IsIpsecPolicy

ibm 2.3.0-beta0, Jun 15 26

Viewing docs for ibm 2.3.0-beta0
published on Monday, Jun 15, 2026 by ibm-cloud

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
    }
}

{}

Example coming soon!

Example Usage

Multiple algorithms

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const exampleMulti = new ibm.IsIpsecPolicy("example_multi", {
    name: "example-ipsec-policy-multi",
    authenticationAlgorithms: [
        "sha512",
        "sha384",
    ],
    encryptionAlgorithms: [
        "aes128",
        "aes192",
    ],
    pfsGroups: [
        "group_14",
        "group_15",
    ],
});

import pulumi
import pulumi_ibm as ibm

example_multi = ibm.IsIpsecPolicy("example_multi",
    name="example-ipsec-policy-multi",
    authentication_algorithms=[
        "sha512",
        "sha384",
    ],
    encryption_algorithms=[
        "aes128",
        "aes192",
    ],
    pfs_groups=[
        "group_14",
        "group_15",
    ])

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/v2/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewIsIpsecPolicy(ctx, "example_multi", &ibm.IsIpsecPolicyArgs{
			Name: pulumi.String("example-ipsec-policy-multi"),
			AuthenticationAlgorithms: pulumi.StringArray{
				pulumi.String("sha512"),
				pulumi.String("sha384"),
			},
			EncryptionAlgorithms: pulumi.StringArray{
				pulumi.String("aes128"),
				pulumi.String("aes192"),
			},
			PfsGroups: pulumi.StringArray{
				pulumi.String("group_14"),
				pulumi.String("group_15"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var exampleMulti = new Ibm.IsIpsecPolicy("example_multi", new()
    {
        Name = "example-ipsec-policy-multi",
        AuthenticationAlgorithms = new[]
        {
            "sha512",
            "sha384",
        },
        EncryptionAlgorithms = new[]
        {
            "aes128",
            "aes192",
        },
        PfsGroups = new[]
        {
            "group_14",
            "group_15",
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IsIpsecPolicy;
import com.pulumi.ibm.IsIpsecPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var exampleMulti = new IsIpsecPolicy("exampleMulti", IsIpsecPolicyArgs.builder()
            .name("example-ipsec-policy-multi")
            .authenticationAlgorithms(            
                "sha512",
                "sha384")
            .encryptionAlgorithms(            
                "aes128",
                "aes192")
            .pfsGroups(            
                "group_14",
                "group_15")
            .build());

    }
}

resources:
  exampleMulti:
    type: ibm:IsIpsecPolicy
    name: example_multi
    properties:
      name: example-ipsec-policy-multi
      authenticationAlgorithms:
        - sha512
        - sha384
      encryptionAlgorithms:
        - aes128
        - aes192
      pfsGroups:
        - group_14
        - group_15

Example coming soon!

Legacy single-algorithm

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const example = new ibm.IsIpsecPolicy("example", {
    name: "example-ipsec-policy",
    authenticationAlgorithm: "sha256",
    encryptionAlgorithm: "aes128",
    pfs: "disabled",
});

import pulumi
import pulumi_ibm as ibm

example = ibm.IsIpsecPolicy("example",
    name="example-ipsec-policy",
    authentication_algorithm="sha256",
    encryption_algorithm="aes128",
    pfs="disabled")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/v2/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewIsIpsecPolicy(ctx, "example", &ibm.IsIpsecPolicyArgs{
			Name:                    pulumi.String("example-ipsec-policy"),
			AuthenticationAlgorithm: pulumi.String("sha256"),
			EncryptionAlgorithm:     pulumi.String("aes128"),
			Pfs:                     pulumi.String("disabled"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var example = new Ibm.IsIpsecPolicy("example", new()
    {
        Name = "example-ipsec-policy",
        AuthenticationAlgorithm = "sha256",
        EncryptionAlgorithm = "aes128",
        Pfs = "disabled",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IsIpsecPolicy;
import com.pulumi.ibm.IsIpsecPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new IsIpsecPolicy("example", IsIpsecPolicyArgs.builder()
            .name("example-ipsec-policy")
            .authenticationAlgorithm("sha256")
            .encryptionAlgorithm("aes128")
            .pfs("disabled")
            .build());

    }
}

resources:
  example:
    type: ibm:IsIpsecPolicy
    properties:
      name: example-ipsec-policy
      authenticationAlgorithm: sha256
      encryptionAlgorithm: aes128
      pfs: disabled

Example coming soon!

