Viewing docs for Databricks v1.91.1
published on Friday, May 1, 2026 by Pulumi
published on Friday, May 1, 2026 by Pulumi
Viewing docs for Databricks v1.91.1
published on Friday, May 1, 2026 by Pulumi
published on Friday, May 1, 2026 by Pulumi
Network policies control which network destinations can be accessed from the Databricks environment.
Each Databricks account includes a default policy named default-policy. This policy is:
- Associated with any workspace lacking an explicit network policy assignment
- Automatically associated with each newly created workspace
- Reserved and cannot be deleted, but can be updated to customize the default network access rules for your account
The default-policy provides a baseline security configuration that ensures all workspaces have network access controls in place.
Note This resource can only be used with an account-level provider!
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as databricks from "@pulumi/databricks";
const exampleNetworkPolicy = new databricks.AccountNetworkPolicy("example_network_policy", {
networkPolicyId: "example-network-policy",
egress: {
networkAccess: {
restrictionMode: "RESTRICTED_ACCESS",
allowedInternetDestinations: [{
destination: "example.com",
internetDestinationType: "DNS_NAME",
}],
allowedStorageDestinations: [{
bucketName: "example-aws-cloud-storage",
region: "us-west-1",
storageDestinationType: "AWS_S3",
}],
policyEnforcement: {
enforcementMode: "ENFORCED",
},
},
},
});
import pulumi
import pulumi_databricks as databricks
example_network_policy = databricks.AccountNetworkPolicy("example_network_policy",
network_policy_id="example-network-policy",
egress={
"network_access": {
"restriction_mode": "RESTRICTED_ACCESS",
"allowed_internet_destinations": [{
"destination": "example.com",
"internet_destination_type": "DNS_NAME",
}],
"allowed_storage_destinations": [{
"bucket_name": "example-aws-cloud-storage",
"region": "us-west-1",
"storage_destination_type": "AWS_S3",
}],
"policy_enforcement": {
"enforcement_mode": "ENFORCED",
},
},
})
package main
import (
"github.com/pulumi/pulumi-databricks/sdk/go/databricks"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := databricks.NewAccountNetworkPolicy(ctx, "example_network_policy", &databricks.AccountNetworkPolicyArgs{
NetworkPolicyId: pulumi.String("example-network-policy"),
Egress: &databricks.AccountNetworkPolicyEgressArgs{
NetworkAccess: &databricks.AccountNetworkPolicyEgressNetworkAccessArgs{
RestrictionMode: pulumi.String("RESTRICTED_ACCESS"),
AllowedInternetDestinations: databricks.AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArray{
&databricks.AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArgs{
Destination: pulumi.String("example.com"),
InternetDestinationType: pulumi.String("DNS_NAME"),
},
},
AllowedStorageDestinations: databricks.AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArray{
&databricks.AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArgs{
BucketName: pulumi.String("example-aws-cloud-storage"),
Region: pulumi.String("us-west-1"),
StorageDestinationType: pulumi.String("AWS_S3"),
},
},
PolicyEnforcement: &databricks.AccountNetworkPolicyEgressNetworkAccessPolicyEnforcementArgs{
EnforcementMode: pulumi.String("ENFORCED"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Databricks = Pulumi.Databricks;
return await Deployment.RunAsync(() =>
{
var exampleNetworkPolicy = new Databricks.Index.AccountNetworkPolicy("example_network_policy", new()
{
NetworkPolicyId = "example-network-policy",
Egress = new Databricks.Inputs.AccountNetworkPolicyEgressArgs
{
NetworkAccess = new Databricks.Inputs.AccountNetworkPolicyEgressNetworkAccessArgs
{
RestrictionMode = "RESTRICTED_ACCESS",
AllowedInternetDestinations = new[]
{
new Databricks.Inputs.AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArgs
{
Destination = "example.com",
InternetDestinationType = "DNS_NAME",
},
},
AllowedStorageDestinations = new[]
{
new Databricks.Inputs.AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArgs
{
BucketName = "example-aws-cloud-storage",
Region = "us-west-1",
StorageDestinationType = "AWS_S3",
},
},
PolicyEnforcement = new Databricks.Inputs.AccountNetworkPolicyEgressNetworkAccessPolicyEnforcementArgs
{
EnforcementMode = "ENFORCED",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.databricks.AccountNetworkPolicy;
import com.pulumi.databricks.AccountNetworkPolicyArgs;
import com.pulumi.databricks.inputs.AccountNetworkPolicyEgressArgs;
import com.pulumi.databricks.inputs.AccountNetworkPolicyEgressNetworkAccessArgs;
import com.pulumi.databricks.inputs.AccountNetworkPolicyEgressNetworkAccessPolicyEnforcementArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleNetworkPolicy = new AccountNetworkPolicy("exampleNetworkPolicy", AccountNetworkPolicyArgs.builder()
.networkPolicyId("example-network-policy")
.egress(AccountNetworkPolicyEgressArgs.builder()
.networkAccess(AccountNetworkPolicyEgressNetworkAccessArgs.builder()
.restrictionMode("RESTRICTED_ACCESS")
.allowedInternetDestinations(AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArgs.builder()
.destination("example.com")
.internetDestinationType("DNS_NAME")
.build())
.allowedStorageDestinations(AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArgs.builder()
.bucketName("example-aws-cloud-storage")
.region("us-west-1")
.storageDestinationType("AWS_S3")
.build())
.policyEnforcement(AccountNetworkPolicyEgressNetworkAccessPolicyEnforcementArgs.builder()
.enforcementMode("ENFORCED")
.build())
.build())
.build())
.build());
}
}
resources:
exampleNetworkPolicy:
type: databricks:AccountNetworkPolicy
name: example_network_policy
properties:
networkPolicyId: example-network-policy
egress:
networkAccess:
restrictionMode: RESTRICTED_ACCESS
allowedInternetDestinations:
- destination: example.com
internetDestinationType: DNS_NAME
allowedStorageDestinations:
- bucketName: example-aws-cloud-storage
region: us-west-1
storageDestinationType: AWS_S3
policyEnforcement:
enforcementMode: ENFORCED
Create AccountNetworkPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AccountNetworkPolicy(name: string, args?: AccountNetworkPolicyArgs, opts?: CustomResourceOptions);@overload
def AccountNetworkPolicy(resource_name: str,
args: Optional[AccountNetworkPolicyArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def AccountNetworkPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
egress: Optional[AccountNetworkPolicyEgressArgs] = None,
ingress: Optional[AccountNetworkPolicyIngressArgs] = None,
ingress_dry_run: Optional[AccountNetworkPolicyIngressDryRunArgs] = None,
network_policy_id: Optional[str] = None)func NewAccountNetworkPolicy(ctx *Context, name string, args *AccountNetworkPolicyArgs, opts ...ResourceOption) (*AccountNetworkPolicy, error)public AccountNetworkPolicy(string name, AccountNetworkPolicyArgs? args = null, CustomResourceOptions? opts = null)
public AccountNetworkPolicy(String name, AccountNetworkPolicyArgs args)
public AccountNetworkPolicy(String name, AccountNetworkPolicyArgs args, CustomResourceOptions options)
type: databricks:AccountNetworkPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AccountNetworkPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccountNetworkPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccountNetworkPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccountNetworkPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccountNetworkPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var accountNetworkPolicyResource = new Databricks.AccountNetworkPolicy("accountNetworkPolicyResource", new()
{
AccountId = "string",
Egress = new Databricks.Inputs.AccountNetworkPolicyEgressArgs
{
NetworkAccess = new Databricks.Inputs.AccountNetworkPolicyEgressNetworkAccessArgs
{
RestrictionMode = "string",
AllowedInternetDestinations = new[]
{
new Databricks.Inputs.AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArgs
{
Destination = "string",
InternetDestinationType = "string",
},
},
AllowedStorageDestinations = new[]
{
new Databricks.Inputs.AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArgs
{
AzureStorageAccount = "string",
AzureStorageService = "string",
BucketName = "string",
Region = "string",
StorageDestinationType = "string",
},
},
PolicyEnforcement = new Databricks.Inputs.AccountNetworkPolicyEgressNetworkAccessPolicyEnforcementArgs
{
DryRunModeProductFilters = new[]
{
"string",
},
EnforcementMode = "string",
},
},
},
Ingress = new Databricks.Inputs.AccountNetworkPolicyIngressArgs
{
PublicAccess = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessArgs
{
RestrictionMode = "string",
AllowRules = new[]
{
new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleArgs
{
Authentication = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationArgs
{
Identities = new[]
{
new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationIdentityArgs
{
PrincipalId = "string",
PrincipalType = "string",
},
},
IdentityType = "string",
},
