fortios.authentication.Rule
Explore with Pulumi AI
Configure Authentication Rules.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";
const trname = new fortios.authentication.Rule("trname", {
ipBased: "enable",
protocol: "ftp",
status: "enable",
transactionBased: "disable",
webAuthCookie: "disable",
});
import pulumi
import pulumiverse_fortios as fortios
trname = fortios.authentication.Rule("trname",
ip_based="enable",
protocol="ftp",
status="enable",
transaction_based="disable",
web_auth_cookie="disable")
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/authentication"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := authentication.NewRule(ctx, "trname", &authentication.RuleArgs{
IpBased: pulumi.String("enable"),
Protocol: pulumi.String("ftp"),
Status: pulumi.String("enable"),
TransactionBased: pulumi.String("disable"),
WebAuthCookie: pulumi.String("disable"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;
return await Deployment.RunAsync(() =>
{
var trname = new Fortios.Authentication.Rule("trname", new()
{
IpBased = "enable",
Protocol = "ftp",
Status = "enable",
TransactionBased = "disable",
WebAuthCookie = "disable",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.authentication.Rule;
import com.pulumi.fortios.authentication.RuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var trname = new Rule("trname", RuleArgs.builder()
.ipBased("enable")
.protocol("ftp")
.status("enable")
.transactionBased("disable")
.webAuthCookie("disable")
.build());
}
}
resources:
trname:
type: fortios:authentication:Rule
properties:
ipBased: enable
protocol: ftp
status: enable
transactionBased: disable
webAuthCookie: disable
Create Rule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Rule(name: string, args?: RuleArgs, opts?: CustomResourceOptions);
@overload
def Rule(resource_name: str,
args: Optional[RuleArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Rule(resource_name: str,
opts: Optional[ResourceOptions] = None,
active_auth_method: Optional[str] = None,
cert_auth_cookie: Optional[str] = None,
comments: Optional[str] = None,
cors_depth: Optional[int] = None,
cors_stateful: Optional[str] = None,
dstaddr6s: Optional[Sequence[RuleDstaddr6Args]] = None,
dstaddrs: Optional[Sequence[RuleDstaddrArgs]] = None,
dynamic_sort_subtable: Optional[str] = None,
get_all_tables: Optional[str] = None,
ip_based: Optional[str] = None,
name: Optional[str] = None,
protocol: Optional[str] = None,
srcaddr6s: Optional[Sequence[RuleSrcaddr6Args]] = None,
srcaddrs: Optional[Sequence[RuleSrcaddrArgs]] = None,
srcintfs: Optional[Sequence[RuleSrcintfArgs]] = None,
sso_auth_method: Optional[str] = None,
status: Optional[str] = None,
transaction_based: Optional[str] = None,
vdomparam: Optional[str] = None,
web_auth_cookie: Optional[str] = None,
web_portal: Optional[str] = None)
func NewRule(ctx *Context, name string, args *RuleArgs, opts ...ResourceOption) (*Rule, error)
public Rule(string name, RuleArgs? args = null, CustomResourceOptions? opts = null)
type: fortios:authentication:Rule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var ruleResource = new Fortios.Authentication.Rule("ruleResource", new()
{
ActiveAuthMethod = "string",
CertAuthCookie = "string",
Comments = "string",
CorsDepth = 0,
CorsStateful = "string",
Dstaddr6s = new[]
{
new Fortios.Authentication.Inputs.RuleDstaddr6Args
{
Name = "string",
},
},
Dstaddrs = new[]
{
new Fortios.Authentication.Inputs.RuleDstaddrArgs
{
Name = "string",
},
},
DynamicSortSubtable = "string",
GetAllTables = "string",
IpBased = "string",
Name = "string",
Protocol = "string",
Srcaddr6s = new[]
{
new Fortios.Authentication.Inputs.RuleSrcaddr6Args
{
Name = "string",
},
},
Srcaddrs = new[]
{
new Fortios.Authentication.Inputs.RuleSrcaddrArgs
{
Name = "string",
},
},
Srcintfs = new[]
{
new Fortios.Authentication.Inputs.RuleSrcintfArgs
{
Name = "string",
},
},
SsoAuthMethod = "string",
Status = "string",
TransactionBased = "string",
