Viewing docs for Palo Alto Networks Cloud NGFW for AWS v2.0.0
published on Friday, Apr 24, 2026 by Pulumi
published on Friday, Apr 24, 2026 by Pulumi
Viewing docs for Palo Alto Networks Cloud NGFW for AWS v2.0.0
published on Friday, Apr 24, 2026 by Pulumi
published on Friday, Apr 24, 2026 by Pulumi
Data source for retrieving NGFW information.
Admin Permission Type
Firewall
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as cloudngfwaws from "@pulumi/cloudngfwaws";
const example = cloudngfwaws.getNgfw({
name: "example-instance",
});
import pulumi
import pulumi_cloudngfwaws as cloudngfwaws
example = cloudngfwaws.get_ngfw(name="example-instance")
package main
import (
"github.com/pulumi/pulumi-cloudngfwaws/sdk/v2/go/cloudngfwaws"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudngfwaws.GetNgfw(ctx, &cloudngfwaws.LookupNgfwArgs{
Name: pulumi.StringRef("example-instance"),
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using CloudNgfwAws = Pulumi.CloudNgfwAws;
return await Deployment.RunAsync(() =>
{
var example = CloudNgfwAws.Index.GetNgfw.Invoke(new()
{
Name = "example-instance",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.cloudngfwaws.CloudngfwawsFunctions;
import com.pulumi.cloudngfwaws.inputs.GetNgfwArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = CloudngfwawsFunctions.getNgfw(GetNgfwArgs.builder()
.name("example-instance")
.build());
}
}
variables:
example:
fn::invoke:
function: cloudngfwaws:getNgfw
arguments:
name: example-instance
Using getNgfw
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getNgfw(args: GetNgfwArgs, opts?: InvokeOptions): Promise<GetNgfwResult>
function getNgfwOutput(args: GetNgfwOutputArgs, opts?: InvokeOptions): Output<GetNgfwResult>def get_ngfw(account_id: Optional[str] = None,
firewall_id: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetNgfwResult
def get_ngfw_output(account_id: pulumi.Input[Optional[str]] = None,
firewall_id: pulumi.Input[Optional[str]] = None,
name: pulumi.Input[Optional[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetNgfwResult]func LookupNgfw(ctx *Context, args *LookupNgfwArgs, opts ...InvokeOption) (*LookupNgfwResult, error)
func LookupNgfwOutput(ctx *Context, args *LookupNgfwOutputArgs, opts ...InvokeOption) LookupNgfwResultOutput> Note: This function is named LookupNgfw in the Go SDK.
public static class GetNgfw
{
public static Task<GetNgfwResult> InvokeAsync(GetNgfwArgs args, InvokeOptions? opts = null)
public static Output<GetNgfwResult> Invoke(GetNgfwInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetNgfwResult> getNgfw(GetNgfwArgs args, InvokeOptions options)
public static Output<GetNgfwResult> getNgfw(GetNgfwArgs args, InvokeOptions options)
fn::invoke:
function: cloudngfwaws:index/getNgfw:getNgfw
arguments:
# arguments dictionaryThe following arguments are supported:
- Account
Id string - The Account Id.
- Firewall
Id string - The Firewall ID.
- Name string
- The NGFW name.
- Account
Id string - The Account Id.
- Firewall
Id string - The Firewall ID.
- Name string
- The NGFW name.
- account
Id String - The Account Id.
- firewall
Id String - The Firewall ID.
- name String
- The NGFW name.
- account
Id string - The Account Id.
- firewall
Id string - The Firewall ID.
- name string
- The NGFW name.
- account_
id str - The Account Id.
- firewall_
id str - The Firewall ID.
- name str
- The NGFW name.
- account
Id String - The Account Id.
- firewall
Id String - The Firewall ID.
- name String
- The NGFW name.
getNgfw Result
The following output properties are available:
- Allowlist
Accounts List<string> - The list of allowed accounts for this NGFW.