Create IsIpsecPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new IsIpsecPolicy(name: string, args?: IsIpsecPolicyArgs, opts?: CustomResourceOptions);

@overload
def IsIpsecPolicy(resource_name: str,
                  args: Optional[IsIpsecPolicyArgs] = None,
                  opts: Optional[ResourceOptions] = None)

@overload
def IsIpsecPolicy(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  authentication_algorithm: Optional[str] = None,
                  authentication_algorithms: Optional[Sequence[str]] = None,
                  encryption_algorithm: Optional[str] = None,
                  encryption_algorithms: Optional[Sequence[str]] = None,
                  is_ipsec_policy_id: Optional[str] = None,
                  key_lifetime: Optional[float] = None,
                  name: Optional[str] = None,
                  pfs: Optional[str] = None,
                  pfs_groups: Optional[Sequence[str]] = None,
                  resource_group: Optional[str] = None)

func NewIsIpsecPolicy(ctx *Context, name string, args *IsIpsecPolicyArgs, opts ...ResourceOption) (*IsIpsecPolicy, error)

public IsIpsecPolicy(string name, IsIpsecPolicyArgs? args = null, CustomResourceOptions? opts = null)

public IsIpsecPolicy(String name, IsIpsecPolicyArgs args)
public IsIpsecPolicy(String name, IsIpsecPolicyArgs args, CustomResourceOptions options)

type: ibm:IsIpsecPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

resource "ibm_isipsecpolicy" "name" {
    # resource properties
}

Parameters

name string: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args IsIpsecPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var isIpsecPolicyResource = new Ibm.IsIpsecPolicy("isIpsecPolicyResource", new()
{
    AuthenticationAlgorithms = new[]
    {
        "string",
    },
    EncryptionAlgorithms = new[]
    {
        "string",
    },
    IsIpsecPolicyId = "string",
    KeyLifetime = 0,
    Name = "string",
    PfsGroups = new[]
    {
        "string",
    },
    ResourceGroup = "string",
});

example, err := ibm.NewIsIpsecPolicy(ctx, "isIpsecPolicyResource", &ibm.IsIpsecPolicyArgs{
	AuthenticationAlgorithms: pulumi.StringArray{
		pulumi.String("string"),
	},
	EncryptionAlgorithms: pulumi.StringArray{
		pulumi.String("string"),
	},
	IsIpsecPolicyId: pulumi.String("string"),
	KeyLifetime:     pulumi.Float64(0),
	Name:            pulumi.String("string"),
	PfsGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	ResourceGroup: pulumi.String("string"),
})

resource "ibm_isipsecpolicy" "isIpsecPolicyResource" {
  authentication_algorithms = ["string"]
  encryption_algorithms     = ["string"]
  is_ipsec_policy_id        = "string"
  key_lifetime              = 0
  name                      = "string"
  pfs_groups                = ["string"]
  resource_group            = "string"
}

var isIpsecPolicyResource = new IsIpsecPolicy("isIpsecPolicyResource", IsIpsecPolicyArgs.builder()
    .authenticationAlgorithms("string")
    .encryptionAlgorithms("string")
    .isIpsecPolicyId("string")
    .keyLifetime(0.0)
    .name("string")
    .pfsGroups("string")
    .resourceGroup("string")
    .build());

is_ipsec_policy_resource = ibm.IsIpsecPolicy("isIpsecPolicyResource",
    authentication_algorithms=["string"],
    encryption_algorithms=["string"],
    is_ipsec_policy_id="string",
    key_lifetime=float(0),
    name="string",
    pfs_groups=["string"],
    resource_group="string")

const isIpsecPolicyResource = new ibm.IsIpsecPolicy("isIpsecPolicyResource", {
    authenticationAlgorithms: ["string"],
    encryptionAlgorithms: ["string"],
    isIpsecPolicyId: "string",
    keyLifetime: 0,
    name: "string",
    pfsGroups: ["string"],
    resourceGroup: "string",
});

type: ibm:IsIpsecPolicy
properties:
    authenticationAlgorithms:
        - string
    encryptionAlgorithms:
        - string
    isIpsecPolicyId: string
    keyLifetime: 0
    name: string
    pfsGroups:
        - string
    resourceGroup: string

IsIpsecPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The IsIpsecPolicy resource accepts the following input properties:

AuthenticationAlgorithm string

Deprecated. Use authentication_algorithms instead. The authentication algorithm. Available options are sha256, sha512, sha384, disabled. Existing configurations using this field continue to work without any changes. Exactly one of authentication_algorithm or authentication_algorithms must be specified.

