import * as pulumi from "@pulumi/pulumi";
import * as inputs from "./types/input";
import * as outputs from "./types/output";
/**
 * Provides a Nutanix network security rule resource to Create a network security rule.
 *
 * > NOTE: The use of<span pulumi-lang-nodejs=" networkSecurityRule " pulumi-lang-dotnet=" NetworkSecurityRule " pulumi-lang-go=" networkSecurityRule " pulumi-lang-python=" network_security_rule " pulumi-lang-yaml=" networkSecurityRule " pulumi-lang-java=" networkSecurityRule " pulumi-lang-hcl=" network_security_rule "> networkSecurityRule </span>is only applicable in AHV clusters and requires Microsegmentation to be enabled. This feature is a function of the Flow product and requires a Flow license. For more information on Flow and Microsegmentation please visit https://www.nutanix.com/products/flow
 *
 * ## Example Usage
 *
 * ### Isolation Rule Example
 *
 * <!--Start PulumiCodeChooser -->
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as nutanix from "@pierskarsenbarg/nutanix";
 *
 * const isolation = new nutanix.NetworkSecurityRule("isolation", {
 *     name: "example-isolation-rule",
 *     description: "Isolation Rule Example",
 *     isolationRuleAction: "APPLY",
 *     isolationRuleFirstEntityFilterKindLists: ["vm"],
 *     isolationRuleFirstEntityFilterType: "CATEGORIES_MATCH_ALL",
 *     isolationRuleFirstEntityFilterParams: [{
 *         name: "Environment",
 *         values: ["Dev"],
 *     }],
 *     isolationRuleSecondEntityFilterKindLists: ["vm"],
 *     isolationRuleSecondEntityFilterType: "CATEGORIES_MATCH_ALL",
 *     isolationRuleSecondEntityFilterParams: [{
 *         name: "Environment",
 *         values: ["Production"],
 *     }],
 * });
 * ```
 * <!--End PulumiCodeChooser -->
 *
 * ### App Rule Example with associated VMs.
 * <!--Start PulumiCodeChooser -->
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as nutanix from "@pierskarsenbarg/nutanix";
 *
 * const clusters = nutanix.getClusters({});
 * const clusterUuid = clusters.then(clusters => .filter(cluster => cluster.serviceList[0] != "PRISM_CENTRAL").map(cluster => (cluster.metadata?.uuid))[0]);
 * //Create categories.
 * const test_category_key = new nutanix.CategoryKey("test-category-key", {
 *     name: "TIER-1",
 *     description: "TIER Category Key",
 * });
 * const USER = new nutanix.CategoryKey("USER", {
 *     name: "user",
 *     description: "user Category Key",
 * });
 * const WEB = new nutanix.CategoryValue("WEB", {
 *     name: test_category_key.id,
 *     description: "WEB Category Value",
 *     value: "WEB-1",
 * });
 * const APP = new nutanix.CategoryValue("APP", {
 *     name: test_category_key.id,
 *     description: "APP Category Value",
 *     value: "APP-1",
 * });
 * const DB = new nutanix.CategoryValue("DB", {
 *     name: test_category_key.id,
 *     description: "DB Category Value",
 *     value: "DB-1",
 * });
 * const group = new nutanix.CategoryValue("group", {
 *     name: USER.id,
 *     description: "group Category Value",
 *     value: "group-1",
 * });
 * //Create a cirros image
 * const cirros_034_disk = new nutanix.Image("cirros-034-disk", {
 *     name: "test-image-vm-create-flow",
 *     sourceUri: "http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img",
 *     description: "heres a tiny linux image, not an iso, but a real disk!",
 * });
 * //APP-1 VM.
