0),
    	Lifetime:              pulumi.Int(0),
    	Mode:                  pulumi.String("string"),
    	PerfectForwardSecrecy: pulumi.String("string"),
    	Protocol:              pulumi.String("string"),
    	TunnelLocalAddress:    pulumi.String("string"),
    	TunnelRemoteAddress:   pulumi.String("string"),
    })
    
    var ipsecPolicyResource = new IpsecPolicy("ipsecPolicyResource", IpsecPolicyArgs.builder()
        .name("string")
        .authAlgorithm("string")
        .description("string")
        .encryptAlgorithm("string")
        .ipcomp("string")
        .kbLifetime(0)
        .lifetime(0)
        .mode("string")
        .perfectForwardSecrecy("string")
        .protocol("string")
        .tunnelLocalAddress("string")
        .tunnelRemoteAddress("string")
        .build());
    
    ipsec_policy_resource = f5bigip.IpsecPolicy("ipsecPolicyResource",
        name="string",
        auth_algorithm="string",
        description="string",
        encrypt_algorithm="string",
        ipcomp="string",
        kb_lifetime=0,
        lifetime=0,
        mode="string",
        perfect_forward_secrecy="string",
        protocol="string",
        tunnel_local_address="string",
        tunnel_remote_address="string")
    
    const ipsecPolicyResource = new f5bigip.IpsecPolicy("ipsecPolicyResource", {
        name: "string",
        authAlgorithm: "string",
        description: "string",
        encryptAlgorithm: "string",
        ipcomp: "string",
        kbLifetime: 0,
        lifetime: 0,
        mode: "string",
        perfectForwardSecrecy: "string",
        protocol: "string",
        tunnelLocalAddress: "string",
        tunnelRemoteAddress: "string",
    });
    
    type: f5bigip:IpsecPolicy
    properties:
        authAlgorithm: string
        description: string
        encryptAlgorithm: string
        ipcomp: string
        kbLifetime: 0
        lifetime: 0
        mode: string
        name: string
        perfectForwardSecrecy: string
        protocol: string
        tunnelLocalAddress: string
        tunnelRemoteAddress: string
    

    IpsecPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The IpsecPolicy resource accepts the following input properties:

    Name string
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    AuthAlgorithm string
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    Description string
    Description of the IPSec policy.
    EncryptAlgorithm string
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    Ipcomp string
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    KbLifetime int
    Specifies the length of time before the IKE security association expires, in kilobytes.
    Lifetime int
    Specifies the length of time before the IKE security association expires, in minutes.
    Mode string
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    PerfectForwardSecrecy string
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    Protocol string
    Specifies the IPsec protocol. Valid choices are: ah, esp
    TunnelLocalAddress string
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    TunnelRemoteAddress string
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    Name string
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    AuthAlgorithm string
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    Description string
    Description of the IPSec policy.
    EncryptAlgorithm string
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    Ipcomp string
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    KbLifetime int
    Specifies the length of time before the IKE security association expires, in kilobytes.
    Lifetime int
    Specifies the length of time before the IKE security association expires, in minutes.
    Mode string
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    PerfectForwardSecrecy string
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    Protocol string
    Specifies the IPsec protocol. Valid choices are: ah, esp
    TunnelLocalAddress string
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    TunnelRemoteAddress string
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    name String
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    authAlgorithm String
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    description String
    Description of the IPSec policy.
    encryptAlgorithm String
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    ipcomp String
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    kbLifetime Integer
    Specifies the length of time before the IKE security association expires, in kilobytes.
    lifetime Integer
    Specifies the length of time before the IKE security association expires, in minutes.
    mode String
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    perfectForwardSecrecy String
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    protocol String
    Specifies the IPsec protocol. Valid choices are: ah, esp
    tunnelLocalAddress String
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    tunnelRemoteAddress String
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    name string
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    authAlgorithm string
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    description string
    Description of the IPSec policy.
    encryptAlgorithm string
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    ipcomp string
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    kbLifetime number
    Specifies the length of time before the IKE security association expires, in kilobytes.
    lifetime number
    Specifies the length of time before the IKE security association expires, in minutes.
    mode string
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    perfectForwardSecrecy string
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    protocol string
    Specifies the IPsec protocol. Valid choices are: ah, esp
    tunnelLocalAddress string
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    tunnelRemoteAddress string
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    name str
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    auth_algorithm str
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    description str
    Description of the IPSec policy.
    encrypt_algorithm str
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    ipcomp str
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    kb_lifetime int
    Specifies the length of time before the IKE security association expires, in kilobytes.
    lifetime int
    Specifies the length of time before the IKE security association expires, in minutes.
    mode str
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    perfect_forward_secrecy str
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    protocol str
    Specifies the IPsec protocol. Valid choices are: ah, esp
    tunnel_local_address str
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    tunnel_remote_address str
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    name String
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    authAlgorithm String
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    description String
    Description of the IPSec policy.
    encryptAlgorithm String
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    ipcomp String
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    kbLifetime Number
    Specifies the length of time before the IKE security association expires, in kilobytes.
    lifetime Number
    Specifies the length of time before the IKE security association expires, in minutes.
    mode String
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    perfectForwardSecrecy String
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    protocol String
    Specifies the IPsec protocol. Valid choices are: ah, esp
    tunnelLocalAddress String
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    tunnelRemoteAddress String
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the IpsecPolicy resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing IpsecPolicy Resource

