fortios.firewall.Accessproxy
Explore with Pulumi AI
Configure IPv4 access proxy. Applies to FortiOS Version >= 7.0.1
.
Create Accessproxy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Accessproxy(name: string, args?: AccessproxyArgs, opts?: CustomResourceOptions);
@overload
def Accessproxy(resource_name: str,
args: Optional[AccessproxyArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Accessproxy(resource_name: str,
opts: Optional[ResourceOptions] = None,
add_vhost_domain_to_dnsdb: Optional[str] = None,
api_gateway6s: Optional[Sequence[AccessproxyApiGateway6Args]] = None,
api_gateways: Optional[Sequence[AccessproxyApiGatewayArgs]] = None,
auth_portal: Optional[str] = None,
auth_virtual_host: Optional[str] = None,
client_cert: Optional[str] = None,
decrypted_traffic_mirror: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
empty_cert_action: Optional[str] = None,
get_all_tables: Optional[str] = None,
http_supported_max_version: Optional[str] = None,
log_blocked_traffic: Optional[str] = None,
name: Optional[str] = None,
svr_pool_multiplex: Optional[str] = None,
svr_pool_server_max_concurrent_request: Optional[int] = None,
svr_pool_server_max_request: Optional[int] = None,
svr_pool_ttl: Optional[int] = None,
user_agent_detect: Optional[str] = None,
vdomparam: Optional[str] = None,
vip: Optional[str] = None)
func NewAccessproxy(ctx *Context, name string, args *AccessproxyArgs, opts ...ResourceOption) (*Accessproxy, error)
public Accessproxy(string name, AccessproxyArgs? args = null, CustomResourceOptions? opts = null)
public Accessproxy(String name, AccessproxyArgs args)
public Accessproxy(String name, AccessproxyArgs args, CustomResourceOptions options)
type: fortios:firewall:Accessproxy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AccessproxyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AccessproxyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AccessproxyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AccessproxyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AccessproxyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var accessproxyResource = new Fortios.Firewall.Accessproxy("accessproxyResource", new()
{
AddVhostDomainToDnsdb = "string",
ApiGateway6s = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGateway6Args
{
Applications = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGateway6ApplicationArgs
{
Name = "string",
},
},
H2Support = "string",
H3Support = "string",
HttpCookieAge = 0,
HttpCookieDomain = "string",
HttpCookieDomainFromHost = "string",
HttpCookieGeneration = 0,
HttpCookiePath = "string",
HttpCookieShare = "string",
HttpsCookieSecure = "string",
Id = 0,
LdbMethod = "string",
Persistence = "string",
Quic = new Fortios.Firewall.Inputs.AccessproxyApiGateway6QuicArgs
{
AckDelayExponent = 0,
ActiveConnectionIdLimit = 0,
ActiveMigration = "string",
GreaseQuicBit = "string",
MaxAckDelay = 0,
MaxDatagramFrameSize = 0,
MaxIdleTimeout = 0,
MaxUdpPayloadSize = 0,
},
Realservers = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGateway6RealserverArgs
{
AddrType = "string",
Address = "string",
Domain = "string",
ExternalAuth = "string",
HealthCheck = "string",
HealthCheckProto = "string",
HolddownInterval = "string",
HttpHost = "string",
Id = 0,
Ip = "string",
Mappedport = "string",
Port = 0,
SshClientCert = "string",
SshHostKeyValidation = "string",
SshHostKeys = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGateway6RealserverSshHostKeyArgs
{
Name = "string",
},
},
Status = "string",
TranslateHost = "string",
TunnelEncryption = "string",
Type = "string",
Weight = 0,
},
},
SamlRedirect = "string",