Deprecated: Deprecated

AuthenticationAlgorithms List<string>

The authentication algorithms to use for IPsec negotiation. The order of the algorithms in this array indicates their priority for negotiation, with each algorithm having priority over the one after it. Exactly one of authentication_algorithm or authentication_algorithms must be specified.

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

EncryptionAlgorithm string

Deprecated. Use encryption_algorithms instead. The encryption algorithm. Available options are: aes128, aes192, aes256, aes128gcm16, aes192gcm16, aes256gcm16. Exactly one of encryption_algorithm or encryption_algorithms must be specified.

Deprecated: Deprecated

EncryptionAlgorithms List<string>

The encryption algorithms to use for IPsec negotiation. The order of the algorithms in this array indicates their priority for negotiation, with each algorithm having priority over the one after it. Exactly one of encryption_algorithm or encryption_algorithms must be specified.

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

IsIpsecPolicyId string

(String) The unique identifier of a VPN connection.

KeyLifetime double

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

Name string

Enter the name for your IPSec policy.

Pfs string

Deprecated. Use pfs_groups instead. The Perfect Forward Secrecy protocol. Available options are disabled, group_2, group_5, and group_14. Exactly one of pfs or pfs_groups must be specified.

Deprecated: Deprecated

PfsGroups List<string>

The Perfect Forward Secrecy groups to use for IPsec negotiation. The order of the Perfect Forward Secrecy groups in this array indicates their priority for negotiation, with each Perfect Forward Secrecy group having priority over the one after it. Exactly one of pfs or pfs_groups must be specified.

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

ResourceGroup string

Enter the ID of the resource group where you want to create the IPSec policy. To list available resource groups, run ibmcloud resource groups. If you do not specify a resource group, the IPSec policy is created in the default resource group.

AuthenticationAlgorithm string

Deprecated: Deprecated

AuthenticationAlgorithms []string

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

EncryptionAlgorithm string

Deprecated: Deprecated

EncryptionAlgorithms []string

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

IsIpsecPolicyId string

(String) The unique identifier of a VPN connection.

KeyLifetime float64

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

Name string

Enter the name for your IPSec policy.

Pfs string

Deprecated: Deprecated

PfsGroups []string

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

ResourceGroup string

authentication_algorithm string

Deprecated: Deprecated

authentication_algorithms list(string)

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encryption_algorithm string

Deprecated: Deprecated

encryption_algorithms list(string)

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

is_ipsec_policy_id string

(String) The unique identifier of a VPN connection.

key_lifetime number

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name string

Enter the name for your IPSec policy.

pfs string

Deprecated: Deprecated

pfs_groups list(string)

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resource_group string

authenticationAlgorithm String

Deprecated: Deprecated

authenticationAlgorithms List<String>

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encryptionAlgorithm String

Deprecated: Deprecated

encryptionAlgorithms List<String>

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

isIpsecPolicyId String

(String) The unique identifier of a VPN connection.

keyLifetime Double

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name String

Enter the name for your IPSec policy.

pfs String

Deprecated: Deprecated

pfsGroups List<String>

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resourceGroup String

authenticationAlgorithm string

Deprecated: Deprecated

authenticationAlgorithms string[]

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encryptionAlgorithm string

Deprecated: Deprecated

encryptionAlgorithms string[]

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

isIpsecPolicyId string

(String) The unique identifier of a VPN connection.

keyLifetime number

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name string

Enter the name for your IPSec policy.

pfs string

Deprecated: Deprecated

pfsGroups string[]

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resourceGroup string

authentication_algorithm str

Deprecated: Deprecated

authentication_algorithms Sequence[str]

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encryption_algorithm str

Deprecated: Deprecated

encryption_algorithms Sequence[str]

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

is_ipsec_policy_id str

(String) The unique identifier of a VPN connection.

key_lifetime float

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name str

Enter the name for your IPSec policy.

pfs str

Deprecated: Deprecated

pfs_groups Sequence[str]

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resource_group str

authenticationAlgorithm String

Deprecated: Deprecated

authenticationAlgorithms List<String>

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encryptionAlgorithm String

Deprecated: Deprecated

encryptionAlgorithms List<String>

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

isIpsecPolicyId String

(String) The unique identifier of a VPN connection.

keyLifetime Number

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name String

Enter the name for your IPSec policy.

pfs String

Deprecated: Deprecated

pfsGroups List<String>

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resourceGroup String

Outputs

All input properties are implicitly available as output properties. Additionally, the IsIpsecPolicy resource produces the following output properties:

EncapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
Id string: The provider-assigned unique ID for this managed resource.
ResourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
ResourceCrn string: The crn of the resource
ResourceGroupName string: The resource group name in which resource is provisioned
ResourceName string: The name of the resource
TransformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
VpnConnections List<IsIpsecPolicyVpnConnection>: (List) A collection of VPN connections that use the IPSec policy.

EncapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
Id string: The provider-assigned unique ID for this managed resource.
ResourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
ResourceCrn string: The crn of the resource
ResourceGroupName string: The resource group name in which resource is provisioned
ResourceName string: The name of the resource
TransformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
VpnConnections []IsIpsecPolicyVpnConnection: (List) A collection of VPN connections that use the IPSec policy.

encapsulation_mode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id string: The provider-assigned unique ID for this managed resource.
resource_controller_url string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resource_crn string: The crn of the resource
resource_group_name string: The resource group name in which resource is provisioned
resource_name string: The name of the resource
transform_protocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpn_connections list(object): (List) A collection of VPN connections that use the IPSec policy.

encapsulationMode String: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id String: The provider-assigned unique ID for this managed resource.
resourceControllerUrl String: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn String: The crn of the resource
resourceGroupName String: The resource group name in which resource is provisioned
resourceName String: The name of the resource
transformProtocol String: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections List<IsIpsecPolicyVpnConnection>: (List) A collection of VPN connections that use the IPSec policy.

encapsulationMode string: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id string: The provider-assigned unique ID for this managed resource.
resourceControllerUrl string: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn string: The crn of the resource
resourceGroupName string: The resource group name in which resource is provisioned
resourceName string: The name of the resource
transformProtocol string: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections IsIpsecPolicyVpnConnection[]: (List) A collection of VPN connections that use the IPSec policy.

encapsulation_mode str: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id str: The provider-assigned unique ID for this managed resource.
resource_controller_url str: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resource_crn str: The crn of the resource
resource_group_name str: The resource group name in which resource is provisioned
resource_name str: The name of the resource
transform_protocol str: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpn_connections Sequence[IsIpsecPolicyVpnConnection]: (List) A collection of VPN connections that use the IPSec policy.

encapsulationMode String: (String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.
id String: The provider-assigned unique ID for this managed resource.
resourceControllerUrl String: The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance
resourceCrn String: The crn of the resource
resourceGroupName String: The resource group name in which resource is provisioned
resourceName String: The name of the resource
transformProtocol String: (String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.
vpnConnections List<Property Map>: (List) A collection of VPN connections that use the IPSec policy.

Look up Existing IsIpsecPolicy Resource

Get an existing IsIpsecPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IsIpsecPolicyState, opts?: CustomResourceOptions): IsIpsecPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        authentication_algorithm: Optional[str] = None,
        authentication_algorithms: Optional[Sequence[str]] = None,
        encapsulation_mode: Optional[str] = None,
        encryption_algorithm: Optional[str] = None,
        encryption_algorithms: Optional[Sequence[str]] = None,
        is_ipsec_policy_id: Optional[str] = None,
        key_lifetime: Optional[float] = None,
        name: Optional[str] = None,
        pfs: Optional[str] = None,
        pfs_groups: Optional[Sequence[str]] = None,
        resource_controller_url: Optional[str] = None,
        resource_crn: Optional[str] = None,
        resource_group: Optional[str] = None,
        resource_group_name: Optional[str] = None,
        resource_name: Optional[str] = None,
        transform_protocol: Optional[str] = None,
        vpn_connections: Optional[Sequence[IsIpsecPolicyVpnConnectionArgs]] = None) -> IsIpsecPolicy

func GetIsIpsecPolicy(ctx *Context, name string, id IDInput, state *IsIpsecPolicyState, opts ...ResourceOption) (*IsIpsecPolicy, error)

public static IsIpsecPolicy Get(string name, Input<string> id, IsIpsecPolicyState? state, CustomResourceOptions? opts = null)

public static IsIpsecPolicy get(String name, Output<String> id, IsIpsecPolicyState state, CustomResourceOptions options)

resources:  _:    type: ibm:IsIpsecPolicy    get:      id: ${id}

import {
  to = ibm_isipsecpolicy.example
  id = "${id}"
}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AuthenticationAlgorithm string

Deprecated: Deprecated

AuthenticationAlgorithms List<string>

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

EncapsulationMode string

(String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.