- App
Id stringVersion - App-ID version number.
- Automatic
Upgrade boolApp Id Version - Automatic App-ID upgrade version number.
- Az
Lists List<string> - The list of availability zone IDs for this NGFW.
- Change
Protections List<string> - Enables or disables change protection for the NGFW.
- Deployment
Update stringToken - The update token.
- Description string
- The NGFW description.
- Egress
Nats List<Pulumi.Cloud Ngfw Aws. Outputs. Get Ngfw Egress Nat> - Endpoint
Mode string - Set endpoint mode from the following options. Valid values are
ServiceManagedorCustomerManaged. - Endpoint
Service stringName - The endpoint service name.
- Endpoints
List<Pulumi.
Cloud Ngfw Aws. Outputs. Get Ngfw Endpoint> - Global
Rulestack string - The global rulestack for this NGFW.
- Id string
- The provider-assigned unique ID for this managed resource.
- Link
Id string - The link ID.
- Link
Status string - The link status.
- Multi
Vpc bool - Share NGFW with Multiple VPCs. This feature can be enabled only if the endpointMode is CustomerManaged.
- Private
Accesses List<Pulumi.Cloud Ngfw Aws. Outputs. Get Ngfw Private Access> - Rulestack string
- The rulestack for this NGFW.
- Security
Zones List<Pulumi.Cloud Ngfw Aws. Outputs. Get Ngfw Security Zone> - Statuses
List<Pulumi.
Cloud Ngfw Aws. Outputs. Get Ngfw Status> - Subnet
Mappings List<Pulumi.Cloud Ngfw Aws. Outputs. Get Ngfw Subnet Mapping> - Subnet mappings.
- Dictionary<string, string>
- The tags.
- Tier string
- Firewall Instance Tier. Allowed values are 'base', 'standard', or 'premium'.
- Update
Token string - The update token.
- User
Ids List<Pulumi.Cloud Ngfw Aws. Outputs. Get Ngfw User Id> - Vpc
Id string - The VPC ID for the NGFW.
- Account
Id string - The Account Id.
- Firewall
Id string - The Firewall ID.
- Name string
- The NGFW name.
- Allowlist
Accounts []string - The list of allowed accounts for this NGFW.
- App
Id stringVersion - App-ID version number.
- Automatic
Upgrade boolApp Id Version - Automatic App-ID upgrade version number.
- Az
Lists []string - The list of availability zone IDs for this NGFW.
- Change
Protections []string - Enables or disables change protection for the NGFW.
- Deployment
Update stringToken - The update token.
- Description string
- The NGFW description.
- Egress
Nats []GetNgfw Egress Nat - Endpoint
Mode string - Set endpoint mode from the following options. Valid values are
ServiceManagedorCustomerManaged. - Endpoint
Service stringName - The endpoint service name.
- Endpoints
[]Get
Ngfw Endpoint - Global
Rulestack string - The global rulestack for this NGFW.
- Id string
- The provider-assigned unique ID for this managed resource.
- Link
Id string - The link ID.
- Link
Status string - The link status.
- Multi
Vpc bool - Share NGFW with Multiple VPCs. This feature can be enabled only if the endpointMode is CustomerManaged.
- Private
Accesses []GetNgfw Private Access - Rulestack string
- The rulestack for this NGFW.
- Security
Zones []GetNgfw Security Zone - Statuses
[]Get
Ngfw Status - Subnet
Mappings []GetNgfw Subnet Mapping - Subnet mappings.
- map[string]string
- The tags.
- Tier string
- Firewall Instance Tier. Allowed values are 'base', 'standard', or 'premium'.
- Update
Token string - The update token.
- User
Ids []GetNgfw User Id - Vpc
Id string - The VPC ID for the NGFW.
- Account
Id string - The Account Id.
- Firewall
Id string - The Firewall ID.
- Name string
- The NGFW name.