Destination = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationArgs
{
AllDestinations = false,
WorkspaceApi = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceApiArgs
{
Scopes = new[]
{
"string",
},
},
WorkspaceUi = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceUiArgs
{
AllDestinations = false,
},
},
Label = "string",
Origin = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleOriginArgs
{
AllIpRanges = false,
ExcludedIpRanges = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleOriginExcludedIpRangesArgs
{
IpRanges = new[]
{
"string",
},
},
IncludedIpRanges = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessAllowRuleOriginIncludedIpRangesArgs
{
IpRanges = new[]
{
"string",
},
},
},
},
},
DenyRules = new[]
{
new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleArgs
{
Authentication = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationArgs
{
Identities = new[]
{
new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationIdentityArgs
{
PrincipalId = "string",
PrincipalType = "string",
},
},
IdentityType = "string",
},
Destination = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationArgs
{
AllDestinations = false,
WorkspaceApi = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceApiArgs
{
Scopes = new[]
{
"string",
},
},
WorkspaceUi = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceUiArgs
{
AllDestinations = false,
},
},
Label = "string",
Origin = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleOriginArgs
{
AllIpRanges = false,
ExcludedIpRanges = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleOriginExcludedIpRangesArgs
{
IpRanges = new[]
{
"string",
},
},
IncludedIpRanges = new Databricks.Inputs.AccountNetworkPolicyIngressPublicAccessDenyRuleOriginIncludedIpRangesArgs
{
IpRanges = new[]
{
"string",
},
},
},
},
},
},
},
IngressDryRun = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunArgs
{
PublicAccess = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessArgs
{
RestrictionMode = "string",
AllowRules = new[]
{
new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleArgs
{
Authentication = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationArgs
{
Identities = new[]
{
new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationIdentityArgs
{
PrincipalId = "string",
PrincipalType = "string",
},
},
IdentityType = "string",
},
Destination = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationArgs
{
AllDestinations = false,
WorkspaceApi = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceApiArgs
{
Scopes = new[]
{
"string",
},
},
WorkspaceUi = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceUiArgs
{
AllDestinations = false,
},
},
Label = "string",
Origin = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginArgs
{
AllIpRanges = false,
ExcludedIpRanges = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginExcludedIpRangesArgs
{
IpRanges = new[]
{
"string",
},
},
IncludedIpRanges = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginIncludedIpRangesArgs
{
IpRanges = new[]
{
"string",
},
},
},
},
},
DenyRules = new[]
{
new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleArgs
{
Authentication = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationArgs
{
Identities = new[]
{
new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationIdentityArgs
{
PrincipalId = "string",
PrincipalType = "string",
},
},
IdentityType = "string",
},
Destination = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationArgs
{
AllDestinations = false,
WorkspaceApi = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceApiArgs
{
Scopes = new[]
{
"string",
},
},
WorkspaceUi = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceUiArgs
{
AllDestinations = false,
},
},
Label = "string",
Origin = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginArgs
{
AllIpRanges = false,
ExcludedIpRanges = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginExcludedIpRangesArgs
{
IpRanges = new[]
{
"string",
},
},
IncludedIpRanges = new Databricks.Inputs.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginIncludedIpRangesArgs
{
IpRanges = new[]
{
"string",
},
},
},
},
},
},
},
NetworkPolicyId = "string",
});
example, err := databricks.NewAccountNetworkPolicy(ctx, "accountNetworkPolicyResource", &databricks.AccountNetworkPolicyArgs{
AccountId: pulumi.String("string"),
Egress: &databricks.AccountNetworkPolicyEgressArgs{
NetworkAccess: &databricks.AccountNetworkPolicyEgressNetworkAccessArgs{
RestrictionMode: pulumi.String("string"),
AllowedInternetDestinations: databricks.AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArray{
&databricks.AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArgs{
Destination: pulumi.String("string"),
InternetDestinationType: pulumi.String("string"),
},
},
AllowedStorageDestinations: databricks.AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArray{
&databricks.AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArgs{
AzureStorageAccount: pulumi.String("string"),
AzureStorageService: pulumi.String("string"),
BucketName: pulumi.String("string"),
Region: pulumi.String("string"),
StorageDestinationType: pulumi.String("string"),
},
},
PolicyEnforcement: &databricks.AccountNetworkPolicyEgressNetworkAccessPolicyEnforcementArgs{
DryRunModeProductFilters: pulumi.StringArray{
pulumi.String("string"),
},
EnforcementMode: pulumi.String("string"),
},
},
},
Ingress: &databricks.AccountNetworkPolicyIngressArgs{
PublicAccess: &databricks.AccountNetworkPolicyIngressPublicAccessArgs{
RestrictionMode: pulumi.String("string"),
AllowRules: databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleArray{
&databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleArgs{
Authentication: &databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationArgs{
Identities: databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationIdentityArray{
&databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationIdentityArgs{
PrincipalId: pulumi.String("string"),
PrincipalType: pulumi.String("string"),
},
},
IdentityType: pulumi.String("string"),
},
Destination: &databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationArgs{
AllDestinations: pulumi.Bool(false),
WorkspaceApi: &databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceApiArgs{
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
},
WorkspaceUi: &databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceUiArgs{
AllDestinations: pulumi.Bool(false),
},
},
Label: pulumi.String("string"),
Origin: &databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleOriginArgs{
AllIpRanges: pulumi.Bool(false),
ExcludedIpRanges: &databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleOriginExcludedIpRangesArgs{
IpRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
IncludedIpRanges: &databricks.AccountNetworkPolicyIngressPublicAccessAllowRuleOriginIncludedIpRangesArgs{
IpRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
DenyRules: databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleArray{
&databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleArgs{
Authentication: &databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationArgs{
Identities: databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationIdentityArray{
&databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationIdentityArgs{
PrincipalId: pulumi.String("string"),
PrincipalType: pulumi.String("string"),
},
},
IdentityType: pulumi.String("string"),
},
Destination: &databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationArgs{
AllDestinations: pulumi.Bool(false),
WorkspaceApi: &databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceApiArgs{
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
},
WorkspaceUi: &databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceUiArgs{
AllDestinations: pulumi.Bool(false),
},
},
Label: pulumi.String("string"),
Origin: &databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleOriginArgs{
AllIpRanges: pulumi.Bool(false),
ExcludedIpRanges: &databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleOriginExcludedIpRangesArgs{
IpRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
IncludedIpRanges: &databricks.AccountNetworkPolicyIngressPublicAccessDenyRuleOriginIncludedIpRangesArgs{
IpRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
},
IngressDryRun: &databricks.AccountNetworkPolicyIngressDryRunArgs{
PublicAccess: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessArgs{
RestrictionMode: pulumi.String("string"),
AllowRules: databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleArray{
&databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleArgs{
Authentication: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationArgs{
Identities: databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationIdentityArray{
&databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationIdentityArgs{
PrincipalId: pulumi.String("string"),
PrincipalType: pulumi.String("string"),
},
},