Vdomparam = "string",
WebAuthCookie = "string",
WebPortal = "string",
});
example, err := authentication.NewRule(ctx, "ruleResource", &authentication.RuleArgs{
ActiveAuthMethod: pulumi.String("string"),
CertAuthCookie: pulumi.String("string"),
Comments: pulumi.String("string"),
CorsDepth: pulumi.Int(0),
CorsStateful: pulumi.String("string"),
Dstaddr6s: authentication.RuleDstaddr6Array{
&authentication.RuleDstaddr6Args{
Name: pulumi.String("string"),
},
},
Dstaddrs: authentication.RuleDstaddrArray{
&authentication.RuleDstaddrArgs{
Name: pulumi.String("string"),
},
},
DynamicSortSubtable: pulumi.String("string"),
GetAllTables: pulumi.String("string"),
IpBased: pulumi.String("string"),
Name: pulumi.String("string"),
Protocol: pulumi.String("string"),
Srcaddr6s: authentication.RuleSrcaddr6Array{
&authentication.RuleSrcaddr6Args{
Name: pulumi.String("string"),
},
},
Srcaddrs: authentication.RuleSrcaddrArray{
&authentication.RuleSrcaddrArgs{
Name: pulumi.String("string"),
},
},
Srcintfs: authentication.RuleSrcintfArray{
&authentication.RuleSrcintfArgs{
Name: pulumi.String("string"),
},
},
SsoAuthMethod: pulumi.String("string"),
Status: pulumi.String("string"),
TransactionBased: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
WebAuthCookie: pulumi.String("string"),
WebPortal: pulumi.String("string"),
})
var ruleResource = new Rule("ruleResource", RuleArgs.builder()
.activeAuthMethod("string")
.certAuthCookie("string")
.comments("string")
.corsDepth(0)
.corsStateful("string")
.dstaddr6s(RuleDstaddr6Args.builder()
.name("string")
.build())
.dstaddrs(RuleDstaddrArgs.builder()
.name("string")
.build())
.dynamicSortSubtable("string")
.getAllTables("string")
.ipBased("string")
.name("string")
.protocol("string")
.srcaddr6s(RuleSrcaddr6Args.builder()
.name("string")
.build())
.srcaddrs(RuleSrcaddrArgs.builder()
.name("string")
.build())
.srcintfs(RuleSrcintfArgs.builder()
.name("string")
.build())
.ssoAuthMethod("string")
.status("string")
.transactionBased("string")
.vdomparam("string")
.webAuthCookie("string")
.webPortal("string")
.build());
rule_resource = fortios.authentication.Rule("ruleResource",
active_auth_method="string",
cert_auth_cookie="string",
comments="string",
cors_depth=0,
cors_stateful="string",
dstaddr6s=[{
"name": "string",
}],
dstaddrs=[{
"name": "string",
}],
dynamic_sort_subtable="string",
get_all_tables="string",
ip_based="string",
name="string",
protocol="string",
srcaddr6s=[{
"name": "string",
}],
srcaddrs=[{
"name": "string",
}],
srcintfs=[{
"name": "string",
}],
sso_auth_method="string",
status="string",
transaction_based="string",
vdomparam="string",
web_auth_cookie="string",
web_portal="string")
const ruleResource = new fortios.authentication.Rule("ruleResource", {
activeAuthMethod: "string",
certAuthCookie: "string",
comments: "string",
corsDepth: 0,
corsStateful: "string",
dstaddr6s: [{
name: "string",
}],
dstaddrs: [{
name: "string",
}],
dynamicSortSubtable: "string",
getAllTables: "string",
ipBased: "string",
name: "string",
protocol: "string",
srcaddr6s: [{
name: "string",
}],
srcaddrs: [{
name: "string",
}],
srcintfs: [{
name: "string",
}],
ssoAuthMethod: "string",
status: "string",
transactionBased: "string",
vdomparam: "string",
webAuthCookie: "string",
webPortal: "string",
});
type: fortios:authentication:Rule
properties:
activeAuthMethod: string
certAuthCookie: string
comments: string
corsDepth: 0
corsStateful: string
dstaddr6s:
- name: string
dstaddrs:
- name: string
dynamicSortSubtable: string
getAllTables: string
ipBased: string
name: string
protocol: string
srcaddr6s:
- name: string
srcaddrs:
- name: string
srcintfs:
- name: string
ssoAuthMethod: string
status: string
transactionBased: string
vdomparam: string
webAuthCookie: string
webPortal: string
Rule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Rule resource accepts the following input properties:
- Active
Auth stringMethod - Select an active authentication method.
