Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
DnsSecurityProfile resource
Example Usage
Example coming soon!
Example coming soon!
Example coming soon!
Example coming soon!
Example coming soon!
resources:
scmDnsSecurityProfileBase:
type: scm:DnsSecurityProfile
name: scm_dns_security_profile_base
properties:
folder: All
name: dns_base
scmDnsSecurityCategories:
type: scm:DnsSecurityProfile
name: scm_dns_security_categories
properties:
folder: All
name: test_dns_sec_categories
description: dns security profile w/ dns security categories
botnetDomains:
dnsSecurityCategories:
- name: pan-dns-sec-recent
- name: pan-dns-sec-grayware
action: allow
logLevel: high
packetCapture: disable
- name: pan-dns-sec-proxy
action: block
logLevel: default
packetCapture: single-packet
- name: pan-dns-sec-phishing
action: sinkhole
logLevel: critical
packetCapture: extended-capture
- name: pan-dns-sec-malware
action: default
logLevel: informational
packetCapture: disable
scmDnsLists:
type: scm:DnsSecurityProfile
name: scm_dns_lists
properties:
folder: All
name: test_dns_lists
description: dns security profile w/ dns lists
botnetDomains:
dnsLists:
- name: default-paloalto-dns
packetCapture: disable
action:
alert: {}
- name: update-edl
packetCapture: extended-capture
action:
allow: {}
scmDnsSinkhole:
type: scm:DnsSecurityProfile
name: scm_dns_sinkhole
properties:
folder: All
name: test_dns_sinkhole
description: dns security profile w/ sinkhole
botnetDomains:
sinkhole:
ipv4Address: 127.0.0.1
ipv6Address: ::1
scmDnsWhitelist:
type: scm:DnsSecurityProfile
name: scm_dns_whitelist
properties:
folder: All
name: test_dns_whitelist
description: dns security profile w/ whitelist
botnetDomains:
whitelists:
- name: example.com
- name: example2.com
description: creating whitelist
scmDnsAll:
type: scm:DnsSecurityProfile
name: scm_dns_all
properties:
folder: All
name: test_dns_all_test
description: dns security profile w/ all
botnetDomains:
dnsSecurityCategories:
- name: pan-dns-sec-ddns
action: block
logLevel: low
packetCapture: disable
dnsLists:
- name: scm_edl_1
packetCapture: single-packet
action:
block: {}
sinkhole:
ipv4Address: pan-sinkhole-default-ip
ipv6Address: ::1
whitelists:
- name: ebay.com
description: creating whitelist
Create DnsSecurityProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DnsSecurityProfile(name: string, args?: DnsSecurityProfileArgs, opts?: CustomResourceOptions);@overload
def DnsSecurityProfile(resource_name: str,
args: Optional[DnsSecurityProfileArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def DnsSecurityProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
botnet_domains: Optional[DnsSecurityProfileBotnetDomainsArgs] = None,
description: Optional[str] = None,
device: Optional[str] = None,
folder: Optional[str] = None,
name: Optional[str] = None,
snippet: Optional[str] = None)func NewDnsSecurityProfile(ctx *Context, name string, args *DnsSecurityProfileArgs, opts ...ResourceOption) (*DnsSecurityProfile, error)public DnsSecurityProfile(string name, DnsSecurityProfileArgs? args = null, CustomResourceOptions? opts = null)
public DnsSecurityProfile(String name, DnsSecurityProfileArgs args)
public DnsSecurityProfile(String name, DnsSecurityProfileArgs args, CustomResourceOptions options)
type: scm:DnsSecurityProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DnsSecurityProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var dnsSecurityProfileResource = new Scm.DnsSecurityProfile("dnsSecurityProfileResource", new()
{
BotnetDomains = new Scm.Inputs.DnsSecurityProfileBotnetDomainsArgs
{
DnsSecurityCategories = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
{
Action = "string",
LogLevel = "string",
Name = "string",
PacketCapture = "string",
},
},
Lists = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsListArgs
{
Name = "string",
Action = new Scm.Inputs.DnsSecurityProfileBotnetDomainsListActionArgs
{