IdentityType: pulumi.String("string"),
},
Destination: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationArgs{
AllDestinations: pulumi.Bool(false),
WorkspaceApi: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceApiArgs{
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
},
WorkspaceUi: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceUiArgs{
AllDestinations: pulumi.Bool(false),
},
},
Label: pulumi.String("string"),
Origin: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginArgs{
AllIpRanges: pulumi.Bool(false),
ExcludedIpRanges: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginExcludedIpRangesArgs{
IpRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
IncludedIpRanges: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginIncludedIpRangesArgs{
IpRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
DenyRules: databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleArray{
&databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleArgs{
Authentication: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationArgs{
Identities: databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationIdentityArray{
&databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationIdentityArgs{
PrincipalId: pulumi.String("string"),
PrincipalType: pulumi.String("string"),
},
},
IdentityType: pulumi.String("string"),
},
Destination: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationArgs{
AllDestinations: pulumi.Bool(false),
WorkspaceApi: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceApiArgs{
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
},
WorkspaceUi: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceUiArgs{
AllDestinations: pulumi.Bool(false),
},
},
Label: pulumi.String("string"),
Origin: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginArgs{
AllIpRanges: pulumi.Bool(false),
ExcludedIpRanges: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginExcludedIpRangesArgs{
IpRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
IncludedIpRanges: &databricks.AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginIncludedIpRangesArgs{
IpRanges: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
},
NetworkPolicyId: pulumi.String("string"),
})
var accountNetworkPolicyResource = new AccountNetworkPolicy("accountNetworkPolicyResource", AccountNetworkPolicyArgs.builder()
.accountId("string")
.egress(AccountNetworkPolicyEgressArgs.builder()
.networkAccess(AccountNetworkPolicyEgressNetworkAccessArgs.builder()
.restrictionMode("string")
.allowedInternetDestinations(AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArgs.builder()
.destination("string")
.internetDestinationType("string")
.build())
.allowedStorageDestinations(AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArgs.builder()
.azureStorageAccount("string")
.azureStorageService("string")
.bucketName("string")
.region("string")
.storageDestinationType("string")
.build())
.policyEnforcement(AccountNetworkPolicyEgressNetworkAccessPolicyEnforcementArgs.builder()
.dryRunModeProductFilters("string")
.enforcementMode("string")
.build())
.build())
.build())
.ingress(AccountNetworkPolicyIngressArgs.builder()
.publicAccess(AccountNetworkPolicyIngressPublicAccessArgs.builder()
.restrictionMode("string")
.allowRules(AccountNetworkPolicyIngressPublicAccessAllowRuleArgs.builder()
.authentication(AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationArgs.builder()
.identities(AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationIdentityArgs.builder()
.principalId("string")
.principalType("string")
.build())
.identityType("string")
.build())
.destination(AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationArgs.builder()
.allDestinations(false)
.workspaceApi(AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceApiArgs.builder()
.scopes("string")
.build())
.workspaceUi(AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceUiArgs.builder()
.allDestinations(false)
.build())
.build())
.label("string")
.origin(AccountNetworkPolicyIngressPublicAccessAllowRuleOriginArgs.builder()
.allIpRanges(false)
.excludedIpRanges(AccountNetworkPolicyIngressPublicAccessAllowRuleOriginExcludedIpRangesArgs.builder()
.ipRanges("string")
.build())
.includedIpRanges(AccountNetworkPolicyIngressPublicAccessAllowRuleOriginIncludedIpRangesArgs.builder()
.ipRanges("string")
.build())
.build())
.build())
.denyRules(AccountNetworkPolicyIngressPublicAccessDenyRuleArgs.builder()
.authentication(AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationArgs.builder()
.identities(AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationIdentityArgs.builder()
.principalId("string")
.principalType("string")
.build())
.identityType("string")
.build())
.destination(AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationArgs.builder()
.allDestinations(false)
.workspaceApi(AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceApiArgs.builder()
.scopes("string")
.build())
.workspaceUi(AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceUiArgs.builder()
.allDestinations(false)
.build())
.build())
.label("string")
.origin(AccountNetworkPolicyIngressPublicAccessDenyRuleOriginArgs.builder()
.allIpRanges(false)
.excludedIpRanges(AccountNetworkPolicyIngressPublicAccessDenyRuleOriginExcludedIpRangesArgs.builder()
.ipRanges("string")
.build())
.includedIpRanges(AccountNetworkPolicyIngressPublicAccessDenyRuleOriginIncludedIpRangesArgs.builder()
.ipRanges("string")
.build())
.build())
.build())
.build())
.build())
.ingressDryRun(AccountNetworkPolicyIngressDryRunArgs.builder()
.publicAccess(AccountNetworkPolicyIngressDryRunPublicAccessArgs.builder()
.restrictionMode("string")
.allowRules(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleArgs.builder()
.authentication(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationArgs.builder()
.identities(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationIdentityArgs.builder()
.principalId("string")
.principalType("string")
.build())
.identityType("string")
.build())
.destination(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationArgs.builder()
.allDestinations(false)
.workspaceApi(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceApiArgs.builder()
.scopes("string")
.build())
.workspaceUi(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceUiArgs.builder()
.allDestinations(false)
.build())
.build())
.label("string")
.origin(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginArgs.builder()
.allIpRanges(false)
.excludedIpRanges(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginExcludedIpRangesArgs.builder()
.ipRanges("string")
.build())
.includedIpRanges(AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginIncludedIpRangesArgs.builder()
.ipRanges("string")
.build())
.build())
.build())
.denyRules(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleArgs.builder()
.authentication(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationArgs.builder()
.identities(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationIdentityArgs.builder()
.principalId("string")
.principalType("string")
.build())
.identityType("string")
.build())
.destination(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationArgs.builder()
.allDestinations(false)
.workspaceApi(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceApiArgs.builder()
.scopes("string")
.build())
.workspaceUi(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceUiArgs.builder()
.allDestinations(false)
.build())
.build())
.label("string")
.origin(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginArgs.builder()
.allIpRanges(false)
.excludedIpRanges(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginExcludedIpRangesArgs.builder()
.ipRanges("string")
.build())
.includedIpRanges(AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginIncludedIpRangesArgs.builder()
.ipRanges("string")
.build())
.build())
.build())
.build())
.build())
.networkPolicyId("string")
.build());
account_network_policy_resource = databricks.AccountNetworkPolicy("accountNetworkPolicyResource",
account_id="string",
egress={
"network_access": {
"restriction_mode": "string",
"allowed_internet_destinations": [{
"destination": "string",
"internet_destination_type": "string",
}],
"allowed_storage_destinations": [{
"azure_storage_account": "string",
"azure_storage_service": "string",
"bucket_name": "string",
"region": "string",
"storage_destination_type": "string",
}],
"policy_enforcement": {
"dry_run_mode_product_filters": ["string"],
"enforcement_mode": "string",
},
},
},
ingress={
"public_access": {
"restriction_mode": "string",
"allow_rules": [{
"authentication": {
"identities": [{
"principal_id": "string",
"principal_type": "string",
}],
"identity_type": "string",
},
"destination": {
"all_destinations": False,
"workspace_api": {
"scopes": ["string"],
},
"workspace_ui": {
"all_destinations": False,
},
},
"label": "string",
"origin": {
"all_ip_ranges": False,
"excluded_ip_ranges": {