- allowlist
Accounts List<String> - The list of allowed accounts for this NGFW.
- app
Id StringVersion - App-ID version number.
- automatic
Upgrade BooleanApp Id Version - Automatic App-ID upgrade version number.
- az
Lists List<String> - The list of availability zone IDs for this NGFW.
- change
Protections List<String> - Enables or disables change protection for the NGFW.
- deployment
Update StringToken - The update token.
- description String
- The NGFW description.
- egress
Nats List<GetNgfw Egress Nat> - endpoint
Mode String - Set endpoint mode from the following options. Valid values are
ServiceManagedorCustomerManaged. - endpoint
Service StringName - The endpoint service name.
- endpoints
List<Get
Ngfw Endpoint> - global
Rulestack String - The global rulestack for this NGFW.
- id String
- The provider-assigned unique ID for this managed resource.
- link
Id String - The link ID.
- link
Status String - The link status.
- multi
Vpc Boolean - Share NGFW with Multiple VPCs. This feature can be enabled only if the endpointMode is CustomerManaged.
- private
Accesses List<GetNgfw Private Access> - rulestack String
- The rulestack for this NGFW.
- security
Zones List<GetNgfw Security Zone> - statuses
List<Get
Ngfw Status> - subnet
Mappings List<GetNgfw Subnet Mapping> - Subnet mappings.
- Map<String,String>
- The tags.
- tier String
- Firewall Instance Tier. Allowed values are 'base', 'standard', or 'premium'.
- update
Token String - The update token.
- user
Ids List<GetNgfw User Id> - vpc
Id String - The VPC ID for the NGFW.
- account
Id String - The Account Id.
- firewall
Id String - The Firewall ID.
- name String
- The NGFW name.
- allowlist
Accounts string[] - The list of allowed accounts for this NGFW.
- app
Id stringVersion - App-ID version number.
- automatic
Upgrade booleanApp Id Version - Automatic App-ID upgrade version number.
- az
Lists string[] - The list of availability zone IDs for this NGFW.
- change
Protections string[] - Enables or disables change protection for the NGFW.
- deployment
Update stringToken - The update token.
- description string
- The NGFW description.
- egress
Nats GetNgfw Egress Nat[] - endpoint
Mode string - Set endpoint mode from the following options. Valid values are
ServiceManagedorCustomerManaged. - endpoint
Service stringName - The endpoint service name.
- endpoints
Get
Ngfw Endpoint[] - global
Rulestack string - The global rulestack for this NGFW.
- id string
- The provider-assigned unique ID for this managed resource.
- link
Id string - The link ID.
- link
Status string - The link status.
- multi
Vpc boolean - Share NGFW with Multiple VPCs. This feature can be enabled only if the endpointMode is CustomerManaged.
- private
Accesses GetNgfw Private Access[] - rulestack string
- The rulestack for this NGFW.
- security
Zones GetNgfw Security Zone[] - statuses
Get
Ngfw Status[] - subnet
Mappings GetNgfw Subnet Mapping[] - Subnet mappings.
- {[key: string]: string}
- The tags.
- tier string
- Firewall Instance Tier. Allowed values are 'base', 'standard', or 'premium'.
- update
Token string - The update token.
- user
Ids GetNgfw User Id[] - vpc
Id string - The VPC ID for the NGFW.
- account
Id string - The Account Id.
- firewall
Id string - The Firewall ID.
- name string
- The NGFW name.
- allowlist_
accounts Sequence[str] - The list of allowed accounts for this NGFW.
- app_
id_ strversion - App-ID version number.
- automatic_
upgrade_ boolapp_ id_ version - Automatic App-ID upgrade version number.
- az_
lists Sequence[str] - The list of availability zone IDs for this NGFW.
- change_
protections Sequence[str] - Enables or disables change protection for the NGFW.
- deployment_
update_ strtoken - The update token.
- description str
- The NGFW description.