SamlServer = "string",
Service = "string",
SslAlgorithm = "string",
SslCipherSuites = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGateway6SslCipherSuiteArgs
{
Cipher = "string",
Priority = 0,
Versions = "string",
},
},
SslDhBits = "string",
SslMaxVersion = "string",
SslMinVersion = "string",
SslRenegotiation = "string",
SslVpnWebPortal = "string",
UrlMap = "string",
UrlMapType = "string",
VirtualHost = "string",
},
},
ApiGateways = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGatewayArgs
{
Applications = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGatewayApplicationArgs
{
Name = "string",
},
},
H2Support = "string",
H3Support = "string",
HttpCookieAge = 0,
HttpCookieDomain = "string",
HttpCookieDomainFromHost = "string",
HttpCookieGeneration = 0,
HttpCookiePath = "string",
HttpCookieShare = "string",
HttpsCookieSecure = "string",
Id = 0,
LdbMethod = "string",
Persistence = "string",
Quic = new Fortios.Firewall.Inputs.AccessproxyApiGatewayQuicArgs
{
AckDelayExponent = 0,
ActiveConnectionIdLimit = 0,
ActiveMigration = "string",
GreaseQuicBit = "string",
MaxAckDelay = 0,
MaxDatagramFrameSize = 0,
MaxIdleTimeout = 0,
MaxUdpPayloadSize = 0,
},
Realservers = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGatewayRealserverArgs
{
AddrType = "string",
Address = "string",
Domain = "string",
ExternalAuth = "string",
HealthCheck = "string",
HealthCheckProto = "string",
HolddownInterval = "string",
HttpHost = "string",
Id = 0,
Ip = "string",
Mappedport = "string",
Port = 0,
SshClientCert = "string",
SshHostKeyValidation = "string",
SshHostKeys = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGatewayRealserverSshHostKeyArgs
{
Name = "string",
},
},
Status = "string",
TranslateHost = "string",
TunnelEncryption = "string",
Type = "string",
Weight = 0,
},
},
SamlRedirect = "string",
SamlServer = "string",
Service = "string",
SslAlgorithm = "string",
SslCipherSuites = new[]
{
new Fortios.Firewall.Inputs.AccessproxyApiGatewaySslCipherSuiteArgs
{
Cipher = "string",
Priority = 0,
Versions = "string",
},
},
SslDhBits = "string",
SslMaxVersion = "string",
SslMinVersion = "string",
SslRenegotiation = "string",
SslVpnWebPortal = "string",
UrlMap = "string",
UrlMapType = "string",
VirtualHost = "string",
},
},
AuthPortal = "string",
AuthVirtualHost = "string",
ClientCert = "string",
DecryptedTrafficMirror = "string",
DynamicSortSubtable = "string",
EmptyCertAction = "string",
GetAllTables = "string",
HttpSupportedMaxVersion = "string",
LogBlockedTraffic = "string",
Name = "string",
SvrPoolMultiplex = "string",
SvrPoolServerMaxConcurrentRequest = 0,
SvrPoolServerMaxRequest = 0,
SvrPoolTtl = 0,
UserAgentDetect = "string",
Vdomparam = "string",
Vip = "string",
});
example, err := firewall.NewAccessproxy(ctx, "accessproxyResource", &firewall.AccessproxyArgs{
AddVhostDomainToDnsdb: pulumi.String("string"),
ApiGateway6s: firewall.AccessproxyApiGateway6Array{
&firewall.AccessproxyApiGateway6Args{
Applications: firewall.AccessproxyApiGateway6ApplicationArray{
&firewall.AccessproxyApiGateway6ApplicationArgs{
Name: pulumi.String("string"),
},
},
H2Support: pulumi.String("string"),
H3Support: pulumi.String("string"),
HttpCookieAge: pulumi.Int(0),
HttpCookieDomain: pulumi.String("string"),
HttpCookieDomainFromHost: pulumi.String("string"),
HttpCookieGeneration: pulumi.Int(0),
HttpCookiePath: pulumi.String("string"),
HttpCookieShare: pulumi.String("string"),
HttpsCookieSecure: pulumi.String("string"),
Id: pulumi.Int(0),
LdbMethod: pulumi.String("string"),
Persistence: pulumi.String("string"),
Quic: &firewall.AccessproxyApiGateway6QuicArgs{