- string
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - Comments string
- Comment.
- Cors
Depth int - Depth to allow CORS access (default = 3).
- Cors
Stateful string - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - Dstaddr6s
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Dstaddr6> - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - Dstaddrs
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Dstaddr> - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Ip
Based string - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - Name string
- Authentication rule name.
- Protocol string
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - Srcaddr6s
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Srcaddr6> - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - Srcaddrs
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Srcaddr> - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - Srcintfs
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Srcintf> - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - Sso
Auth stringMethod - Select a single-sign on (SSO) authentication method.
- Status string
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - Transaction
Based string - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- string
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - Web
Portal string - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- Active
Auth stringMethod - Select an active authentication method.
- string
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - Comments string
- Comment.
- Cors
Depth int - Depth to allow CORS access (default = 3).
- Cors
Stateful string - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - Dstaddr6s
[]Rule
Dstaddr6Args - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - Dstaddrs
[]Rule
Dstaddr Args - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Ip
Based string - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - Name string
- Authentication rule name.
- Protocol string
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - Srcaddr6s
[]Rule
Srcaddr6Args - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - Srcaddrs
[]Rule
Srcaddr Args - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - Srcintfs
[]Rule
Srcintf Args - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - Sso
Auth stringMethod - Select a single-sign on (SSO) authentication method.
- Status string
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - Transaction
Based string - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- string
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - Web
Portal string - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- active
Auth StringMethod - Select an active authentication method.
- String
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - comments String
- Comment.
- cors
Depth Integer - Depth to allow CORS access (default = 3).
- cors
Stateful String - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - dstaddr6s
List<Rule
Dstaddr6> - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - dstaddrs
List<Rule
Dstaddr> - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ip
Based String - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - name String
- Authentication rule name.
- protocol String
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - srcaddr6s
List<Rule
Srcaddr6> - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - srcaddrs
List<Rule
Srcaddr> - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - srcintfs
List<Rule
Srcintf> - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - sso
Auth StringMethod - Select a single-sign on (SSO) authentication method.
- status String
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - transaction
Based String - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- String
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - web
Portal String - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- active
Auth stringMethod - Select an active authentication method.
- string
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - comments string
- Comment.
- cors
Depth number - Depth to allow CORS access (default = 3).
- cors
Stateful string - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - dstaddr6s
Rule
Dstaddr6[] - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - dstaddrs
Rule
Dstaddr[] - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ip
Based string - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - name string
- Authentication rule name.
- protocol string
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - srcaddr6s
Rule
Srcaddr6[] - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - srcaddrs
Rule
Srcaddr[] - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - srcintfs
Rule
Srcintf[] - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - sso
Auth stringMethod - Select a single-sign on (SSO) authentication method.
- status string
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - transaction
Based string - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- string
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - web
Portal string - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- active_
auth_ strmethod - Select an active authentication method.
- str
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - comments str
- Comment.
- cors_
depth int - Depth to allow CORS access (default = 3).
- cors_
stateful str - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - dstaddr6s
Sequence[Rule
Dstaddr6Args] - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - dstaddrs
Sequence[Rule
Dstaddr Args] - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ip_
based str - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - name str
- Authentication rule name.
- protocol str
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - srcaddr6s
Sequence[Rule
Srcaddr6Args] - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - srcaddrs
Sequence[Rule
Srcaddr Args] - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - srcintfs
Sequence[Rule
Srcintf Args] - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - sso_
auth_ strmethod - Select a single-sign on (SSO) authentication method.
- status str
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - transaction_
based str - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- str
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - web_
portal str - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- active
Auth StringMethod - Select an active authentication method.
- String
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - comments String
- Comment.
- cors
Depth Number - Depth to allow CORS access (default = 3).
- cors
Stateful String - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - dstaddr6s List<Property Map>
- Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - dstaddrs List<Property Map>
- Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ip
Based String - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - name String
- Authentication rule name.