- egress_
nats Sequence[GetNgfw Egress Nat] - endpoint_
mode str - Set endpoint mode from the following options. Valid values are
ServiceManagedorCustomerManaged. - endpoint_
service_ strname - The endpoint service name.
- endpoints
Sequence[Get
Ngfw Endpoint] - global_
rulestack str - The global rulestack for this NGFW.
- id str
- The provider-assigned unique ID for this managed resource.
- link_
id str - The link ID.
- link_
status str - The link status.
- multi_
vpc bool - Share NGFW with Multiple VPCs. This feature can be enabled only if the endpointMode is CustomerManaged.
- private_
accesses Sequence[GetNgfw Private Access] - rulestack str
- The rulestack for this NGFW.
- security_
zones Sequence[GetNgfw Security Zone] - statuses
Sequence[Get
Ngfw Status] - subnet_
mappings Sequence[GetNgfw Subnet Mapping] - Subnet mappings.
- Mapping[str, str]
- The tags.
- tier str
- Firewall Instance Tier. Allowed values are 'base', 'standard', or 'premium'.
- update_
token str - The update token.
- user_
ids Sequence[GetNgfw User Id] - vpc_
id str - The VPC ID for the NGFW.
- account_
id str - The Account Id.
- firewall_
id str - The Firewall ID.
- name str
- The NGFW name.
- allowlist
Accounts List<String> - The list of allowed accounts for this NGFW.
- app
Id StringVersion - App-ID version number.
- automatic
Upgrade BooleanApp Id Version - Automatic App-ID upgrade version number.
- az
Lists List<String> - The list of availability zone IDs for this NGFW.
- change
Protections List<String> - Enables or disables change protection for the NGFW.
- deployment
Update StringToken - The update token.
- description String
- The NGFW description.
- egress
Nats List<Property Map> - endpoint
Mode String - Set endpoint mode from the following options. Valid values are
ServiceManagedorCustomerManaged. - endpoint
Service StringName - The endpoint service name.
- endpoints List<Property Map>
- global
Rulestack String - The global rulestack for this NGFW.
- id String
- The provider-assigned unique ID for this managed resource.
- link
Id String - The link ID.
- link
Status String - The link status.
- multi
Vpc Boolean - Share NGFW with Multiple VPCs. This feature can be enabled only if the endpointMode is CustomerManaged.
- private
Accesses List<Property Map> - rulestack String
- The rulestack for this NGFW.
- security
Zones List<Property Map> - statuses List<Property Map>
- subnet
Mappings List<Property Map> - Subnet mappings.
- Map<String>
- The tags.
- tier String
- Firewall Instance Tier. Allowed values are 'base', 'standard', or 'premium'.
- update
Token String - The update token.
- user
Ids List<Property Map> - vpc
Id String - The VPC ID for the NGFW.
- account
Id String - The Account Id.
- firewall
Id String - The Firewall ID.
- name String
- The NGFW name.
Supporting Types
GetNgfwEgressNat
- Enabled bool
- Enable egress NAT
- Settings
List<Pulumi.
Cloud Ngfw Aws. Inputs. Get Ngfw Egress Nat Setting>
- Enabled bool
- Enable egress NAT
- Settings
[]Get
Ngfw Egress Nat Setting
- enabled Boolean
- Enable egress NAT
- settings
List<Get
Ngfw Egress Nat Setting>
- enabled boolean
- Enable egress NAT
- settings
Get
Ngfw Egress Nat Setting[]
- enabled bool
- Enable egress NAT
- settings
Sequence[Get
Ngfw Egress Nat Setting]
- enabled Boolean
- Enable egress NAT
- settings List<Property Map>
GetNgfwEgressNatSetting
- Ip
Pool stringType - Set ip pool type from the following options. Valid values are
AWSServiceorBYOIP. - Ipam
Pool stringId - The IP pool ID
- Ip
Pool stringType - Set ip pool type from the following options. Valid values are
AWSServiceorBYOIP. - Ipam
Pool stringId - The IP pool ID
- ip
Pool StringType - Set ip pool type from the following options. Valid values are
AWSServiceorBYOIP. - ipam
Pool StringId - The IP pool ID
- ip
Pool stringType - Set ip pool type from the following options. Valid values are
AWSServiceorBYOIP. - ipam
Pool stringId - The IP pool ID
- ip_
pool_ strtype - Set ip pool type from the following options. Valid values are
AWSServiceorBYOIP. - ipam_
pool_ strid - The IP pool ID
- ip
Pool StringType - Set ip pool type from the following options. Valid values are
AWSServiceorBYOIP. - ipam
Pool StringId - The IP pool ID
GetNgfwEndpoint
- Account
Id string - The account id.