 * const vm_app = new nutanix.VirtualMachine("vm-app", {
 *     name: "test-dou-vm-flow-APP-1",
 *     clusterUuid: clusterUuid,
 *     numVcpusPerSocket: 1,
 *     numSockets: 1,
 *     memorySizeMib: 186,
 *     nicLists: [{
 *         subnetUuid: "c56b535c-8aff-4435-ae85-78e64a07f76d",
 *     }],
 *     diskLists: [{
 *         dataSourceReference: {
 *             kind: "image",
 *             uuid: cirros_034_disk.id,
 *         },
 *         deviceProperties: {
 *             diskAddress: {
 *                 device_index: "0",
 *                 adapter_type: "SCSI",
 *             },
 *             deviceType: "DISK",
 *         },
 *     }],
 *     categories: [
 *         {
 *             name: "Environment",
 *             value: "Staging",
 *         },
 *         {
 *             name: "TIER-1",
 *             value: APP.id,
 *         },
 *     ],
 * });
 * //WEB-1 VM
 * const vm_web = new nutanix.VirtualMachine("vm-web", {
 *     name: "test-dou-vm-flow-WEB-1",
 *     clusterUuid: clusterUuid,
 *     numVcpusPerSocket: 1,
 *     numSockets: 1,
 *     memorySizeMib: 186,
 *     nicLists: [{
 *         subnetUuid: "c56b535c-8aff-4435-ae85-78e64a07f76d",
 *     }],
 *     diskLists: [{
 *         dataSourceReference: {
 *             kind: "image",
 *             uuid: cirros_034_disk.id,
 *         },
 *         deviceProperties: {
 *             diskAddress: {
 *                 device_index: "0",
 *                 adapter_type: "SCSI",
 *             },
 *             deviceType: "DISK",
 *         },
 *     }],
 *     categories: [
 *         {
 *             name: "Environment",
 *             value: "Staging",
 *         },
 *         {
 *             name: "TIER-1",
 *             value: WEB.id,
 *         },
 *     ],
 * });
 * //DB-1 VM
 * const vm_db = new nutanix.VirtualMachine("vm-db", {
 *     name: "test-dou-vm-flow-DB-1",
 *     clusterUuid: clusterUuid,
 *     numVcpusPerSocket: 1,
 *     numSockets: 1,
 *     memorySizeMib: 186,
 *     nicLists: [{
 *         subnetUuid: "c56b535c-8aff-4435-ae85-78e64a07f76d",
 *     }],
 *     diskLists: [{
 *         dataSourceReference: {
 *             kind: "image",
 *             uuid: cirros_034_disk.id,
 *         },
 *         deviceProperties: {
 *             diskAddress: {
 *                 device_index: "0",
 *                 adapter_type: "SCSI",
 *             },
 *             deviceType: "DISK",
 *         },
 *     }],
 *     categories: [
 *         {
 *             name: "Environment",
 *             value: "Staging",
 *         },
 *         {
 *             name: "TIER-1",
 *             value: DB.id,
 *         },
 *     ],
 * });
 * //Create Application Network Policy.
 * const TEST_TIER = new nutanix.NetworkSecurityRule("TEST-TIER", {
 *     name: "RULE-1-TIERS",
 *     description: "rule 1 tiers",
 *     appRuleAction: "APPLY",
 *     appRuleInboundAllowLists: [{
 *         peerSpecificationType: "FILTER",
 *         filterType: "CATEGORIES_MATCH_ALL",
 *         filterKindLists: ["vm"],
 *         filterParams: [{
 *             name: test_category_key.id,
 *             values: [WEB.id],
 *         }],
 *     }],
 *     appRuleTargetGroupDefaultInternalPolicy: "DENY_ALL",
 *     appRuleTargetGroupPeerSpecificationType: "FILTER",
 *     appRuleTargetGroupFilterType: "CATEGORIES_MATCH_ALL",
 *     appRuleTargetGroupFilterKindLists: ["vm"],
 *     appRuleTargetGroupFilterParams: [
 *         {
 *             name: test_category_key.id,
 *             values: [APP.id],
 *         },
 *         {
 *             name: USER.id,
 *             values: [group.id],
 *         },
 *         {
 *             name: "AppType",
 *             values: ["Default"],
 *         },
 *     ],
 *     appRuleOutboundAllowLists: [{
 *         peerSpecificationType: "FILTER",
 *         filterType: "CATEGORIES_MATCH_ALL",
 *         filterKindLists: ["vm"],
 *         filterParams: [{
 *             name: test_category_key.id,
 *             values: [DB.id],
