This data source provides details about a specific Network Firewall Policy Security Rule resource in Oracle Cloud Infrastructure Network Firewall service.
Get Security Rule by the given name in the context of network firewall policy.
data "oci_network_firewall_network_firewall_policy_security_rule" "test_network_firewall_policy_security_rule" {
#Required
network_firewall_policy_id = oci_network_firewall_network_firewall_policy.test_network_firewall_policy.id
security_rule_name = var.oci_network_firewall_network_firewall_policy_security_rule_name
}
The following arguments are supported:
network_firewall_policy_id
- (Required) Unique Network Firewall Policy identifiersecurity_rule_name
- (Required) Unique identifier for Security Rules in the scope of Network Firewall Policy.The following attributes are exported:
action
- Types of Action on the Traffic flow.
inspection
, which may result in rejection. condition
- Criteria to evaluate against network traffic. A match occurs when at least one item in the array associated with each specified property corresponds with the relevant aspect of the traffic.
application
- An array of application list names to be evaluated against the traffic protocol and protocol-specific parameters.destination_address
- An array of IP address list names to be evaluated against the traffic destination address.service
- An array of service list names to be evaluated against the traffic protocol and protocol-specific parameters.source_address
- An array of IP address list names to be evaluated against the traffic source address.url
- An array of URL pattern list names to be evaluated against the HTTP(S) request target.inspection
- Type of inspection to affect the Traffic flow. This is only applicable if action is INSPECT.
type
. name
- Name for the Security rule, must be unique within the policy.parent_resource_id
- OCID of the Network Firewall Policy this security rule belongs to.position
- An object which defines the position of the rule.
after_rule
- Identifier for rule after which this rule lies.before_rule
- Identifier for rule before which this rule lies.