- Egress
Nat boolEnabled - Enable egress NAT
- Endpoint
Id string - Endpoint ID of the security zone
- Mode string
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - Prefixes
List<Pulumi.
Cloud Ngfw Aws. Inputs. Get Ngfw Endpoint Prefix> - Rejected
Reason string - The rejected reason.
- Status string
- The attachment status.
- Subnet
Id string - The subnet id.
- Vpc
Id string - The vpc id.
- Zone
Id string - The AZ id.
- Account
Id string - The account id.
- Egress
Nat boolEnabled - Enable egress NAT
- Endpoint
Id string - Endpoint ID of the security zone
- Mode string
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - Prefixes
[]Get
Ngfw Endpoint Prefix - Rejected
Reason string - The rejected reason.
- Status string
- The attachment status.
- Subnet
Id string - The subnet id.
- Vpc
Id string - The vpc id.
- Zone
Id string - The AZ id.
- account
Id String - The account id.
- egress
Nat BooleanEnabled - Enable egress NAT
- endpoint
Id String - Endpoint ID of the security zone
- mode String
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - prefixes
List<Get
Ngfw Endpoint Prefix> - rejected
Reason String - The rejected reason.
- status String
- The attachment status.
- subnet
Id String - The subnet id.
- vpc
Id String - The vpc id.
- zone
Id String - The AZ id.
- account
Id string - The account id.
- egress
Nat booleanEnabled - Enable egress NAT
- endpoint
Id string - Endpoint ID of the security zone
- mode string
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - prefixes
Get
Ngfw Endpoint Prefix[] - rejected
Reason string - The rejected reason.
- status string
- The attachment status.
- subnet
Id string - The subnet id.
- vpc
Id string - The vpc id.
- zone
Id string - The AZ id.
- account_
id str - The account id.
- egress_
nat_ boolenabled - Enable egress NAT
- endpoint_
id str - Endpoint ID of the security zone
- mode str
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - prefixes
Sequence[Get
Ngfw Endpoint Prefix] - rejected_
reason str - The rejected reason.
- status str
- The attachment status.
- subnet_
id str - The subnet id.
- vpc_
id str - The vpc id.
- zone_
id str - The AZ id.
- account
Id String - The account id.
- egress
Nat BooleanEnabled - Enable egress NAT
- endpoint
Id String - Endpoint ID of the security zone
- mode String
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - prefixes List<Property Map>
- rejected
Reason String - The rejected reason.
- status String
- The attachment status.
- subnet
Id String - The subnet id.
- vpc
Id String - The vpc id.
- zone
Id String - The AZ id.
GetNgfwEndpointPrefix
GetNgfwEndpointPrefixPrivatePrefix
- Cidrs List<string>
- Cidrs []string
- cidrs List<String>
- cidrs string[]
- cidrs Sequence[str]
- cidrs List<String>
GetNgfwPrivateAccess
- Resource
Id string - AWS ResourceID
- Type string
- Type of Private Access
- Resource
Id string - AWS ResourceID
- Type string
- Type of Private Access
- resource
Id String - AWS ResourceID
- type String
- Type of Private Access
- resource
Id string - AWS ResourceID
- type string
- Type of Private Access
- resource_
id str - AWS ResourceID
- type str
- Type of Private Access
- resource
Id String - AWS ResourceID
- type String
- Type of Private Access
GetNgfwSecurityZone
- Account
Id string - The account id.