Alert = null,
Allow = null,
Block = null,
Sinkhole = null,
},
PacketCapture = "string",
},
},
Sinkhole = new Scm.Inputs.DnsSecurityProfileBotnetDomainsSinkholeArgs
{
Ipv4Address = "string",
Ipv6Address = "string",
},
Whitelists = new[]
{
new Scm.Inputs.DnsSecurityProfileBotnetDomainsWhitelistArgs
{
Name = "string",
Description = "string",
},
},
},
Description = "string",
Device = "string",
Folder = "string",
Name = "string",
Snippet = "string",
});
example, err := scm.NewDnsSecurityProfile(ctx, "dnsSecurityProfileResource", &scm.DnsSecurityProfileArgs{
BotnetDomains: &scm.DnsSecurityProfileBotnetDomainsArgs{
DnsSecurityCategories: scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArray{
&scm.DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs{
Action: pulumi.String("string"),
LogLevel: pulumi.String("string"),
Name: pulumi.String("string"),
PacketCapture: pulumi.String("string"),
},
},
Lists: scm.DnsSecurityProfileBotnetDomainsListArray{
&scm.DnsSecurityProfileBotnetDomainsListArgs{
Name: pulumi.String("string"),
Action: &scm.DnsSecurityProfileBotnetDomainsListActionArgs{
Alert: &scm.DnsSecurityProfileBotnetDomainsListActionAlertArgs{},
Allow: &scm.DnsSecurityProfileBotnetDomainsListActionAllowArgs{},
Block: &scm.DnsSecurityProfileBotnetDomainsListActionBlockArgs{},
Sinkhole: &scm.DnsSecurityProfileBotnetDomainsListActionSinkholeArgs{},
},
PacketCapture: pulumi.String("string"),
},
},
Sinkhole: &scm.DnsSecurityProfileBotnetDomainsSinkholeArgs{
Ipv4Address: pulumi.String("string"),
Ipv6Address: pulumi.String("string"),
},
Whitelists: scm.DnsSecurityProfileBotnetDomainsWhitelistArray{
&scm.DnsSecurityProfileBotnetDomainsWhitelistArgs{
Name: pulumi.String("string"),
Description: pulumi.String("string"),
},
},
},
Description: pulumi.String("string"),
Device: pulumi.String("string"),
Folder: pulumi.String("string"),
Name: pulumi.String("string"),
Snippet: pulumi.String("string"),
})
var dnsSecurityProfileResource = new DnsSecurityProfile("dnsSecurityProfileResource", DnsSecurityProfileArgs.builder()
.botnetDomains(DnsSecurityProfileBotnetDomainsArgs.builder()
.dnsSecurityCategories(DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs.builder()
.action("string")
.logLevel("string")
.name("string")
.packetCapture("string")
.build())
.lists(DnsSecurityProfileBotnetDomainsListArgs.builder()
.name("string")
.action(DnsSecurityProfileBotnetDomainsListActionArgs.builder()
.alert(DnsSecurityProfileBotnetDomainsListActionAlertArgs.builder()
.build())
.allow(DnsSecurityProfileBotnetDomainsListActionAllowArgs.builder()
.build())
.block(DnsSecurityProfileBotnetDomainsListActionBlockArgs.builder()
.build())
.sinkhole(DnsSecurityProfileBotnetDomainsListActionSinkholeArgs.builder()
.build())
.build())
.packetCapture("string")
.build())
.sinkhole(DnsSecurityProfileBotnetDomainsSinkholeArgs.builder()
.ipv4Address("string")
.ipv6Address("string")
.build())
.whitelists(DnsSecurityProfileBotnetDomainsWhitelistArgs.builder()
.name("string")
.description("string")
.build())
.build())
.description("string")
.device("string")
.folder("string")
.name("string")
.snippet("string")
.build());
dns_security_profile_resource = scm.DnsSecurityProfile("dnsSecurityProfileResource",
botnet_domains={
"dns_security_categories": [{
"action": "string",
"log_level": "string",
"name": "string",
"packet_capture": "string",
}],
"lists": [{
"name": "string",
"action": {
"alert": {},
"allow": {},
"block": {},
"sinkhole": {},
},
"packet_capture": "string",
}],
"sinkhole": {
"ipv4_address": "string",
"ipv6_address": "string",
},
"whitelists": [{
"name": "string",
"description": "string",
}],
},
description="string",
device="string",
folder="string",
name="string",
snippet="string")
const dnsSecurityProfileResource = new scm.DnsSecurityProfile("dnsSecurityProfileResource", {
botnetDomains: {
dnsSecurityCategories: [{
action: "string",
logLevel: "string",
name: "string",