 *         }],
 *     }],
 * }, {
 *     dependsOn: [
 *         vm_app,
 *         vm_web,
 *         vm_db,
 *     ],
 * });
 * ```
 * <!--End PulumiCodeChooser -->
 *
 * ### Usage with service and address groups
 * <!--Start PulumiCodeChooser -->
 * ```typescript
 * import * as pulumi from "@pulumi/pulumi";
 * import * as nutanix from "@pierskarsenbarg/nutanix";
 *
 * const service1 = new nutanix.ServiceGroup("service1", {
 *     name: "srv-1",
 *     description: "test",
 *     serviceLists: [{
 *         protocol: "TCP",
 *         tcpPortRangeLists: [
 *             {
 *                 startPort: 22,
 *                 endPort: 22,
 *             },
 *             {
 *                 startPort: 2222,
 *                 endPort: 2222,
 *             },
 *         ],
 *     }],
 * });
 * const address1 = new nutanix.AddressGroup("address1", {
 *     name: "addr-1",
 *     description: "test",
 *     ipAddressBlockLists: [{
 *         ip: "10.0.0.0",
 *         prefixLength: 24,
 *     }],
 * });
 * const ad_group_user_1 = new nutanix.CategoryValue("ad-group-user-1", {
 *     name: "AD",
 *     description: "group user category value",
 *     value: "AD",
 * });
 * const VDI = new nutanix.NetworkSecurityRule("VDI", {
 *     name: "nsr-1",
 *     adRuleAction: "APPLY",
 *     description: "test",
 *     adRuleInboundAllowLists: [{
 *         ipSubnet: "10.0.0.0",
 *         ipSubnetPrefixLength: "8",
 *         peerSpecificationType: "IP_SUBNET",
 *         protocol: "ALL",
 *     }],
 *     adRuleTargetGroupDefaultInternalPolicy: "DENY_ALL",
 *     adRuleTargetGroupFilterKindLists: ["vm"],
 *     adRuleTargetGroupFilterParams: [{
 *         name: "AD",
 *         values: ["AD"],
 *     }],
 *     adRuleTargetGroupFilterType: "CATEGORIES_MATCH_ALL",
 *     adRuleTargetGroupPeerSpecificationType: "FILTER",
 *     adRuleOutboundAllowLists: [{
 *         peerSpecificationType: "ALL",
 *         serviceGroupLists: [{
 *             kind: "service_group",
 *             uuid: service1.id,
 *         }],
 *         addressGroupInclusionLists: [{
 *             kind: "address_group",
 *             uuid: address1.id,
 *         }],
 *     }],
 * }, {
 *     dependsOn: [ad_group_user_1],
 * });
 * ```
 * <!--End PulumiCodeChooser -->
 */
export declare class NetworkSecurityRule extends pulumi.CustomResource {
    /**
     * Get an existing NetworkSecurityRule resource's state with the given name, ID, and optional extra
     * properties used to qualify the lookup.
     *
     * @param name The _unique_ name of the resulting resource.
     * @param id The _unique_ provider ID of the resource to lookup.
     * @param state Any extra arguments used during the lookup.
     * @param opts Optional settings to control the behavior of the CustomResource.
     */
    static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkSecurityRuleState, opts?: pulumi.CustomResourceOptions): NetworkSecurityRule;
    /**
     * Returns true if the given object is an instance of NetworkSecurityRule.  This is designed to work even
     * when multiple copies of the Pulumi SDK have been loaded into the same process.
     */
    static isInstance(obj: any): obj is NetworkSecurityRule;
    /**
     * - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty<span pulumi-lang-nodejs=" inboundAllowList " pulumi-lang-dotnet=" InboundAllowList " pulumi-lang-go=" inboundAllowList " pulumi-lang-python=" inbound_allow_list " pulumi-lang-yaml=" inboundAllowList " pulumi-lang-java=" inboundAllowList " pulumi-lang-hcl=" inbound_allow_list "> inboundAllowList </span>will not anything into target group. Empty<span pulumi-lang-nodejs=" outboundAllowList " pulumi-lang-dotnet=" OutboundAllowList " pulumi-lang-go=" outboundAllowList " pulumi-lang-python=" outbound_allow_list " pulumi-lang-yaml=" outboundAllowList " pulumi-lang-java=" outboundAllowList " pulumi-lang-hcl=" outbound_allow_list "> outboundAllowList </span>will allow everything from target group.