- protocol String
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - srcaddr6s List<Property Map>
- Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - srcaddrs List<Property Map>
- Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - srcintfs List<Property Map>
- Incoming (ingress) interface. The structure of
srcintf
block is documented below. - sso
Auth StringMethod - Select a single-sign on (SSO) authentication method.
- status String
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - transaction
Based String - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- String
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - web
Portal String - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
Outputs
All input properties are implicitly available as output properties. Additionally, the Rule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Rule Resource
Get an existing Rule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RuleState, opts?: CustomResourceOptions): Rule
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
active_auth_method: Optional[str] = None,
cert_auth_cookie: Optional[str] = None,
comments: Optional[str] = None,
cors_depth: Optional[int] = None,
cors_stateful: Optional[str] = None,
dstaddr6s: Optional[Sequence[RuleDstaddr6Args]] = None,
dstaddrs: Optional[Sequence[RuleDstaddrArgs]] = None,
dynamic_sort_subtable: Optional[str] = None,
get_all_tables: Optional[str] = None,
ip_based: Optional[str] = None,
name: Optional[str] = None,
protocol: Optional[str] = None,
srcaddr6s: Optional[Sequence[RuleSrcaddr6Args]] = None,
srcaddrs: Optional[Sequence[RuleSrcaddrArgs]] = None,
srcintfs: Optional[Sequence[RuleSrcintfArgs]] = None,
sso_auth_method: Optional[str] = None,
status: Optional[str] = None,
transaction_based: Optional[str] = None,
vdomparam: Optional[str] = None,
web_auth_cookie: Optional[str] = None,
web_portal: Optional[str] = None) -> Rule
func GetRule(ctx *Context, name string, id IDInput, state *RuleState, opts ...ResourceOption) (*Rule, error)
public static Rule Get(string name, Input<string> id, RuleState? state, CustomResourceOptions? opts = null)
public static Rule get(String name, Output<String> id, RuleState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Active
Auth stringMethod - Select an active authentication method.
- string
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - Comments string
- Comment.
- Cors
Depth int - Depth to allow CORS access (default = 3).
- Cors
Stateful string - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - Dstaddr6s
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Dstaddr6> - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - Dstaddrs
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Dstaddr> - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Ip
Based string - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - Name string
- Authentication rule name.
- Protocol string
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - Srcaddr6s
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Srcaddr6> - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - Srcaddrs
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Srcaddr> - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - Srcintfs
List<Pulumiverse.
Fortios. Authentication. Inputs. Rule Srcintf> - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - Sso
Auth stringMethod - Select a single-sign on (SSO) authentication method.
- Status string
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - Transaction
Based string - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- string
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - Web
Portal string - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- Active
Auth stringMethod - Select an active authentication method.
- string
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - Comments string
- Comment.
- Cors
Depth int - Depth to allow CORS access (default = 3).
- Cors
Stateful string - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - Dstaddr6s
[]Rule
Dstaddr6Args - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - Dstaddrs
[]Rule
Dstaddr Args - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Ip
Based string - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - Name string
- Authentication rule name.
- Protocol string
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - Srcaddr6s
[]Rule
Srcaddr6Args - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - Srcaddrs
[]Rule
Srcaddr Args - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - Srcintfs
[]Rule
Srcintf Args - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - Sso
Auth stringMethod - Select a single-sign on (SSO) authentication method.
- Status string
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - Transaction
Based string - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- string
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - Web
Portal string - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- active
Auth StringMethod - Select an active authentication method.
- String
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - comments String
- Comment.
- cors
Depth Integer - Depth to allow CORS access (default = 3).
- cors
Stateful String - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - dstaddr6s
List<Rule
Dstaddr6> - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - dstaddrs
List<Rule
Dstaddr> - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ip
Based String - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - name String
- Authentication rule name.
- protocol String
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - srcaddr6s
List<Rule
Srcaddr6> - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - srcaddrs
List<Rule
Srcaddr> - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - srcintfs
List<Rule
Srcintf> - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - sso
Auth StringMethod - Select a single-sign on (SSO) authentication method.
- status String
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - transaction
Based String - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- String
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - web
Portal String - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- active
Auth stringMethod - Select an active authentication method.
- string
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - comments string
- Comment.
- cors
Depth number - Depth to allow CORS access (default = 3).