"ip_ranges": ["string"],
},
"included_ip_ranges": {
"ip_ranges": ["string"],
},
},
}],
"deny_rules": [{
"authentication": {
"identities": [{
"principal_id": "string",
"principal_type": "string",
}],
"identity_type": "string",
},
"destination": {
"all_destinations": False,
"workspace_api": {
"scopes": ["string"],
},
"workspace_ui": {
"all_destinations": False,
},
},
"label": "string",
"origin": {
"all_ip_ranges": False,
"excluded_ip_ranges": {
"ip_ranges": ["string"],
},
"included_ip_ranges": {
"ip_ranges": ["string"],
},
},
}],
},
},
ingress_dry_run={
"public_access": {
"restriction_mode": "string",
"allow_rules": [{
"authentication": {
"identities": [{
"principal_id": "string",
"principal_type": "string",
}],
"identity_type": "string",
},
"destination": {
"all_destinations": False,
"workspace_api": {
"scopes": ["string"],
},
"workspace_ui": {
"all_destinations": False,
},
},
"label": "string",
"origin": {
"all_ip_ranges": False,
"excluded_ip_ranges": {
"ip_ranges": ["string"],
},
"included_ip_ranges": {
"ip_ranges": ["string"],
},
},
}],
"deny_rules": [{
"authentication": {
"identities": [{
"principal_id": "string",
"principal_type": "string",
}],
"identity_type": "string",
},
"destination": {
"all_destinations": False,
"workspace_api": {
"scopes": ["string"],
},
"workspace_ui": {
"all_destinations": False,
},
},
"label": "string",
"origin": {
"all_ip_ranges": False,
"excluded_ip_ranges": {
"ip_ranges": ["string"],
},
"included_ip_ranges": {
"ip_ranges": ["string"],
},
},
}],
},
},
network_policy_id="string")
const accountNetworkPolicyResource = new databricks.AccountNetworkPolicy("accountNetworkPolicyResource", {
accountId: "string",
egress: {
networkAccess: {
restrictionMode: "string",
allowedInternetDestinations: [{
destination: "string",
internetDestinationType: "string",
}],
allowedStorageDestinations: [{
azureStorageAccount: "string",
azureStorageService: "string",
bucketName: "string",
region: "string",
storageDestinationType: "string",
}],
policyEnforcement: {
dryRunModeProductFilters: ["string"],
enforcementMode: "string",
},
},
},
ingress: {
publicAccess: {
restrictionMode: "string",
allowRules: [{
authentication: {
identities: [{
principalId: "string",
principalType: "string",
}],
identityType: "string",
},
destination: {
allDestinations: false,
workspaceApi: {
scopes: ["string"],
},
workspaceUi: {
allDestinations: false,
},
},
label: "string",
origin: {
allIpRanges: false,
excludedIpRanges: {
ipRanges: ["string"],
},
includedIpRanges: {
ipRanges: ["string"],
},
},
}],
denyRules: [{
authentication: {
identities: [{
principalId: "string",
principalType: "string",
}],
identityType: "string",
},
destination: {
allDestinations: false,
workspaceApi: {
scopes: ["string"],
},
workspaceUi: {
allDestinations: false,
},
},
label: "string",
origin: {
allIpRanges: false,
excludedIpRanges: {
ipRanges: ["string"],
},
includedIpRanges: {
ipRanges: ["string"],
},
},
}],
},
},
ingressDryRun: {
publicAccess: {
restrictionMode: "string",
allowRules: [{
authentication: {
identities: [{
principalId: "string",
principalType: "string",
}],
identityType: "string",
},
destination: {
allDestinations: false,
workspaceApi: {
scopes: ["string"],
},
workspaceUi: {
allDestinations: false,
},
},
label: "string",
origin: {
allIpRanges: false,
excludedIpRanges: {
ipRanges: ["string"],
},
includedIpRanges: {
ipRanges: ["string"],
},
},
}],
denyRules: [{
authentication: {
identities: [{
principalId: "string",
principalType: "string",
}],
identityType: "string",
},
destination: {
allDestinations: false,
workspaceApi: {
scopes: ["string"],
},
workspaceUi: {
allDestinations: false,
},
},
label: "string",
origin: {
allIpRanges: false,
excludedIpRanges: {
ipRanges: ["string"],
},
includedIpRanges: {
ipRanges: ["string"],
},
},
}],
},
},
networkPolicyId: "string",
});
type: databricks:AccountNetworkPolicy
properties:
accountId: string
egress:
networkAccess:
allowedInternetDestinations:
- destination: string
internetDestinationType: string
allowedStorageDestinations:
- azureStorageAccount: string
azureStorageService: string
bucketName: string
region: string
storageDestinationType: string
policyEnforcement:
dryRunModeProductFilters:
- string
enforcementMode: string
restrictionMode: string
ingress:
publicAccess:
allowRules:
- authentication:
identities:
- principalId: string
principalType: string
identityType: string
destination:
allDestinations: false
workspaceApi:
scopes:
- string
workspaceUi:
allDestinations: false
label: string
origin:
allIpRanges: false
excludedIpRanges:
ipRanges:
- string
includedIpRanges:
ipRanges:
- string
denyRules:
- authentication:
identities:
- principalId: string
principalType: string
identityType: string
destination:
allDestinations: false
workspaceApi:
scopes:
- string
workspaceUi:
allDestinations: false
label: string
origin:
allIpRanges: false
excludedIpRanges:
ipRanges:
- string
includedIpRanges:
ipRanges:
- string
restrictionMode: string
ingressDryRun:
publicAccess:
allowRules:
- authentication:
identities:
- principalId: string
principalType: string
identityType: string
destination:
allDestinations: false
workspaceApi:
scopes:
- string
workspaceUi:
allDestinations: false
label: string
origin:
allIpRanges: false
excludedIpRanges:
ipRanges:
- string
includedIpRanges:
ipRanges:
- string
denyRules:
- authentication:
identities:
- principalId: string
principalType: string
identityType: string
destination:
allDestinations: false
workspaceApi:
scopes:
- string
workspaceUi:
allDestinations: false
label: string
origin:
allIpRanges: false
excludedIpRanges:
ipRanges:
- string
includedIpRanges:
ipRanges:
- string
restrictionMode: string
networkPolicyId: string
AccountNetworkPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AccountNetworkPolicy resource accepts the following input properties:
- Account
Id string - (string) - The associated account ID for this Network Policy object
- Egress
Account
Network Policy Egress - The network policies applying for egress traffic
- Ingress
Account
Network Policy Ingress - The network policies applying for ingress traffic
- Ingress
Dry AccountRun Network Policy Ingress Dry Run - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- Network
Policy stringId - The unique identifier for the network policy
- Account
Id string - (string) - The associated account ID for this Network Policy object
- Egress
Account
Network Policy Egress Args - The network policies applying for egress traffic
- Ingress
Account
Network Policy Ingress Args - The network policies applying for ingress traffic
- Ingress
Dry AccountRun Network Policy Ingress Dry Run Args - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- Network
Policy stringId - The unique identifier for the network policy
- account
Id String - (string) - The associated account ID for this Network Policy object
- egress
Account
Network Policy Egress - The network policies applying for egress traffic
- ingress
Account
Network Policy Ingress - The network policies applying for ingress traffic
- ingress
Dry AccountRun Network Policy Ingress Dry Run - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- network
Policy StringId - The unique identifier for the network policy
- account
Id string - (string) - The associated account ID for this Network Policy object
- egress
Account
Network Policy Egress - The network policies applying for egress traffic
- ingress
Account
Network Policy Ingress - The network policies applying for ingress traffic
- ingress
Dry AccountRun Network Policy Ingress Dry Run - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- network
Policy stringId - The unique identifier for the network policy
- account_
id str - (string) - The associated account ID for this Network Policy object
- egress
Account
Network Policy Egress Args - The network policies applying for egress traffic
- ingress
Account
Network Policy Ingress Args - The network policies applying for ingress traffic
- ingress_
dry_ Accountrun Network Policy Ingress Dry Run Args - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- network_
policy_ strid - The unique identifier for the network policy
- account
Id String - (string) - The associated account ID for this Network Policy object
- egress Property Map
- The network policies applying for egress traffic
- ingress Property Map
- The network policies applying for ingress traffic
- ingress
Dry Property MapRun - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- network
Policy StringId - The unique identifier for the network policy
Outputs
All input properties are implicitly available as output properties. Additionally, the AccountNetworkPolicy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AccountNetworkPolicy Resource
Get an existing AccountNetworkPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccountNetworkPolicyState, opts?: CustomResourceOptions): AccountNetworkPolicy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
account_id: Optional[str] = None,