EncryptionAlgorithm string

Deprecated: Deprecated

EncryptionAlgorithms List<string>

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

IsIpsecPolicyId string

(String) The unique identifier of a VPN connection.

KeyLifetime double

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

Name string

Enter the name for your IPSec policy.

Pfs string

Deprecated: Deprecated

PfsGroups List<string>

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

ResourceControllerUrl string

The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance

ResourceCrn string

The crn of the resource

ResourceGroup string

ResourceGroupName string

The resource group name in which resource is provisioned

ResourceName string

The name of the resource

TransformProtocol string

(String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.

VpnConnections List<IsIpsecPolicyVpnConnection>

(List) A collection of VPN connections that use the IPSec policy.

AuthenticationAlgorithm string

Deprecated: Deprecated

AuthenticationAlgorithms []string

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

EncapsulationMode string

(String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.

EncryptionAlgorithm string

Deprecated: Deprecated

EncryptionAlgorithms []string

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

IsIpsecPolicyId string

(String) The unique identifier of a VPN connection.

KeyLifetime float64

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

Name string

Enter the name for your IPSec policy.

Pfs string

Deprecated: Deprecated

PfsGroups []string

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

ResourceControllerUrl string

The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance

ResourceCrn string

The crn of the resource

ResourceGroup string

ResourceGroupName string

The resource group name in which resource is provisioned

ResourceName string

The name of the resource

TransformProtocol string

(String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.

VpnConnections []IsIpsecPolicyVpnConnectionArgs

(List) A collection of VPN connections that use the IPSec policy.

authentication_algorithm string

Deprecated: Deprecated

authentication_algorithms list(string)

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encapsulation_mode string

(String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.

encryption_algorithm string

Deprecated: Deprecated

encryption_algorithms list(string)

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

is_ipsec_policy_id string

(String) The unique identifier of a VPN connection.

key_lifetime number

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name string

Enter the name for your IPSec policy.

pfs string

Deprecated: Deprecated

pfs_groups list(string)

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resource_controller_url string

The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance

resource_crn string

The crn of the resource

resource_group string

resource_group_name string

The resource group name in which resource is provisioned

resource_name string

The name of the resource

transform_protocol string

(String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.

vpn_connections list(object)

(List) A collection of VPN connections that use the IPSec policy.

authenticationAlgorithm String

Deprecated: Deprecated

authenticationAlgorithms List<String>

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encapsulationMode String

(String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.

encryptionAlgorithm String

Deprecated: Deprecated

encryptionAlgorithms List<String>

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

isIpsecPolicyId String

(String) The unique identifier of a VPN connection.

keyLifetime Double

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name String

Enter the name for your IPSec policy.

pfs String

Deprecated: Deprecated

pfsGroups List<String>

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resourceControllerUrl String

The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance

resourceCrn String

The crn of the resource

resourceGroup String

resourceGroupName String

The resource group name in which resource is provisioned

resourceName String

The name of the resource

transformProtocol String

(String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.

vpnConnections List<IsIpsecPolicyVpnConnection>

(List) A collection of VPN connections that use the IPSec policy.

authenticationAlgorithm string

Deprecated: Deprecated

authenticationAlgorithms string[]

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encapsulationMode string

(String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.

encryptionAlgorithm string

Deprecated: Deprecated

encryptionAlgorithms string[]

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

isIpsecPolicyId string

(String) The unique identifier of a VPN connection.

keyLifetime number

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name string

Enter the name for your IPSec policy.

pfs string

Deprecated: Deprecated

pfsGroups string[]

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resourceControllerUrl string

The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance

resourceCrn string

The crn of the resource

resourceGroup string

resourceGroupName string

The resource group name in which resource is provisioned

resourceName string

The name of the resource

transformProtocol string

(String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.

vpnConnections IsIpsecPolicyVpnConnection[]

(List) A collection of VPN connections that use the IPSec policy.

authentication_algorithm str

Deprecated: Deprecated

authentication_algorithms Sequence[str]

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encapsulation_mode str

(String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.

encryption_algorithm str

Deprecated: Deprecated

encryption_algorithms Sequence[str]

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

is_ipsec_policy_id str

(String) The unique identifier of a VPN connection.

key_lifetime float

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name str

Enter the name for your IPSec policy.

pfs str

Deprecated: Deprecated

pfs_groups Sequence[str]

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resource_controller_url str

The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance

resource_crn str

The crn of the resource

resource_group str

resource_group_name str

The resource group name in which resource is provisioned

resource_name str

The name of the resource

transform_protocol str

(String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.