     */
    readonly adRuleAction: pulumi.Output<string>;
    /**
     * - (Optional) The set of categories that matching VMs need to have.
     */
    readonly adRuleInboundAllowLists: pulumi.Output<outputs.NetworkSecurityRuleAdRuleInboundAllowList[]>;
    /**
     * - (Optional)
     */
    readonly adRuleOutboundAllowLists: pulumi.Output<outputs.NetworkSecurityRuleAdRuleOutboundAllowList[]>;
    /**
     * - (Optional) - Default policy for communication within target group.
     */
    readonly adRuleTargetGroupDefaultInternalPolicy: pulumi.Output<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    readonly adRuleTargetGroupFilterKindLists: pulumi.Output<string[]>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    readonly adRuleTargetGroupFilterParams: pulumi.Output<outputs.NetworkSecurityRuleAdRuleTargetGroupFilterParam[]>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    readonly adRuleTargetGroupFilterType: pulumi.Output<string>;
    /**
     * - (Optional) - Way to identify the object for which rule is applied.
     */
    readonly adRuleTargetGroupPeerSpecificationType: pulumi.Output<string | undefined>;
    readonly allowIpv6Traffic: pulumi.Output<boolean>;
    /**
     * The version of the API.
     */
    readonly apiVersion: pulumi.Output<string>;
    /**
     * - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty<span pulumi-lang-nodejs=" inboundAllowList " pulumi-lang-dotnet=" InboundAllowList " pulumi-lang-go=" inboundAllowList " pulumi-lang-python=" inbound_allow_list " pulumi-lang-yaml=" inboundAllowList " pulumi-lang-java=" inboundAllowList " pulumi-lang-hcl=" inbound_allow_list "> inboundAllowList </span>will not anything into target group. Empty<span pulumi-lang-nodejs=" outboundAllowList " pulumi-lang-dotnet=" OutboundAllowList " pulumi-lang-go=" outboundAllowList " pulumi-lang-python=" outbound_allow_list " pulumi-lang-yaml=" outboundAllowList " pulumi-lang-java=" outboundAllowList " pulumi-lang-hcl=" outbound_allow_list "> outboundAllowList </span>will allow everything from target group.
     */
    readonly appRuleAction: pulumi.Output<string>;
    /**
     * - (Optional) The set of categories that matching VMs need to have.
     */
    readonly appRuleInboundAllowLists: pulumi.Output<outputs.NetworkSecurityRuleAppRuleInboundAllowList[]>;
    /**
     * - (Optional)
     */
    readonly appRuleOutboundAllowLists: pulumi.Output<outputs.NetworkSecurityRuleAppRuleOutboundAllowList[]>;
    /**
     * - (Optional) - Default policy for communication within target group.
     */
    readonly appRuleTargetGroupDefaultInternalPolicy: pulumi.Output<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    readonly appRuleTargetGroupFilterKindLists: pulumi.Output<string[]>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    readonly appRuleTargetGroupFilterParams: pulumi.Output<outputs.NetworkSecurityRuleAppRuleTargetGroupFilterParam[]>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    readonly appRuleTargetGroupFilterType: pulumi.Output<string>;
    /**
     * - (Optional) - Way to identify the object for which rule is applied.
     */
    readonly appRuleTargetGroupPeerSpecificationType: pulumi.Output<string | undefined>;
    /**
     * - (Optional) Categories for the network_security_rule.
     */
    readonly categories: pulumi.Output<outputs.NetworkSecurityRuleCategory[]>;
    /**
     * - (Optional) A description for network_security_rule.
     */
    readonly description: pulumi.Output<string>;
    readonly isPolicyHitlogEnabled: pulumi.Output<boolean>;
    /**
     * - (Optional) - These rules are used for environmental isolation.