    Get an existing IpsecPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: IpsecPolicyState, opts?: CustomResourceOptions): IpsecPolicy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            auth_algorithm: Optional[str] = None,
            description: Optional[str] = None,
            encrypt_algorithm: Optional[str] = None,
            ipcomp: Optional[str] = None,
            kb_lifetime: Optional[int] = None,
            lifetime: Optional[int] = None,
            mode: Optional[str] = None,
            name: Optional[str] = None,
            perfect_forward_secrecy: Optional[str] = None,
            protocol: Optional[str] = None,
            tunnel_local_address: Optional[str] = None,
            tunnel_remote_address: Optional[str] = None) -> IpsecPolicy
    func GetIpsecPolicy(ctx *Context, name string, id IDInput, state *IpsecPolicyState, opts ...ResourceOption) (*IpsecPolicy, error)
    public static IpsecPolicy Get(string name, Input<string> id, IpsecPolicyState? state, CustomResourceOptions? opts = null)
    public static IpsecPolicy get(String name, Output<String> id, IpsecPolicyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AuthAlgorithm string
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    Description string
    Description of the IPSec policy.
    EncryptAlgorithm string
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    Ipcomp string
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    KbLifetime int
    Specifies the length of time before the IKE security association expires, in kilobytes.
    Lifetime int
    Specifies the length of time before the IKE security association expires, in minutes.
    Mode string
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    Name string
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    PerfectForwardSecrecy string
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    Protocol string
    Specifies the IPsec protocol. Valid choices are: ah, esp
    TunnelLocalAddress string
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    TunnelRemoteAddress string
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    AuthAlgorithm string
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    Description string
    Description of the IPSec policy.
    EncryptAlgorithm string
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    Ipcomp string
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    KbLifetime int
    Specifies the length of time before the IKE security association expires, in kilobytes.
    Lifetime int
    Specifies the length of time before the IKE security association expires, in minutes.
    Mode string
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    Name string
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    PerfectForwardSecrecy string
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    Protocol string
    Specifies the IPsec protocol. Valid choices are: ah, esp
    TunnelLocalAddress string
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    TunnelRemoteAddress string
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    authAlgorithm String
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    description String
    Description of the IPSec policy.
    encryptAlgorithm String
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    ipcomp String
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    kbLifetime Integer
    Specifies the length of time before the IKE security association expires, in kilobytes.
    lifetime Integer
    Specifies the length of time before the IKE security association expires, in minutes.
    mode String
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    name String
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    perfectForwardSecrecy String
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    protocol String
    Specifies the IPsec protocol. Valid choices are: ah, esp
    tunnelLocalAddress String
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    tunnelRemoteAddress String
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    authAlgorithm string
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    description string
    Description of the IPSec policy.
    encryptAlgorithm string
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    ipcomp string
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    kbLifetime number
    Specifies the length of time before the IKE security association expires, in kilobytes.
    lifetime number
    Specifies the length of time before the IKE security association expires, in minutes.
    mode string
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    name string
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    perfectForwardSecrecy string
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    protocol string
    Specifies the IPsec protocol. Valid choices are: ah, esp
    tunnelLocalAddress string
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    tunnelRemoteAddress string
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    auth_algorithm str
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    description str
    Description of the IPSec policy.
    encrypt_algorithm str
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    ipcomp str
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    kb_lifetime int
    Specifies the length of time before the IKE security association expires, in kilobytes.
    lifetime int
    Specifies the length of time before the IKE security association expires, in minutes.
    mode str
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    name str
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    perfect_forward_secrecy str
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    protocol str
    Specifies the IPsec protocol. Valid choices are: ah, esp
    tunnel_local_address str
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    tunnel_remote_address str
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    authAlgorithm String
    Specifies the algorithm to use for IKE authentication. Valid choices are: sha1, sha256, sha384, sha512, aes-gcm128, aes-gcm192, aes-gcm256, aes-gmac128, aes-gmac192, aes-gmac256
    description String
    Description of the IPSec policy.
    encryptAlgorithm String
    Specifies the algorithm to use for IKE encryption. Valid choices are: null, 3des, aes128, aes192, aes256, aes-gmac256, aes-gmac192, aes-gmac128, aes-gcm256, aes-gcm192, aes-gcm256, aes-gcm128
    ipcomp String
    Specifies whether to use IPComp encapsulation. Valid choices are: none", null", deflate
    kbLifetime Number
    Specifies the length of time before the IKE security association expires, in kilobytes.
    lifetime Number
    Specifies the length of time before the IKE security association expires, in minutes.
    mode String
    Specifies the processing mode. Valid choices are: transport, interface, isession, tunnel
    name String
    Name of the IPSec policy,it should be "full path".The full path is the combination of the partition + name of the IPSec policy.(For example /Common/test-policy)
    perfectForwardSecrecy String
    Specifies the Diffie-Hellman group to use for IKE Phase 2 negotiation. Valid choices are: none, modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp6144, modp8192
    protocol String
    Specifies the IPsec protocol. Valid choices are: ah, esp
    tunnelLocalAddress String
    Specifies the local endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.
    tunnelRemoteAddress String
    Specifies the remote endpoint IP address of the IPsec tunnel. This parameter is only valid when mode is tunnel.

    Package Details

    Repository
    f5 BIG-IP pulumi/pulumi-f5bigip
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the bigip Terraform Provider.
    f5bigip logo
    f5 BIG-IP v3.17.2 published on Wednesday, Jun 26, 2024 by Pulumi