egress: Optional[AccountNetworkPolicyEgressArgs] = None,
ingress: Optional[AccountNetworkPolicyIngressArgs] = None,
ingress_dry_run: Optional[AccountNetworkPolicyIngressDryRunArgs] = None,
network_policy_id: Optional[str] = None) -> AccountNetworkPolicyfunc GetAccountNetworkPolicy(ctx *Context, name string, id IDInput, state *AccountNetworkPolicyState, opts ...ResourceOption) (*AccountNetworkPolicy, error)public static AccountNetworkPolicy Get(string name, Input<string> id, AccountNetworkPolicyState? state, CustomResourceOptions? opts = null)public static AccountNetworkPolicy get(String name, Output<String> id, AccountNetworkPolicyState state, CustomResourceOptions options)resources: _: type: databricks:AccountNetworkPolicy get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Id string - (string) - The associated account ID for this Network Policy object
- Egress
Account
Network Policy Egress - The network policies applying for egress traffic
- Ingress
Account
Network Policy Ingress - The network policies applying for ingress traffic
- Ingress
Dry AccountRun Network Policy Ingress Dry Run - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- Network
Policy stringId - The unique identifier for the network policy
- Account
Id string - (string) - The associated account ID for this Network Policy object
- Egress
Account
Network Policy Egress Args - The network policies applying for egress traffic
- Ingress
Account
Network Policy Ingress Args - The network policies applying for ingress traffic
- Ingress
Dry AccountRun Network Policy Ingress Dry Run Args - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- Network
Policy stringId - The unique identifier for the network policy
- account
Id String - (string) - The associated account ID for this Network Policy object
- egress
Account
Network Policy Egress - The network policies applying for egress traffic
- ingress
Account
Network Policy Ingress - The network policies applying for ingress traffic
- ingress
Dry AccountRun Network Policy Ingress Dry Run - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- network
Policy StringId - The unique identifier for the network policy
- account
Id string - (string) - The associated account ID for this Network Policy object
- egress
Account
Network Policy Egress - The network policies applying for egress traffic
- ingress
Account
Network Policy Ingress - The network policies applying for ingress traffic
- ingress
Dry AccountRun Network Policy Ingress Dry Run - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- network
Policy stringId - The unique identifier for the network policy
- account_
id str - (string) - The associated account ID for this Network Policy object
- egress
Account
Network Policy Egress Args - The network policies applying for egress traffic
- ingress
Account
Network Policy Ingress Args - The network policies applying for ingress traffic
- ingress_
dry_ Accountrun Network Policy Ingress Dry Run Args - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- network_
policy_ strid - The unique identifier for the network policy
- account
Id String - (string) - The associated account ID for this Network Policy object
- egress Property Map
- The network policies applying for egress traffic
- ingress Property Map
- The network policies applying for ingress traffic
- ingress
Dry Property MapRun - The ingress policy for dry run mode. Dry run will always run even if the request is allowed by the ingress policy. When this field is set, the policy will be evaluated and emit logs only without blocking requests
- network
Policy StringId - The unique identifier for the network policy
Supporting Types
AccountNetworkPolicyEgress, AccountNetworkPolicyEgressArgs
- Network
Access AccountNetwork Policy Egress Network Access - The access policy enforced for egress traffic to the internet
- Network
Access AccountNetwork Policy Egress Network Access - The access policy enforced for egress traffic to the internet
- network
Access AccountNetwork Policy Egress Network Access - The access policy enforced for egress traffic to the internet
- network
Access AccountNetwork Policy Egress Network Access - The access policy enforced for egress traffic to the internet
- network_
access AccountNetwork Policy Egress Network Access - The access policy enforced for egress traffic to the internet
- network
Access Property Map - The access policy enforced for egress traffic to the internet
AccountNetworkPolicyEgressNetworkAccess, AccountNetworkPolicyEgressNetworkAccessArgs
- Restriction
Mode string - Allowed
Internet List<AccountDestinations Network Policy Egress Network Access Allowed Internet Destination> - List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- Allowed
Storage List<AccountDestinations Network Policy Egress Network Access Allowed Storage Destination> - List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- Policy
Enforcement AccountNetwork Policy Egress Network Access Policy Enforcement - Optional. When policyEnforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES
- Restriction
Mode string - Allowed
Internet []AccountDestinations Network Policy Egress Network Access Allowed Internet Destination - List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- Allowed
Storage []AccountDestinations Network Policy Egress Network Access Allowed Storage Destination - List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- Policy
Enforcement AccountNetwork Policy Egress Network Access Policy Enforcement - Optional. When policyEnforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES
- restriction
Mode String - allowed
Internet List<AccountDestinations Network Policy Egress Network Access Allowed Internet Destination> - List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- allowed
Storage List<AccountDestinations Network Policy Egress Network Access Allowed Storage Destination> - List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- policy
Enforcement AccountNetwork Policy Egress Network Access Policy Enforcement - Optional. When policyEnforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES
- restriction
Mode string - allowed
Internet AccountDestinations Network Policy Egress Network Access Allowed Internet Destination[] - List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- allowed
Storage AccountDestinations Network Policy Egress Network Access Allowed Storage Destination[] - List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- policy
Enforcement AccountNetwork Policy Egress Network Access Policy Enforcement - Optional. When policyEnforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES
- restriction_
mode str - allowed_
internet_ Sequence[Accountdestinations Network Policy Egress Network Access Allowed Internet Destination] - List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- allowed_
storage_ Sequence[Accountdestinations Network Policy Egress Network Access Allowed Storage Destination] - List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- policy_
enforcement AccountNetwork Policy Egress Network Access Policy Enforcement - Optional. When policyEnforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES
- restriction
Mode String - allowed
Internet List<Property Map>Destinations - List of internet destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- allowed
Storage List<Property Map>Destinations - List of storage destinations that serverless workloads are allowed to access when in RESTRICTED_ACCESS mode
- policy
Enforcement Property Map - Optional. When policyEnforcement is not provided, we default to ENFORCE_MODE_ALL_SERVICES
AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestination, AccountNetworkPolicyEgressNetworkAccessAllowedInternetDestinationArgs
- Destination string
- Internet
Destination stringType - The type of internet destination. Currently only DNS_NAME is supported. Possible values are:
DNS_NAME
- Destination string
- Internet
Destination stringType - The type of internet destination. Currently only DNS_NAME is supported. Possible values are:
DNS_NAME
- destination String
- internet
Destination StringType - The type of internet destination. Currently only DNS_NAME is supported. Possible values are:
DNS_NAME
- destination string
- internet
Destination stringType - The type of internet destination. Currently only DNS_NAME is supported. Possible values are:
DNS_NAME
- destination str
- internet_
destination_ strtype - The type of internet destination. Currently only DNS_NAME is supported. Possible values are:
DNS_NAME
- destination String
- internet
Destination StringType - The type of internet destination. Currently only DNS_NAME is supported. Possible values are:
DNS_NAME
AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestination, AccountNetworkPolicyEgressNetworkAccessAllowedStorageDestinationArgs
- Azure
Storage stringAccount - The Azure storage account name
- Azure
Storage stringService - The Azure storage service type (blob, dfs, etc.)