     */
    readonly isolationRuleAction: pulumi.Output<string>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    readonly isolationRuleFirstEntityFilterKindLists: pulumi.Output<string[]>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    readonly isolationRuleFirstEntityFilterParams: pulumi.Output<outputs.NetworkSecurityRuleIsolationRuleFirstEntityFilterParam[]>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    readonly isolationRuleFirstEntityFilterType: pulumi.Output<string>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    readonly isolationRuleSecondEntityFilterKindLists: pulumi.Output<string[]>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    readonly isolationRuleSecondEntityFilterParams: pulumi.Output<outputs.NetworkSecurityRuleIsolationRuleSecondEntityFilterParam[]>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    readonly isolationRuleSecondEntityFilterType: pulumi.Output<string>;
    /**
     * - The<span pulumi-lang-nodejs=" networkSecurityRule " pulumi-lang-dotnet=" NetworkSecurityRule " pulumi-lang-go=" networkSecurityRule " pulumi-lang-python=" network_security_rule " pulumi-lang-yaml=" networkSecurityRule " pulumi-lang-java=" networkSecurityRule " pulumi-lang-hcl=" network_security_rule "> networkSecurityRule </span>kind metadata.
     */
    readonly metadata: pulumi.Output<{
        [key: string]: string;
    }>;
    /**
     * - (Required) The name for the network_security_rule.
     */
    readonly name: pulumi.Output<string>;
    /**
     * - (Optional) The reference to a user.
     */
    readonly ownerReference: pulumi.Output<{
        [key: string]: string;
    }>;
    /**
     * - (Optional) The reference to a project.
     */
    readonly projectReference: pulumi.Output<{
        [key: string]: string;
    }>;
    /**
     * Create a NetworkSecurityRule resource with the given unique name, arguments, and options.
     *
     * @param name The _unique_ name of the resource.
     * @param args The arguments to use to populate this resource's properties.
     * @param opts A bag of options that control this resource's behavior.
     */
    constructor(name: string, args?: NetworkSecurityRuleArgs, opts?: pulumi.CustomResourceOptions);
}
/**
 * Input properties used for looking up and filtering NetworkSecurityRule resources.
 */
export interface NetworkSecurityRuleState {
    /**
     * - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty<span pulumi-lang-nodejs=" inboundAllowList " pulumi-lang-dotnet=" InboundAllowList " pulumi-lang-go=" inboundAllowList " pulumi-lang-python=" inbound_allow_list " pulumi-lang-yaml=" inboundAllowList " pulumi-lang-java=" inboundAllowList " pulumi-lang-hcl=" inbound_allow_list "> inboundAllowList </span>will not anything into target group. Empty<span pulumi-lang-nodejs=" outboundAllowList " pulumi-lang-dotnet=" OutboundAllowList " pulumi-lang-go=" outboundAllowList " pulumi-lang-python=" outbound_allow_list " pulumi-lang-yaml=" outboundAllowList " pulumi-lang-java=" outboundAllowList " pulumi-lang-hcl=" outbound_allow_list "> outboundAllowList </span>will allow everything from target group.
     */
    adRuleAction?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) The set of categories that matching VMs need to have.
     */
    adRuleInboundAllowLists?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAdRuleInboundAllowList>[] | undefined>;
    /**
     * - (Optional)
     */
    adRuleOutboundAllowLists?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAdRuleOutboundAllowList>[] | undefined>;
    /**
     * - (Optional) - Default policy for communication within target group.
     */
    adRuleTargetGroupDefaultInternalPolicy?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    adRuleTargetGroupFilterKindLists?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    adRuleTargetGroupFilterParams?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAdRuleTargetGroupFilterParam>[] | undefined>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    adRuleTargetGroupFilterType?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - Way to identify the object for which rule is applied.
     */
    adRuleTargetGroupPeerSpecificationType?: pulumi.Input<string | undefined>;
    allowIpv6Traffic?: pulumi.Input<boolean | undefined>;
    /**
     * The version of the API.