packetCapture: "string",
}],
lists: [{
name: "string",
action: {
alert: {},
allow: {},
block: {},
sinkhole: {},
},
packetCapture: "string",
}],
sinkhole: {
ipv4Address: "string",
ipv6Address: "string",
},
whitelists: [{
name: "string",
description: "string",
}],
},
description: "string",
device: "string",
folder: "string",
name: "string",
snippet: "string",
});
type: scm:DnsSecurityProfile
properties:
botnetDomains:
dnsSecurityCategories:
- action: string
logLevel: string
name: string
packetCapture: string
lists:
- action:
alert: {}
allow: {}
block: {}
sinkhole: {}
name: string
packetCapture: string
sinkhole:
ipv4Address: string
ipv6Address: string
whitelists:
- description: string
name: string
description: string
device: string
folder: string
name: string
snippet: string
DnsSecurityProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DnsSecurityProfile resource accepts the following input properties:
- Botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- Description string
- The description of the DNS security profile
- Device string
- The device in which the resource is defined
- Folder string
- The folder in which the resource is defined
- Name string
- The name of the DNS security profile
- Snippet string
- The snippet in which the resource is defined
- Botnet
Domains DnsSecurity Profile Botnet Domains Args - Botnet domains
- Description string
- The description of the DNS security profile
- Device string
- The device in which the resource is defined
- Folder string
- The folder in which the resource is defined
- Name string
- The name of the DNS security profile
- Snippet string
- The snippet in which the resource is defined
- botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- description String
- The description of the DNS security profile
- device String
- The device in which the resource is defined
- folder String
- The folder in which the resource is defined
- name String
- The name of the DNS security profile
- snippet String
- The snippet in which the resource is defined
- botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- description string
- The description of the DNS security profile
- device string
- The device in which the resource is defined
- folder string
- The folder in which the resource is defined
- name string
- The name of the DNS security profile
- snippet string
- The snippet in which the resource is defined
- botnet_
domains DnsSecurity Profile Botnet Domains Args - Botnet domains
- description str
- The description of the DNS security profile
- device str
- The device in which the resource is defined
- folder str
- The folder in which the resource is defined
- name str
- The name of the DNS security profile
- snippet str
- The snippet in which the resource is defined
- botnet
Domains Property Map - Botnet domains
- description String
- The description of the DNS security profile
- device String
- The device in which the resource is defined
- folder String
- The folder in which the resource is defined
- name String
- The name of the DNS security profile
- snippet String
- The snippet in which the resource is defined
Outputs
All input properties are implicitly available as output properties. Additionally, the DnsSecurityProfile resource produces the following output properties:
Look up Existing DnsSecurityProfile Resource
Get an existing DnsSecurityProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DnsSecurityProfileState, opts?: CustomResourceOptions): DnsSecurityProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
botnet_domains: Optional[DnsSecurityProfileBotnetDomainsArgs] = None,
description: Optional[str] = None,
device: Optional[str] = None,
folder: Optional[str] = None,
name: Optional[str] = None,
snippet: Optional[str] = None,