- Egress
Nat boolEnabled - Enable egress NAT
- Endpoint
Id string - Endpoint ID of the security zone
- Mode string
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - Prefixes
List<Pulumi.
Cloud Ngfw Aws. Inputs. Get Ngfw Security Zone Prefix> - Rejected
Reason string - The rejected reason.
- Status string
- The attachment status.
- Subnet
Id string - The subnet id.
- Vpc
Id string - The vpc id.
- Zone
Id string - The AZ id.
- Account
Id string - The account id.
- Egress
Nat boolEnabled - Enable egress NAT
- Endpoint
Id string - Endpoint ID of the security zone
- Mode string
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - Prefixes
[]Get
Ngfw Security Zone Prefix - Rejected
Reason string - The rejected reason.
- Status string
- The attachment status.
- Subnet
Id string - The subnet id.
- Vpc
Id string - The vpc id.
- Zone
Id string - The AZ id.
- account
Id String - The account id.
- egress
Nat BooleanEnabled - Enable egress NAT
- endpoint
Id String - Endpoint ID of the security zone
- mode String
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - prefixes
List<Get
Ngfw Security Zone Prefix> - rejected
Reason String - The rejected reason.
- status String
- The attachment status.
- subnet
Id String - The subnet id.
- vpc
Id String - The vpc id.
- zone
Id String - The AZ id.
- account
Id string - The account id.
- egress
Nat booleanEnabled - Enable egress NAT
- endpoint
Id string - Endpoint ID of the security zone
- mode string
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - prefixes
Get
Ngfw Security Zone Prefix[] - rejected
Reason string - The rejected reason.
- status string
- The attachment status.
- subnet
Id string - The subnet id.
- vpc
Id string - The vpc id.
- zone
Id string - The AZ id.
- account_
id str - The account id.
- egress_
nat_ boolenabled - Enable egress NAT
- endpoint_
id str - Endpoint ID of the security zone
- mode str
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - prefixes
Sequence[Get
Ngfw Security Zone Prefix] - rejected_
reason str - The rejected reason.
- status str
- The attachment status.
- subnet_
id str - The subnet id.
- vpc_
id str - The vpc id.
- zone_
id str - The AZ id.
- account
Id String - The account id.
- egress
Nat BooleanEnabled - Enable egress NAT
- endpoint
Id String - Endpoint ID of the security zone
- mode String
- The endpoint mode. Valid values are
ServiceManagedorCustomerManaged. - prefixes List<Property Map>
- rejected
Reason String - The rejected reason.
- status String
- The attachment status.
- subnet
Id String - The subnet id.
- vpc
Id String - The vpc id.
- zone
Id String - The AZ id.
GetNgfwSecurityZonePrefix
GetNgfwSecurityZonePrefixPrivatePrefix
- Cidrs List<string>
- Cidrs []string
- cidrs List<String>
- cidrs string[]
- cidrs Sequence[str]
- cidrs List<String>
GetNgfwStatus
- Attachments
List<Pulumi.
Cloud Ngfw Aws. Inputs. Get Ngfw Status Attachment> - The firewall attachments.
- Device
Rulestack stringCommit Status - The device rulestack commit status.
- Failure
Reason string - The firewall failure reason.
- Firewall
Status string - The firewall status.
- Rulestack
Status string - The rulestack status.
- Attachments
[]Get
Ngfw Status Attachment - The firewall attachments.
- Device
Rulestack stringCommit Status - The device rulestack commit status.
- Failure
Reason string - The firewall failure reason.
- Firewall
Status string - The firewall status.
- Rulestack
Status string - The rulestack status.
- attachments
List<Get
Ngfw Status Attachment> - The firewall attachments.