- Bucket
Name string - Region string
- Storage
Destination stringType - The type of storage destination. Possible values are:
AWS_S3,AZURE_STORAGE,GOOGLE_CLOUD_STORAGE
- Azure
Storage stringAccount - The Azure storage account name
- Azure
Storage stringService - The Azure storage service type (blob, dfs, etc.)
- Bucket
Name string - Region string
- Storage
Destination stringType - The type of storage destination. Possible values are:
AWS_S3,AZURE_STORAGE,GOOGLE_CLOUD_STORAGE
- azure
Storage StringAccount - The Azure storage account name
- azure
Storage StringService - The Azure storage service type (blob, dfs, etc.)
- bucket
Name String - region String
- storage
Destination StringType - The type of storage destination. Possible values are:
AWS_S3,AZURE_STORAGE,GOOGLE_CLOUD_STORAGE
- azure
Storage stringAccount - The Azure storage account name
- azure
Storage stringService - The Azure storage service type (blob, dfs, etc.)
- bucket
Name string - region string
- storage
Destination stringType - The type of storage destination. Possible values are:
AWS_S3,AZURE_STORAGE,GOOGLE_CLOUD_STORAGE
- azure_
storage_ straccount - The Azure storage account name
- azure_
storage_ strservice - The Azure storage service type (blob, dfs, etc.)
- bucket_
name str - region str
- storage_
destination_ strtype - The type of storage destination. Possible values are:
AWS_S3,AZURE_STORAGE,GOOGLE_CLOUD_STORAGE
- azure
Storage StringAccount - The Azure storage account name
- azure
Storage StringService - The Azure storage service type (blob, dfs, etc.)
- bucket
Name String - region String
- storage
Destination StringType - The type of storage destination. Possible values are:
AWS_S3,AZURE_STORAGE,GOOGLE_CLOUD_STORAGE
AccountNetworkPolicyEgressNetworkAccessPolicyEnforcement, AccountNetworkPolicyEgressNetworkAccessPolicyEnforcementArgs
- Dry
Run List<string>Mode Product Filters - When empty, it means dry run for all products. When non-empty, it means dry run for specific products and for the other products, they will run in enforced mode
- Enforcement
Mode string - The mode of policy enforcement. ENFORCED blocks traffic that violates policy,
while DRY_RUN only logs violations without blocking. When not specified,
defaults to ENFORCED. Possible values are:
DRY_RUN,ENFORCED
- Dry
Run []stringMode Product Filters - When empty, it means dry run for all products. When non-empty, it means dry run for specific products and for the other products, they will run in enforced mode
- Enforcement
Mode string - The mode of policy enforcement. ENFORCED blocks traffic that violates policy,
while DRY_RUN only logs violations without blocking. When not specified,
defaults to ENFORCED. Possible values are:
DRY_RUN,ENFORCED
- dry
Run List<String>Mode Product Filters - When empty, it means dry run for all products. When non-empty, it means dry run for specific products and for the other products, they will run in enforced mode
- enforcement
Mode String - The mode of policy enforcement. ENFORCED blocks traffic that violates policy,
while DRY_RUN only logs violations without blocking. When not specified,
defaults to ENFORCED. Possible values are:
DRY_RUN,ENFORCED
- dry
Run string[]Mode Product Filters - When empty, it means dry run for all products. When non-empty, it means dry run for specific products and for the other products, they will run in enforced mode
- enforcement
Mode string - The mode of policy enforcement. ENFORCED blocks traffic that violates policy,
while DRY_RUN only logs violations without blocking. When not specified,
defaults to ENFORCED. Possible values are:
DRY_RUN,ENFORCED
- dry_
run_ Sequence[str]mode_ product_ filters - When empty, it means dry run for all products. When non-empty, it means dry run for specific products and for the other products, they will run in enforced mode
- enforcement_
mode str - The mode of policy enforcement. ENFORCED blocks traffic that violates policy,
while DRY_RUN only logs violations without blocking. When not specified,
defaults to ENFORCED. Possible values are:
DRY_RUN,ENFORCED
- dry
Run List<String>Mode Product Filters - When empty, it means dry run for all products. When non-empty, it means dry run for specific products and for the other products, they will run in enforced mode
- enforcement
Mode String - The mode of policy enforcement. ENFORCED blocks traffic that violates policy,
while DRY_RUN only logs violations without blocking. When not specified,
defaults to ENFORCED. Possible values are:
DRY_RUN,ENFORCED
AccountNetworkPolicyIngress, AccountNetworkPolicyIngressArgs
AccountNetworkPolicyIngressDryRun, AccountNetworkPolicyIngressDryRunArgs
AccountNetworkPolicyIngressDryRunPublicAccess, AccountNetworkPolicyIngressDryRunPublicAccessArgs
AccountNetworkPolicyIngressDryRunPublicAccessAllowRule, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleArgs
- Authentication
Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication - Destination
Account
Network Policy Ingress Dry Run Public Access Allow Rule Destination - Label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- Origin
Account
Network Policy Ingress Dry Run Public Access Allow Rule Origin
- Authentication
Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication - Destination
Account
Network Policy Ingress Dry Run Public Access Allow Rule Destination - Label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- Origin
Account
Network Policy Ingress Dry Run Public Access Allow Rule Origin
- authentication
Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication - destination
Account
Network Policy Ingress Dry Run Public Access Allow Rule Destination - label String
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Dry Run Public Access Allow Rule Origin
- authentication
Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication - destination
Account
Network Policy Ingress Dry Run Public Access Allow Rule Destination - label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Dry Run Public Access Allow Rule Origin
- authentication
Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication - destination
Account
Network Policy Ingress Dry Run Public Access Allow Rule Destination - label str
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Dry Run Public Access Allow Rule Origin
- authentication Property Map
- destination Property Map
- label String
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin Property Map
AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthentication, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationArgs
- Identities
List<Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication Identity> - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- Identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- Identities
[]Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication Identity - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- Identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
List<Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication Identity> - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type String - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication Identity[] - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
Sequence[Account
Network Policy Ingress Dry Run Public Access Allow Rule Authentication Identity] - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity_
type str - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities List<Property Map>
- Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type String - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationIdentity, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleAuthenticationIdentityArgs
- Principal
Id string - Principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- Principal
Id string - Principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id String - principal
Type String - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id string - principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal_
id str - principal_
type str - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id String - principal
Type String - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestination, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationArgs
- all
Destinations Boolean - workspace
Api Property Map - workspace
Ui Property Map - Workspace destinations
AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceApi, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceApiArgs
- Scopes List<string>
- Scopes []string
- scopes List<String>
- scopes string[]
- scopes Sequence[str]
- scopes List<String>
AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceUi, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleDestinationWorkspaceUiArgs
- All
Destinations bool
- All
Destinations bool
- all
Destinations Boolean
- all
Destinations boolean
- all_
destinations bool
- all
Destinations Boolean
AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOrigin, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginArgs
- All
Ip boolRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- Excluded
Ip AccountRanges Network Policy Ingress Dry Run Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- Included
Ip AccountRanges Network Policy Ingress Dry Run Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- All
Ip boolRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- Excluded
Ip AccountRanges Network Policy Ingress Dry Run Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- Included
Ip AccountRanges Network Policy Ingress Dry Run Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip BooleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip AccountRanges Network Policy Ingress Dry Run Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included
Ip AccountRanges Network Policy Ingress Dry Run Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip booleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip AccountRanges Network Policy Ingress Dry Run Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included
Ip AccountRanges Network Policy Ingress Dry Run Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all_
ip_ boolranges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded_
ip_ Accountranges Network Policy Ingress Dry Run Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included_
ip_ Accountranges Network Policy Ingress Dry Run Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip BooleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip Property MapRanges - Excluded means: all public IP ranges except this one
- included
Ip Property MapRanges - Will not allow IP ranges with private IPs
AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginExcludedIpRanges, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginExcludedIpRangesArgs
- Ip
Ranges List<string> - We only support IPv4 and IPv4 CIDR notation for now
- Ip
Ranges []string - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges string[] - We only support IPv4 and IPv4 CIDR notation for now