tfid: Optional[str] = None) -> DnsSecurityProfilefunc GetDnsSecurityProfile(ctx *Context, name string, id IDInput, state *DnsSecurityProfileState, opts ...ResourceOption) (*DnsSecurityProfile, error)public static DnsSecurityProfile Get(string name, Input<string> id, DnsSecurityProfileState? state, CustomResourceOptions? opts = null)public static DnsSecurityProfile get(String name, Output<String> id, DnsSecurityProfileState state, CustomResourceOptions options)resources: _: type: scm:DnsSecurityProfile get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- Description string
- The description of the DNS security profile
- Device string
- The device in which the resource is defined
- Folder string
- The folder in which the resource is defined
- Name string
- The name of the DNS security profile
- Snippet string
- The snippet in which the resource is defined
- Tfid string
- Botnet
Domains DnsSecurity Profile Botnet Domains Args - Botnet domains
- Description string
- The description of the DNS security profile
- Device string
- The device in which the resource is defined
- Folder string
- The folder in which the resource is defined
- Name string
- The name of the DNS security profile
- Snippet string
- The snippet in which the resource is defined
- Tfid string
- botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- description String
- The description of the DNS security profile
- device String
- The device in which the resource is defined
- folder String
- The folder in which the resource is defined
- name String
- The name of the DNS security profile
- snippet String
- The snippet in which the resource is defined
- tfid String
- botnet
Domains DnsSecurity Profile Botnet Domains - Botnet domains
- description string
- The description of the DNS security profile
- device string
- The device in which the resource is defined
- folder string
- The folder in which the resource is defined
- name string
- The name of the DNS security profile
- snippet string
- The snippet in which the resource is defined
- tfid string
- botnet_
domains DnsSecurity Profile Botnet Domains Args - Botnet domains
- description str
- The description of the DNS security profile
- device str
- The device in which the resource is defined
- folder str
- The folder in which the resource is defined
- name str
- The name of the DNS security profile
- snippet str
- The snippet in which the resource is defined
- tfid str
- botnet
Domains Property Map - Botnet domains
- description String
- The description of the DNS security profile
- device String
- The device in which the resource is defined
- folder String
- The folder in which the resource is defined
- name String
- The name of the DNS security profile
- snippet String
- The snippet in which the resource is defined
- tfid String
Supporting Types
DnsSecurityProfileBotnetDomains, DnsSecurityProfileBotnetDomainsArgs
- Dns
Security List<DnsCategories Security Profile Botnet Domains Dns Security Category> - DNS categories
- Lists
List<Dns
Security Profile Botnet Domains List> - Dynamic lists of DNS domains
- Sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- Whitelists
List<Dns
Security Profile Botnet Domains Whitelist> - DNS security overrides
- Dns
Security []DnsCategories Security Profile Botnet Domains Dns Security Category - DNS categories
- Lists
[]Dns
Security Profile Botnet Domains List - Dynamic lists of DNS domains
- Sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- Whitelists
[]Dns
Security Profile Botnet Domains Whitelist - DNS security overrides
- dns
Security List<DnsCategories Security Profile Botnet Domains Dns Security Category> - DNS categories
- lists
List<Dns
Security Profile Botnet Domains List> - Dynamic lists of DNS domains
- sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- whitelists
List<Dns
Security Profile Botnet Domains Whitelist> - DNS security overrides
- dns
Security DnsCategories Security Profile Botnet Domains Dns Security Category[] - DNS categories
- lists
Dns
Security Profile Botnet Domains List[] - Dynamic lists of DNS domains
- sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- whitelists
Dns
Security Profile Botnet Domains Whitelist[] - DNS security overrides
- dns_
security_ Sequence[Dnscategories Security Profile Botnet Domains Dns Security Category] - DNS categories
- lists
Sequence[Dns
Security Profile Botnet Domains List] - Dynamic lists of DNS domains
- sinkhole
Dns
Security Profile Botnet Domains Sinkhole - DNS sinkhole settings
- whitelists
Sequence[Dns
Security Profile Botnet Domains Whitelist] - DNS security overrides
- dns
Security List<Property Map>Categories - DNS categories
- lists List<Property Map>
- Dynamic lists of DNS domains
- sinkhole Property Map
- DNS sinkhole settings
- whitelists List<Property Map>
- DNS security overrides
DnsSecurityProfileBotnetDomainsDnsSecurityCategory, DnsSecurityProfileBotnetDomainsDnsSecurityCategoryArgs
- Action string
- Action
- Log
Level string - Log level
- Name string
- Name
- Packet
Capture string - Packet capture
- Action string
- Action
- Log
Level string - Log level
- Name string
- Name
- Packet
Capture string - Packet capture
- action String
- Action
- log
Level String - Log level
- name String
- Name
- packet
Capture String - Packet capture
- action string
- Action
- log
Level string - Log level
- name string
- Name
- packet
Capture string - Packet capture
- action str
- Action
- log_
level str - Log level
- name str
- Name
- packet_
capture str - Packet capture
- action String
- Action
- log
Level String - Log level
- name String
- Name
- packet
Capture String - Packet capture
DnsSecurityProfileBotnetDomainsList, DnsSecurityProfileBotnetDomainsListArgs
- Name string
- Name
- Action
Dns
Security Profile Botnet Domains List Action - Action
- Packet
Capture string - Packet capture
- Name string
- Name
- Action
Dns
Security Profile Botnet Domains List Action - Action
- Packet
Capture string - Packet capture
- name String
- Name
- action
Dns
Security Profile Botnet Domains List Action - Action
- packet
Capture String - Packet capture
- name string
- Name
- action
Dns
Security Profile Botnet Domains List Action - Action
- packet
Capture string - Packet capture
- name str
- Name
- action
Dns
Security Profile Botnet Domains List Action - Action
- packet_
capture str - Packet capture
- name String
- Name
- action Property Map
- Action
- packet
Capture String - Packet capture
DnsSecurityProfileBotnetDomainsListAction, DnsSecurityProfileBotnetDomainsListActionArgs
- alert Property Map
- Alert
- allow Property Map
- Allow
- block Property Map
- Block
- sinkhole Property Map
- Sinkhole
DnsSecurityProfileBotnetDomainsSinkhole, DnsSecurityProfileBotnetDomainsSinkholeArgs
- Ipv4Address string
- Ipv4 address
- Ipv6Address string
- Ipv6 address
- Ipv4Address string
- Ipv4 address
- Ipv6Address string
- Ipv6 address
- ipv4Address String
- Ipv4 address
- ipv6Address String
- Ipv6 address
- ipv4Address string
- Ipv4 address
- ipv6Address string
- Ipv6 address
- ipv4_
address str - Ipv4 address
- ipv6_
address str - Ipv6 address
- ipv4Address String
- Ipv4 address
- ipv6Address String
- Ipv6 address
DnsSecurityProfileBotnetDomainsWhitelist, DnsSecurityProfileBotnetDomainsWhitelistArgs
- Name string
- DNS domain or FQDN to be whitelisted
- Description string
- Description
- Name string
- DNS domain or FQDN to be whitelisted
- Description string
- Description
- name String
- DNS domain or FQDN to be whitelisted
- description String
- Description
- name string
- DNS domain or FQDN to be whitelisted
- description string
- Description
- name str
- DNS domain or FQDN to be whitelisted
- description str
- Description
- name String
- DNS domain or FQDN to be whitelisted
- description String
- Description
Package Details
- Repository
- scm pulumi/pulumi-scm
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
scmTerraform Provider.
Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