- device
Rulestack StringCommit Status - The device rulestack commit status.
- failure
Reason String - The firewall failure reason.
- firewall
Status String - The firewall status.
- rulestack
Status String - The rulestack status.
- attachments
Get
Ngfw Status Attachment[] - The firewall attachments.
- device
Rulestack stringCommit Status - The device rulestack commit status.
- failure
Reason string - The firewall failure reason.
- firewall
Status string - The firewall status.
- rulestack
Status string - The rulestack status.
- attachments
Sequence[Get
Ngfw Status Attachment] - The firewall attachments.
- device_
rulestack_ strcommit_ status - The device rulestack commit status.
- failure_
reason str - The firewall failure reason.
- firewall_
status str - The firewall status.
- rulestack_
status str - The rulestack status.
- attachments List<Property Map>
- The firewall attachments.
- device
Rulestack StringCommit Status - The device rulestack commit status.
- failure
Reason String - The firewall failure reason.
- firewall
Status String - The firewall status.
- rulestack
Status String - The rulestack status.
GetNgfwStatusAttachment
- Endpoint
Id string - The endpoint id.
- Rejected
Reason string - The reject reason.
- Status string
- The attachment status.
- Subnet
Id string - The subnet id.
- Endpoint
Id string - The endpoint id.
- Rejected
Reason string - The reject reason.
- Status string
- The attachment status.
- Subnet
Id string - The subnet id.
- endpoint
Id String - The endpoint id.
- rejected
Reason String - The reject reason.
- status String
- The attachment status.
- subnet
Id String - The subnet id.
- endpoint
Id string - The endpoint id.
- rejected
Reason string - The reject reason.
- status string
- The attachment status.
- subnet
Id string - The subnet id.
- endpoint_
id str - The endpoint id.
- rejected_
reason str - The reject reason.
- status str
- The attachment status.
- subnet_
id str - The subnet id.
- endpoint
Id String - The endpoint id.
- rejected
Reason String - The reject reason.
- status String
- The attachment status.
- subnet
Id String - The subnet id.
GetNgfwSubnetMapping
- Availability
Zone string - The availability zone, for when the endpoint mode is customer managed.
- Availability
Zone stringId - The availability zone ID, for when the endpoint mode is customer managed.
- Subnet
Id string - The subnet id, for when the endpoint mode is service managed.
- Availability
Zone string - The availability zone, for when the endpoint mode is customer managed.
- Availability
Zone stringId - The availability zone ID, for when the endpoint mode is customer managed.
- Subnet
Id string - The subnet id, for when the endpoint mode is service managed.
- availability
Zone String - The availability zone, for when the endpoint mode is customer managed.
- availability
Zone StringId - The availability zone ID, for when the endpoint mode is customer managed.
- subnet
Id String - The subnet id, for when the endpoint mode is service managed.
- availability
Zone string - The availability zone, for when the endpoint mode is customer managed.
- availability
Zone stringId - The availability zone ID, for when the endpoint mode is customer managed.
- subnet
Id string - The subnet id, for when the endpoint mode is service managed.
- availability_
zone str - The availability zone, for when the endpoint mode is customer managed.
- availability_
zone_ strid - The availability zone ID, for when the endpoint mode is customer managed.
- subnet_
id str - The subnet id, for when the endpoint mode is service managed.
- availability
Zone String - The availability zone, for when the endpoint mode is customer managed.
- availability
Zone StringId - The availability zone ID, for when the endpoint mode is customer managed.
- subnet
Id String - The subnet id, for when the endpoint mode is service managed.