AckDelayExponent: pulumi.Int(0),
ActiveConnectionIdLimit: pulumi.Int(0),
ActiveMigration: pulumi.String("string"),
GreaseQuicBit: pulumi.String("string"),
MaxAckDelay: pulumi.Int(0),
MaxDatagramFrameSize: pulumi.Int(0),
MaxIdleTimeout: pulumi.Int(0),
MaxUdpPayloadSize: pulumi.Int(0),
},
Realservers: firewall.AccessproxyApiGateway6RealserverArray{
&firewall.AccessproxyApiGateway6RealserverArgs{
AddrType: pulumi.String("string"),
Address: pulumi.String("string"),
Domain: pulumi.String("string"),
ExternalAuth: pulumi.String("string"),
HealthCheck: pulumi.String("string"),
HealthCheckProto: pulumi.String("string"),
HolddownInterval: pulumi.String("string"),
HttpHost: pulumi.String("string"),
Id: pulumi.Int(0),
Ip: pulumi.String("string"),
Mappedport: pulumi.String("string"),
Port: pulumi.Int(0),
SshClientCert: pulumi.String("string"),
SshHostKeyValidation: pulumi.String("string"),
SshHostKeys: firewall.AccessproxyApiGateway6RealserverSshHostKeyArray{
&firewall.AccessproxyApiGateway6RealserverSshHostKeyArgs{
Name: pulumi.String("string"),
},
},
Status: pulumi.String("string"),
TranslateHost: pulumi.String("string"),
TunnelEncryption: pulumi.String("string"),
Type: pulumi.String("string"),
Weight: pulumi.Int(0),
},
},
SamlRedirect: pulumi.String("string"),
SamlServer: pulumi.String("string"),
Service: pulumi.String("string"),
SslAlgorithm: pulumi.String("string"),
SslCipherSuites: firewall.AccessproxyApiGateway6SslCipherSuiteArray{
&firewall.AccessproxyApiGateway6SslCipherSuiteArgs{
Cipher: pulumi.String("string"),
Priority: pulumi.Int(0),
Versions: pulumi.String("string"),
},
},
SslDhBits: pulumi.String("string"),
SslMaxVersion: pulumi.String("string"),
SslMinVersion: pulumi.String("string"),
SslRenegotiation: pulumi.String("string"),
SslVpnWebPortal: pulumi.String("string"),
UrlMap: pulumi.String("string"),
UrlMapType: pulumi.String("string"),
VirtualHost: pulumi.String("string"),
},
},
ApiGateways: firewall.AccessproxyApiGatewayArray{
&firewall.AccessproxyApiGatewayArgs{
Applications: firewall.AccessproxyApiGatewayApplicationArray{
&firewall.AccessproxyApiGatewayApplicationArgs{
Name: pulumi.String("string"),
},
},
H2Support: pulumi.String("string"),
H3Support: pulumi.String("string"),
HttpCookieAge: pulumi.Int(0),
HttpCookieDomain: pulumi.String("string"),
HttpCookieDomainFromHost: pulumi.String("string"),
HttpCookieGeneration: pulumi.Int(0),
HttpCookiePath: pulumi.String("string"),
HttpCookieShare: pulumi.String("string"),
HttpsCookieSecure: pulumi.String("string"),
Id: pulumi.Int(0),
LdbMethod: pulumi.String("string"),
Persistence: pulumi.String("string"),
Quic: &firewall.AccessproxyApiGatewayQuicArgs{
AckDelayExponent: pulumi.Int(0),
ActiveConnectionIdLimit: pulumi.Int(0),
ActiveMigration: pulumi.String("string"),
GreaseQuicBit: pulumi.String("string"),
MaxAckDelay: pulumi.Int(0),
MaxDatagramFrameSize: pulumi.Int(0),
MaxIdleTimeout: pulumi.Int(0),
MaxUdpPayloadSize: pulumi.Int(0),
},
Realservers: firewall.AccessproxyApiGatewayRealserverArray{
&firewall.AccessproxyApiGatewayRealserverArgs{
AddrType: pulumi.String("string"),
Address: pulumi.String("string"),
Domain: pulumi.String("string"),
ExternalAuth: pulumi.String("string"),
HealthCheck: pulumi.String("string"),
HealthCheckProto: pulumi.String("string"),
HolddownInterval: pulumi.String("string"),
HttpHost: pulumi.String("string"),
Id: pulumi.Int(0),
Ip: pulumi.String("string"),
Mappedport: pulumi.String("string"),
Port: pulumi.Int(0),
SshClientCert: pulumi.String("string"),
SshHostKeyValidation: pulumi.String("string"),
SshHostKeys: firewall.AccessproxyApiGatewayRealserverSshHostKeyArray{