- ip_
ranges Sequence[str] - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginIncludedIpRanges, AccountNetworkPolicyIngressDryRunPublicAccessAllowRuleOriginIncludedIpRangesArgs
- Ip
Ranges List<string> - We only support IPv4 and IPv4 CIDR notation for now
- Ip
Ranges []string - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges string[] - We only support IPv4 and IPv4 CIDR notation for now
- ip_
ranges Sequence[str] - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
AccountNetworkPolicyIngressDryRunPublicAccessDenyRule, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleArgs
- Authentication
Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication - Destination
Account
Network Policy Ingress Dry Run Public Access Deny Rule Destination - Label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- Origin
Account
Network Policy Ingress Dry Run Public Access Deny Rule Origin
- Authentication
Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication - Destination
Account
Network Policy Ingress Dry Run Public Access Deny Rule Destination - Label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- Origin
Account
Network Policy Ingress Dry Run Public Access Deny Rule Origin
- authentication
Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication - destination
Account
Network Policy Ingress Dry Run Public Access Deny Rule Destination - label String
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Dry Run Public Access Deny Rule Origin
- authentication
Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication - destination
Account
Network Policy Ingress Dry Run Public Access Deny Rule Destination - label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Dry Run Public Access Deny Rule Origin
- authentication
Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication - destination
Account
Network Policy Ingress Dry Run Public Access Deny Rule Destination - label str
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Dry Run Public Access Deny Rule Origin
- authentication Property Map
- destination Property Map
- label String
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin Property Map
AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthentication, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationArgs
- Identities
List<Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication Identity> - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- Identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- Identities
[]Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication Identity - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- Identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
List<Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication Identity> - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type String - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication Identity[] - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
Sequence[Account
Network Policy Ingress Dry Run Public Access Deny Rule Authentication Identity] - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity_
type str - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities List<Property Map>
- Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type String - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationIdentity, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleAuthenticationIdentityArgs
- Principal
Id string - Principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- Principal
Id string - Principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id String - principal
Type String - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id string - principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal_
id str - principal_
type str - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id String - principal
Type String - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestination, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationArgs
- all
Destinations Boolean - workspace
Api Property Map - workspace
Ui Property Map - Workspace destinations
AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceApi, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceApiArgs
- Scopes List<string>
- Scopes []string
- scopes List<String>
- scopes string[]
- scopes Sequence[str]
- scopes List<String>
AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceUi, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleDestinationWorkspaceUiArgs
- All
Destinations bool
- All
Destinations bool
- all
Destinations Boolean
- all
Destinations boolean
- all_
destinations bool
- all
Destinations Boolean
AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOrigin, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginArgs
- All
Ip boolRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- Excluded
Ip AccountRanges Network Policy Ingress Dry Run Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- Included
Ip AccountRanges Network Policy Ingress Dry Run Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- All
Ip boolRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- Excluded
Ip AccountRanges Network Policy Ingress Dry Run Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- Included
Ip AccountRanges Network Policy Ingress Dry Run Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip BooleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip AccountRanges Network Policy Ingress Dry Run Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included
Ip AccountRanges Network Policy Ingress Dry Run Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip booleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip AccountRanges Network Policy Ingress Dry Run Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included
Ip AccountRanges Network Policy Ingress Dry Run Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all_
ip_ boolranges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded_
ip_ Accountranges Network Policy Ingress Dry Run Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included_
ip_ Accountranges Network Policy Ingress Dry Run Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip BooleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip Property MapRanges - Excluded means: all public IP ranges except this one
- included
Ip Property MapRanges - Will not allow IP ranges with private IPs
AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginExcludedIpRanges, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginExcludedIpRangesArgs
- Ip
Ranges List<string> - We only support IPv4 and IPv4 CIDR notation for now
- Ip
Ranges []string - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges string[] - We only support IPv4 and IPv4 CIDR notation for now
- ip_
ranges Sequence[str] - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginIncludedIpRanges, AccountNetworkPolicyIngressDryRunPublicAccessDenyRuleOriginIncludedIpRangesArgs
- Ip
Ranges List<string> - We only support IPv4 and IPv4 CIDR notation for now
- Ip
Ranges []string - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges string[] - We only support IPv4 and IPv4 CIDR notation for now
- ip_
ranges Sequence[str] - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
AccountNetworkPolicyIngressPublicAccess, AccountNetworkPolicyIngressPublicAccessArgs
AccountNetworkPolicyIngressPublicAccessAllowRule, AccountNetworkPolicyIngressPublicAccessAllowRuleArgs
- Authentication
Account
Network Policy Ingress Public Access Allow Rule Authentication - Destination
Account
Network Policy Ingress Public Access Allow Rule Destination - Label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- Origin
Account
Network Policy Ingress Public Access Allow Rule Origin
- Authentication
Account
Network Policy Ingress Public Access Allow Rule Authentication - Destination
Account
Network Policy Ingress Public Access Allow Rule Destination - Label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- Origin
Account
Network Policy Ingress Public Access Allow Rule Origin
- authentication
Account
Network Policy Ingress Public Access Allow Rule Authentication - destination
Account
Network Policy Ingress Public Access Allow Rule Destination - label String
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Public Access Allow Rule Origin
- authentication
Account
Network Policy Ingress Public Access Allow Rule Authentication - destination
Account
Network Policy Ingress Public Access Allow Rule Destination - label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Public Access Allow Rule Origin
- authentication
Account
Network Policy Ingress Public Access Allow Rule Authentication - destination
Account
Network Policy Ingress Public Access Allow Rule Destination - label str
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Public Access Allow Rule Origin
- authentication Property Map
- destination Property Map
- label String
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin Property Map
AccountNetworkPolicyIngressPublicAccessAllowRuleAuthentication, AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationArgs
- Identities
List<Account
Network Policy Ingress Public Access Allow Rule Authentication Identity> - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- Identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- Identities
[]Account
Network Policy Ingress Public Access Allow Rule Authentication Identity - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- Identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
List<Account
Network Policy Ingress Public Access Allow Rule Authentication Identity> - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type String - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
Account
Network Policy Ingress Public Access Allow Rule Authentication Identity[] - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
Sequence[Account
Network Policy Ingress Public Access Allow Rule Authentication Identity] - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity_
type str - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities List<Property Map>
- Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type String - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationIdentity, AccountNetworkPolicyIngressPublicAccessAllowRuleAuthenticationIdentityArgs
- Principal
Id string - Principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- Principal
Id string - Principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id String - principal
Type String - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id string - principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal_
id str - principal_
type str - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id String - principal
Type String - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
AccountNetworkPolicyIngressPublicAccessAllowRuleDestination, AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationArgs
- all
Destinations Boolean - workspace
Api Property Map - workspace
Ui Property Map - Workspace destinations
AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceApi, AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceApiArgs
- Scopes List<string>
- Scopes []string
- scopes List<String>
- scopes string[]
- scopes Sequence[str]
- scopes List<String>
AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceUi, AccountNetworkPolicyIngressPublicAccessAllowRuleDestinationWorkspaceUiArgs
- All
Destinations bool
- All
Destinations bool
- all
Destinations Boolean
- all
Destinations boolean
- all_
destinations bool
- all
Destinations Boolean
AccountNetworkPolicyIngressPublicAccessAllowRuleOrigin, AccountNetworkPolicyIngressPublicAccessAllowRuleOriginArgs
- All
Ip boolRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- Excluded
Ip AccountRanges Network Policy Ingress Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- Included
Ip AccountRanges Network Policy Ingress Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- All
Ip boolRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- Excluded
Ip AccountRanges Network Policy Ingress Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- Included
Ip AccountRanges Network Policy Ingress Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip BooleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip AccountRanges Network Policy Ingress Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included
Ip AccountRanges Network Policy Ingress Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip booleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip AccountRanges Network Policy Ingress Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included
Ip AccountRanges Network Policy Ingress Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all_
ip_ boolranges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded_
ip_ Accountranges Network Policy Ingress Public Access Allow Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included_
ip_ Accountranges Network Policy Ingress Public Access Allow Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip BooleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip Property MapRanges - Excluded means: all public IP ranges except this one
- included
Ip Property MapRanges - Will not allow IP ranges with private IPs
AccountNetworkPolicyIngressPublicAccessAllowRuleOriginExcludedIpRanges, AccountNetworkPolicyIngressPublicAccessAllowRuleOriginExcludedIpRangesArgs
- Ip
Ranges List<string> - We only support IPv4 and IPv4 CIDR notation for now
- Ip
Ranges []string - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges string[] - We only support IPv4 and IPv4 CIDR notation for now
- ip_
ranges Sequence[str] - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
AccountNetworkPolicyIngressPublicAccessAllowRuleOriginIncludedIpRanges, AccountNetworkPolicyIngressPublicAccessAllowRuleOriginIncludedIpRangesArgs
- Ip
Ranges List<string> - We only support IPv4 and IPv4 CIDR notation for now
- Ip
Ranges []string - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges string[] - We only support IPv4 and IPv4 CIDR notation for now
- ip_
ranges Sequence[str] - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
AccountNetworkPolicyIngressPublicAccessDenyRule, AccountNetworkPolicyIngressPublicAccessDenyRuleArgs
- Authentication
Account
Network Policy Ingress Public Access Deny Rule Authentication - Destination
Account
Network Policy Ingress Public Access Deny Rule Destination - Label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- Origin
Account
Network Policy Ingress Public Access Deny Rule Origin
- Authentication
Account
Network Policy Ingress Public Access Deny Rule Authentication - Destination
Account
Network Policy Ingress Public Access Deny Rule Destination - Label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- Origin
Account
Network Policy Ingress Public Access Deny Rule Origin
- authentication
Account
Network Policy Ingress Public Access Deny Rule Authentication - destination
Account
Network Policy Ingress Public Access Deny Rule Destination - label String
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Public Access Deny Rule Origin
- authentication
Account
Network Policy Ingress Public Access Deny Rule Authentication - destination
Account
Network Policy Ingress Public Access Deny Rule Destination - label string
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Public Access Deny Rule Origin
- authentication
Account
Network Policy Ingress Public Access Deny Rule Authentication - destination
Account
Network Policy Ingress Public Access Deny Rule Destination - label str
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin
Account
Network Policy Ingress Public Access Deny Rule Origin
- authentication Property Map
- destination Property Map
- label String
- User-provided name for this ingress rule. Helps identify which rule caused a request to be denied or dry-run denied
- origin Property Map
AccountNetworkPolicyIngressPublicAccessDenyRuleAuthentication, AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationArgs
- Identities
List<Account
Network Policy Ingress Public Access Deny Rule Authentication Identity> - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- Identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- Identities
[]Account
Network Policy Ingress Public Access Deny Rule Authentication Identity - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- Identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
List<Account
Network Policy Ingress Public Access Deny Rule Authentication Identity> - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type String - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
Account
Network Policy Ingress Public Access Deny Rule Authentication Identity[] - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type string - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities
Sequence[Account
Network Policy Ingress Public Access Deny Rule Authentication Identity] - Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity_
type str - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
- identities List<Property Map>
- Valid only when IdentityType is IDENTITY_TYPE_SELECTED_IDENTITIES
- identity
Type String - Possible values are:
IDENTITY_TYPE_ALL_SERVICE_PRINCIPALS,IDENTITY_TYPE_ALL_USERS,IDENTITY_TYPE_SELECTED_IDENTITIES
AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationIdentity, AccountNetworkPolicyIngressPublicAccessDenyRuleAuthenticationIdentityArgs
- Principal
Id string - Principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- Principal
Id string - Principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id String - principal
Type String - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id string - principal
Type string - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal_
id str - principal_
type str - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
- principal
Id String - principal
Type String - Possible values are:
PRINCIPAL_TYPE_SERVICE_PRINCIPAL,PRINCIPAL_TYPE_USER
AccountNetworkPolicyIngressPublicAccessDenyRuleDestination, AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationArgs
- all
Destinations Boolean - workspace
Api Property Map - workspace
Ui Property Map - Workspace destinations
AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceApi, AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceApiArgs
- Scopes List<string>
- Scopes []string
- scopes List<String>
- scopes string[]
- scopes Sequence[str]
- scopes List<String>
AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceUi, AccountNetworkPolicyIngressPublicAccessDenyRuleDestinationWorkspaceUiArgs
- All
Destinations bool
- All
Destinations bool
- all
Destinations Boolean
- all
Destinations boolean
- all_
destinations bool
- all
Destinations Boolean
AccountNetworkPolicyIngressPublicAccessDenyRuleOrigin, AccountNetworkPolicyIngressPublicAccessDenyRuleOriginArgs
- All
Ip boolRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- Excluded
Ip AccountRanges Network Policy Ingress Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- Included
Ip AccountRanges Network Policy Ingress Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- All
Ip boolRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- Excluded
Ip AccountRanges Network Policy Ingress Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- Included
Ip AccountRanges Network Policy Ingress Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip BooleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip AccountRanges Network Policy Ingress Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included
Ip AccountRanges Network Policy Ingress Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip booleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip AccountRanges Network Policy Ingress Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included
Ip AccountRanges Network Policy Ingress Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all_
ip_ boolranges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded_
ip_ Accountranges Network Policy Ingress Public Access Deny Rule Origin Excluded Ip Ranges - Excluded means: all public IP ranges except this one
- included_
ip_ Accountranges Network Policy Ingress Public Access Deny Rule Origin Included Ip Ranges - Will not allow IP ranges with private IPs
- all
Ip BooleanRanges - Matches all IPv4 and IPv6 ranges (both public and private)
- excluded
Ip Property MapRanges - Excluded means: all public IP ranges except this one
- included
Ip Property MapRanges - Will not allow IP ranges with private IPs
AccountNetworkPolicyIngressPublicAccessDenyRuleOriginExcludedIpRanges, AccountNetworkPolicyIngressPublicAccessDenyRuleOriginExcludedIpRangesArgs
- Ip
Ranges List<string> - We only support IPv4 and IPv4 CIDR notation for now
- Ip
Ranges []string - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges string[] - We only support IPv4 and IPv4 CIDR notation for now
- ip_
ranges Sequence[str] - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
AccountNetworkPolicyIngressPublicAccessDenyRuleOriginIncludedIpRanges, AccountNetworkPolicyIngressPublicAccessDenyRuleOriginIncludedIpRangesArgs
- Ip
Ranges List<string> - We only support IPv4 and IPv4 CIDR notation for now
- Ip
Ranges []string - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges string[] - We only support IPv4 and IPv4 CIDR notation for now
- ip_
ranges Sequence[str] - We only support IPv4 and IPv4 CIDR notation for now
- ip
Ranges List<String> - We only support IPv4 and IPv4 CIDR notation for now
Package Details
- Repository
- databricks pulumi/pulumi-databricks
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
databricksTerraform Provider.
Viewing docs for Databricks v1.91.1
published on Friday, May 1, 2026 by Pulumi
published on Friday, May 1, 2026 by Pulumi