- cors
Stateful string - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - dstaddr6s
Rule
Dstaddr6[] - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - dstaddrs
Rule
Dstaddr[] - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ip
Based string - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - name string
- Authentication rule name.
- protocol string
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - srcaddr6s
Rule
Srcaddr6[] - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - srcaddrs
Rule
Srcaddr[] - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - srcintfs
Rule
Srcintf[] - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - sso
Auth stringMethod - Select a single-sign on (SSO) authentication method.
- status string
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - transaction
Based string - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- string
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - web
Portal string - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- active_
auth_ strmethod - Select an active authentication method.
- str
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - comments str
- Comment.
- cors_
depth int - Depth to allow CORS access (default = 3).
- cors_
stateful str - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - dstaddr6s
Sequence[Rule
Dstaddr6Args] - Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - dstaddrs
Sequence[Rule
Dstaddr Args] - Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ip_
based str - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - name str
- Authentication rule name.
- protocol str
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - srcaddr6s
Sequence[Rule
Srcaddr6Args] - Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - srcaddrs
Sequence[Rule
Srcaddr Args] - Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - srcintfs
Sequence[Rule
Srcintf Args] - Incoming (ingress) interface. The structure of
srcintf
block is documented below. - sso_
auth_ strmethod - Select a single-sign on (SSO) authentication method.
- status str
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - transaction_
based str - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- str
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - web_
portal str - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
- active
Auth StringMethod - Select an active authentication method.
- String
- Enable/disable to use device certificate as authentication cookie (default = enable). Valid values:
enable
,disable
. - comments String
- Comment.
- cors
Depth Number - Depth to allow CORS access (default = 3).
- cors
Stateful String - Enable/disable allowance of CORS access (default = disable). Valid values:
enable
,disable
. - dstaddr6s List<Property Map>
- Select an IPv6 destination address from available options. Required for web proxy authentication. The structure of
dstaddr6
block is documented below. - dstaddrs List<Property Map>
- Select an IPv4 destination address from available options. Required for web proxy authentication. The structure of
dstaddr
block is documented below. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ip
Based String - Enable/disable IP-based authentication. Once a user authenticates all traffic from the IP address the user authenticated from is allowed. Valid values:
enable
,disable
. - name String
- Authentication rule name.
- protocol String
- Authentication is required for the selected protocol (default = http). Valid values:
http
,ftp
,socks
,ssh
. - srcaddr6s List<Property Map>
- Select an IPv6 source address. Required for web proxy authentication. The structure of
srcaddr6
block is documented below. - srcaddrs List<Property Map>
- Select an IPv4 source address from available options. Required for web proxy authentication. The structure of
srcaddr
block is documented below. - srcintfs List<Property Map>
- Incoming (ingress) interface. The structure of
srcintf
block is documented below. - sso
Auth StringMethod - Select a single-sign on (SSO) authentication method.
- status String
- Enable/disable this authentication rule. Valid values:
enable
,disable
. - transaction
Based String - Enable/disable transaction based authentication (default = disable). Valid values:
enable
,disable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- String
- Enable/disable Web authentication cookies (default = disable). Valid values:
enable
,disable
. - web
Portal String - Enable/disable web portal for proxy transparent policy (default = enable). Valid values:
enable
,disable
.
Supporting Types
RuleDstaddr, RuleDstaddrArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
RuleDstaddr6, RuleDstaddr6Args
- Name string
- Authentication rule name.
- Name string
- Authentication rule name.
- name String
- Authentication rule name.
- name string
- Authentication rule name.
- name str
- Authentication rule name.
- name String
- Authentication rule name.
RuleSrcaddr, RuleSrcaddrArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
RuleSrcaddr6, RuleSrcaddr6Args
- Name string
- Authentication rule name.
- Name string
- Authentication rule name.
- name String
- Authentication rule name.
- name string
- Authentication rule name.
- name str
- Authentication rule name.
- name String
- Authentication rule name.
RuleSrcintf, RuleSrcintfArgs
- Name string
- Interface name.
- Name string
- Interface name.
- name String
- Interface name.
- name string
- Interface name.
- name str
- Interface name.
- name String
- Interface name.
Import
Authentication Rule can be imported using any of these accepted formats:
$ pulumi import fortios:authentication/rule:Rule labelname {{name}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:authentication/rule:Rule labelname {{name}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.