GetNgfwUserId
- Agent
Name string - Agent Name for UserID
- Collector
Name string - The Collector Name
- Custom
Include List<Pulumi.Exclude Networks Cloud Ngfw Aws. Inputs. Get Ngfw User Id Custom Include Exclude Network> - List of Custom Include Exclude Networks
- Enabled bool
- Enable UserID Config
- Port int
- The Port
- Secret
Key stringArn - AWS Secret Key ARN
- User
Id stringStatus - Status and State of UserID Configuration
- Agent
Name string - Agent Name for UserID
- Collector
Name string - The Collector Name
- Custom
Include []GetExclude Networks Ngfw User Id Custom Include Exclude Network - List of Custom Include Exclude Networks
- Enabled bool
- Enable UserID Config
- Port int
- The Port
- Secret
Key stringArn - AWS Secret Key ARN
- User
Id stringStatus - Status and State of UserID Configuration
- agent
Name String - Agent Name for UserID
- collector
Name String - The Collector Name
- custom
Include List<GetExclude Networks Ngfw User Id Custom Include Exclude Network> - List of Custom Include Exclude Networks
- enabled Boolean
- Enable UserID Config
- port Integer
- The Port
- secret
Key StringArn - AWS Secret Key ARN
- user
Id StringStatus - Status and State of UserID Configuration
- agent
Name string - Agent Name for UserID
- collector
Name string - The Collector Name
- custom
Include GetExclude Networks Ngfw User Id Custom Include Exclude Network[] - List of Custom Include Exclude Networks
- enabled boolean
- Enable UserID Config
- port number
- The Port
- secret
Key stringArn - AWS Secret Key ARN
- user
Id stringStatus - Status and State of UserID Configuration
- agent_
name str - Agent Name for UserID
- collector_
name str - The Collector Name
- custom_
include_ Sequence[Getexclude_ networks Ngfw User Id Custom Include Exclude Network] - List of Custom Include Exclude Networks
- enabled bool
- Enable UserID Config
- port int
- The Port
- secret_
key_ strarn - AWS Secret Key ARN
- user_
id_ strstatus - Status and State of UserID Configuration
- agent
Name String - Agent Name for UserID
- collector
Name String - The Collector Name
- custom
Include List<Property Map>Exclude Networks - List of Custom Include Exclude Networks
- enabled Boolean
- Enable UserID Config
- port Number
- The Port
- secret
Key StringArn - AWS Secret Key ARN
- user
Id StringStatus - Status and State of UserID Configuration
GetNgfwUserIdCustomIncludeExcludeNetwork
- Discovery
Include bool - Include or exclude this subnet from user-id configuration
- Enabled bool
- Enable this specific custom include/exclude network
- Name string
- Name of subnet filter
- Network
Address string - Network IP address of the subnet filter
- Discovery
Include bool - Include or exclude this subnet from user-id configuration
- Enabled bool
- Enable this specific custom include/exclude network
- Name string
- Name of subnet filter
- Network
Address string - Network IP address of the subnet filter
- discovery
Include Boolean - Include or exclude this subnet from user-id configuration
- enabled Boolean
- Enable this specific custom include/exclude network
- name String
- Name of subnet filter
- network
Address String - Network IP address of the subnet filter
- discovery
Include boolean - Include or exclude this subnet from user-id configuration
- enabled boolean
- Enable this specific custom include/exclude network
- name string
- Name of subnet filter
- network
Address string - Network IP address of the subnet filter
- discovery_
include bool - Include or exclude this subnet from user-id configuration
- enabled bool
- Enable this specific custom include/exclude network
- name str
- Name of subnet filter
- network_
address str - Network IP address of the subnet filter
- discovery
Include Boolean - Include or exclude this subnet from user-id configuration
- enabled Boolean
- Enable this specific custom include/exclude network
- name String
- Name of subnet filter
- network
Address String - Network IP address of the subnet filter
Package Details
- Repository
- cloudngfwaws pulumi/pulumi-cloudngfwaws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
cloudngfwawsTerraform Provider.
Viewing docs for Palo Alto Networks Cloud NGFW for AWS v2.0.0
published on Friday, Apr 24, 2026 by Pulumi
published on Friday, Apr 24, 2026 by Pulumi