     */
    apiVersion?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty<span pulumi-lang-nodejs=" inboundAllowList " pulumi-lang-dotnet=" InboundAllowList " pulumi-lang-go=" inboundAllowList " pulumi-lang-python=" inbound_allow_list " pulumi-lang-yaml=" inboundAllowList " pulumi-lang-java=" inboundAllowList " pulumi-lang-hcl=" inbound_allow_list "> inboundAllowList </span>will not anything into target group. Empty<span pulumi-lang-nodejs=" outboundAllowList " pulumi-lang-dotnet=" OutboundAllowList " pulumi-lang-go=" outboundAllowList " pulumi-lang-python=" outbound_allow_list " pulumi-lang-yaml=" outboundAllowList " pulumi-lang-java=" outboundAllowList " pulumi-lang-hcl=" outbound_allow_list "> outboundAllowList </span>will allow everything from target group.
     */
    appRuleAction?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) The set of categories that matching VMs need to have.
     */
    appRuleInboundAllowLists?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAppRuleInboundAllowList>[] | undefined>;
    /**
     * - (Optional)
     */
    appRuleOutboundAllowLists?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAppRuleOutboundAllowList>[] | undefined>;
    /**
     * - (Optional) - Default policy for communication within target group.
     */
    appRuleTargetGroupDefaultInternalPolicy?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    appRuleTargetGroupFilterKindLists?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    appRuleTargetGroupFilterParams?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAppRuleTargetGroupFilterParam>[] | undefined>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    appRuleTargetGroupFilterType?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - Way to identify the object for which rule is applied.
     */
    appRuleTargetGroupPeerSpecificationType?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) Categories for the network_security_rule.
     */
    categories?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleCategory>[] | undefined>;
    /**
     * - (Optional) A description for network_security_rule.
     */
    description?: pulumi.Input<string | undefined>;
    isPolicyHitlogEnabled?: pulumi.Input<boolean | undefined>;
    /**
     * - (Optional) - These rules are used for environmental isolation.
     */
    isolationRuleAction?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    isolationRuleFirstEntityFilterKindLists?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    isolationRuleFirstEntityFilterParams?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleIsolationRuleFirstEntityFilterParam>[] | undefined>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    isolationRuleFirstEntityFilterType?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    isolationRuleSecondEntityFilterKindLists?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    isolationRuleSecondEntityFilterParams?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleIsolationRuleSecondEntityFilterParam>[] | undefined>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    isolationRuleSecondEntityFilterType?: pulumi.Input<string | undefined>;
    /**
     * - The<span pulumi-lang-nodejs=" networkSecurityRule " pulumi-lang-dotnet=" NetworkSecurityRule " pulumi-lang-go=" networkSecurityRule " pulumi-lang-python=" network_security_rule " pulumi-lang-yaml=" networkSecurityRule " pulumi-lang-java=" networkSecurityRule " pulumi-lang-hcl=" network_security_rule "> networkSecurityRule </span>kind metadata.
     */
    metadata?: pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    } | undefined>;
    /**
     * - (Required) The name for the network_security_rule.
     */
    name?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) The reference to a user.
     */
    ownerReference?: pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    } | undefined>;
    /**
     * - (Optional) The reference to a project.
     */
    projectReference?: pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    } | undefined>;
}
/**
 * The set of arguments for constructing a NetworkSecurityRule resource.
 */
export interface NetworkSecurityRuleArgs {
    /**
     * - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty<span pulumi-lang-nodejs=" inboundAllowList " pulumi-lang-dotnet=" InboundAllowList " pulumi-lang-go=" inboundAllowList " pulumi-lang-python=" inbound_allow_list " pulumi-lang-yaml=" inboundAllowList " pulumi-lang-java=" inboundAllowList " pulumi-lang-hcl=" inbound_allow_list "> inboundAllowList </span>will not anything into target group. Empty<span pulumi-lang-nodejs=" outboundAllowList " pulumi-lang-dotnet=" OutboundAllowList " pulumi-lang-go=" outboundAllowList " pulumi-lang-python=" outbound_allow_list " pulumi-lang-yaml=" outboundAllowList " pulumi-lang-java=" outboundAllowList " pulumi-lang-hcl=" outbound_allow_list "> outboundAllowList </span>will allow everything from target group.
     */
    adRuleAction?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) The set of categories that matching VMs need to have.