vpn_connections Sequence[IsIpsecPolicyVpnConnectionArgs]

(List) A collection of VPN connections that use the IPSec policy.

authenticationAlgorithm String

Deprecated: Deprecated

authenticationAlgorithms List<String>

Constraints: Allowable list items are: disabled, sha256, sha384, sha512. The maximum length is 3 items. The minimum length is 1 item.

encapsulationMode String

(String) The encapsulation mode that was set for your IPSec policy. Only tunnel is supported.

encryptionAlgorithm String

Deprecated: Deprecated

encryptionAlgorithms List<String>

Constraints: Allowable list items are: aes128, aes128gcm16, aes192, aes192gcm16, aes256, aes256gcm16. The maximum length is 3 items. The minimum length is 1 item.

isIpsecPolicyId String

(String) The unique identifier of a VPN connection.

keyLifetime Number

Enter the time in seconds that your encryption key can be used before it expires. You must enter a number between 300 and 86400. If you do not specify this option, 3600 seconds is used.

name String

Enter the name for your IPSec policy.

pfs String

Deprecated: Deprecated

pfsGroups List<String>

Constraints: Allowable list items are: disabled, group_14, group_15, group_16, group_17, group_18, group_19, group_20, group_21, group_22, group_23, group_24, group_31. The maximum length is 12 items. The minimum length is 1 item.

resourceControllerUrl String

The URL of the IBM Cloud dashboard that can be used to explore and view details about this instance

resourceCrn String

The crn of the resource

resourceGroup String

resourceGroupName String

The resource group name in which resource is provisioned

resourceName String

The name of the resource

transformProtocol String

(String) The transform protocol that is used in your IPSec policy. Only the esp protocol is supported that uses the triple DES (3DES) encryption algorithm to encrypt your data.

vpnConnections List<Property Map>

(List) A collection of VPN connections that use the IPSec policy.

Supporting Types

IsIpsecPolicyVpnConnection, IsIpsecPolicyVpnConnectionArgs

Href string: (String) The VPN connection's canonical URL.
Id string: (String) The unique identifier of a VPN connection.
Name string: Enter the name for your IPSec policy.

Href string: (String) The VPN connection's canonical URL.
Id string: (String) The unique identifier of a VPN connection.
Name string: Enter the name for your IPSec policy.

href string: (String) The VPN connection's canonical URL.
id string: (String) The unique identifier of a VPN connection.
name string: Enter the name for your IPSec policy.

href String: (String) The VPN connection's canonical URL.
id String: (String) The unique identifier of a VPN connection.
name String: Enter the name for your IPSec policy.

href string: (String) The VPN connection's canonical URL.
id string: (String) The unique identifier of a VPN connection.
name string: Enter the name for your IPSec policy.

href str: (String) The VPN connection's canonical URL.
id str: (String) The unique identifier of a VPN connection.
name str: Enter the name for your IPSec policy.

href String: (String) The VPN connection's canonical URL.
id String: (String) The unique identifier of a VPN connection.
name String: Enter the name for your IPSec policy.

Import

Using pulumi import. For example:

$ pulumi import ibm:index/isIpsecPolicy:IsIpsecPolicy example <id>

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

Viewing docs for ibm 2.3.0-beta0
published on Monday, Jun 15, 2026 by ibm-cloud

Schema (JSON)

ibm-cloud/terraform-provider-ibm

ibm.IsIpsecPolicy

On this page

On this page

Example Usage

Multiple algorithms

Legacy single-algorithm

Create IsIpsecPolicy Resource

Constructor syntax

Parameters

Constructor example

IsIpsecPolicy Resource Properties

Inputs

Outputs

Look up Existing IsIpsecPolicy Resource

Supporting Types

IsIpsecPolicyVpnConnection, IsIpsecPolicyVpnConnectionArgs

Import

Package Details

On this page

On this page

Try Pulumi Cloud free.
Your team will thank you.

ibm.IsIpsecPolicy

On this page

On this page

Example Usage

Multiple algorithms

Legacy single-algorithm

Create IsIpsecPolicy Resource

Constructor syntax

Parameters

Constructor example

IsIpsecPolicy Resource Properties

Inputs

Outputs

Look up Existing IsIpsecPolicy Resource

Supporting Types

IsIpsecPolicyVpnConnection, IsIpsecPolicyVpnConnectionArgs

Import

Package Details

On this page

On this page

Try Pulumi Cloud free.Your team will thank you.

Try Pulumi Cloud free.
Your team will thank you.