     */
    adRuleInboundAllowLists?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAdRuleInboundAllowList>[] | undefined>;
    /**
     * - (Optional)
     */
    adRuleOutboundAllowLists?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAdRuleOutboundAllowList>[] | undefined>;
    /**
     * - (Optional) - Default policy for communication within target group.
     */
    adRuleTargetGroupDefaultInternalPolicy?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    adRuleTargetGroupFilterKindLists?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    adRuleTargetGroupFilterParams?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAdRuleTargetGroupFilterParam>[] | undefined>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    adRuleTargetGroupFilterType?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - Way to identify the object for which rule is applied.
     */
    adRuleTargetGroupPeerSpecificationType?: pulumi.Input<string | undefined>;
    allowIpv6Traffic?: pulumi.Input<boolean | undefined>;
    /**
     * - (Optional) - These rules govern what flows are allowed. Target group is a required attribute. Empty<span pulumi-lang-nodejs=" inboundAllowList " pulumi-lang-dotnet=" InboundAllowList " pulumi-lang-go=" inboundAllowList " pulumi-lang-python=" inbound_allow_list " pulumi-lang-yaml=" inboundAllowList " pulumi-lang-java=" inboundAllowList " pulumi-lang-hcl=" inbound_allow_list "> inboundAllowList </span>will not anything into target group. Empty<span pulumi-lang-nodejs=" outboundAllowList " pulumi-lang-dotnet=" OutboundAllowList " pulumi-lang-go=" outboundAllowList " pulumi-lang-python=" outbound_allow_list " pulumi-lang-yaml=" outboundAllowList " pulumi-lang-java=" outboundAllowList " pulumi-lang-hcl=" outbound_allow_list "> outboundAllowList </span>will allow everything from target group.
     */
    appRuleAction?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) The set of categories that matching VMs need to have.
     */
    appRuleInboundAllowLists?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAppRuleInboundAllowList>[] | undefined>;
    /**
     * - (Optional)
     */
    appRuleOutboundAllowLists?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAppRuleOutboundAllowList>[] | undefined>;
    /**
     * - (Optional) - Default policy for communication within target group.
     */
    appRuleTargetGroupDefaultInternalPolicy?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    appRuleTargetGroupFilterKindLists?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    appRuleTargetGroupFilterParams?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleAppRuleTargetGroupFilterParam>[] | undefined>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    appRuleTargetGroupFilterType?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - Way to identify the object for which rule is applied.
     */
    appRuleTargetGroupPeerSpecificationType?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) Categories for the network_security_rule.
     */
    categories?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleCategory>[] | undefined>;
    /**
     * - (Optional) A description for network_security_rule.
     */
    description?: pulumi.Input<string | undefined>;
    isPolicyHitlogEnabled?: pulumi.Input<boolean | undefined>;
    /**
     * - (Optional) - These rules are used for environmental isolation.
     */
    isolationRuleAction?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    isolationRuleFirstEntityFilterKindLists?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    isolationRuleFirstEntityFilterParams?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleIsolationRuleFirstEntityFilterParam>[] | undefined>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    isolationRuleFirstEntityFilterType?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) - List of kinds associated with this filter.
     */
    isolationRuleSecondEntityFilterKindLists?: pulumi.Input<pulumi.Input<string>[] | undefined>;
    /**
     * - (Optional) - A list of category key and list of values.
     */
    isolationRuleSecondEntityFilterParams?: pulumi.Input<pulumi.Input<inputs.NetworkSecurityRuleIsolationRuleSecondEntityFilterParam>[] | undefined>;
    /**
     * - (Optional) - The type of the filter being used.
     */
    isolationRuleSecondEntityFilterType?: pulumi.Input<string | undefined>;
    /**
     * - (Required) The name for the network_security_rule.
     */
    name?: pulumi.Input<string | undefined>;
    /**
     * - (Optional) The reference to a user.
     */
    ownerReference?: pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    } | undefined>;
    /**
     * - (Optional) The reference to a project.
     */
    projectReference?: pulumi.Input<{
        [key: string]: pulumi.Input<string>;
    } | undefined>;
}
//# sourceMappingURL=networkSecurityRule.d.ts.map