&firewall.AccessproxyApiGatewayRealserverSshHostKeyArgs{
Name: pulumi.String("string"),
},
},
Status: pulumi.String("string"),
TranslateHost: pulumi.String("string"),
TunnelEncryption: pulumi.String("string"),
Type: pulumi.String("string"),
Weight: pulumi.Int(0),
},
},
SamlRedirect: pulumi.String("string"),
SamlServer: pulumi.String("string"),
Service: pulumi.String("string"),
SslAlgorithm: pulumi.String("string"),
SslCipherSuites: firewall.AccessproxyApiGatewaySslCipherSuiteArray{
&firewall.AccessproxyApiGatewaySslCipherSuiteArgs{
Cipher: pulumi.String("string"),
Priority: pulumi.Int(0),
Versions: pulumi.String("string"),
},
},
SslDhBits: pulumi.String("string"),
SslMaxVersion: pulumi.String("string"),
SslMinVersion: pulumi.String("string"),
SslRenegotiation: pulumi.String("string"),
SslVpnWebPortal: pulumi.String("string"),
UrlMap: pulumi.String("string"),
UrlMapType: pulumi.String("string"),
VirtualHost: pulumi.String("string"),
},
},
AuthPortal: pulumi.String("string"),
AuthVirtualHost: pulumi.String("string"),
ClientCert: pulumi.String("string"),
DecryptedTrafficMirror: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
EmptyCertAction: pulumi.String("string"),
GetAllTables: pulumi.String("string"),
HttpSupportedMaxVersion: pulumi.String("string"),
LogBlockedTraffic: pulumi.String("string"),
Name: pulumi.String("string"),
SvrPoolMultiplex: pulumi.String("string"),
SvrPoolServerMaxConcurrentRequest: pulumi.Int(0),
SvrPoolServerMaxRequest: pulumi.Int(0),
SvrPoolTtl: pulumi.Int(0),
UserAgentDetect: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
Vip: pulumi.String("string"),
})
var accessproxyResource = new Accessproxy("accessproxyResource", AccessproxyArgs.builder()
.addVhostDomainToDnsdb("string")
.apiGateway6s(AccessproxyApiGateway6Args.builder()
.applications(AccessproxyApiGateway6ApplicationArgs.builder()
.name("string")
.build())
.h2Support("string")
.h3Support("string")
.httpCookieAge(0)
.httpCookieDomain("string")
.httpCookieDomainFromHost("string")
.httpCookieGeneration(0)
.httpCookiePath("string")
.httpCookieShare("string")
.httpsCookieSecure("string")
.id(0)
.ldbMethod("string")
.persistence("string")
.quic(AccessproxyApiGateway6QuicArgs.builder()
.ackDelayExponent(0)
.activeConnectionIdLimit(0)
.activeMigration("string")
.greaseQuicBit("string")
.maxAckDelay(0)
.maxDatagramFrameSize(0)
.maxIdleTimeout(0)
.maxUdpPayloadSize(0)
.build())
.realservers(AccessproxyApiGateway6RealserverArgs.builder()
.addrType("string")
.address("string")
.domain("string")
.externalAuth("string")
.healthCheck("string")
.healthCheckProto("string")
.holddownInterval("string")
.httpHost("string")
.id(0)
.ip("string")
.mappedport("string")
.port(0)
.sshClientCert("string")
.sshHostKeyValidation("string")
.sshHostKeys(AccessproxyApiGateway6RealserverSshHostKeyArgs.builder()
.name("string")
.build())
.status("string")
.translateHost("string")
.tunnelEncryption("string")
.type("string")
.weight(0)
.build())
.samlRedirect("string")
.samlServer("string")
.service("string")
.sslAlgorithm("string")
.sslCipherSuites(AccessproxyApiGateway6SslCipherSuiteArgs.builder()
.cipher("string")
.priority(0)
.versions("string")
.build())
.sslDhBits("string")
.sslMaxVersion("string")
.sslMinVersion("string")
.sslRenegotiation("string")
.sslVpnWebPortal("string")
.urlMap("string")
.urlMapType("string")
.virtualHost("string")
.build())
.apiGateways(AccessproxyApiGatewayArgs.builder()
.applications(AccessproxyApiGatewayApplicationArgs.builder()
.name("string")
.build())
.h2Support("string")
.h3Support("string")
.httpCookieAge(0)
.httpCookieDomain("string")
.httpCookieDomainFromHost("string")
.httpCookieGeneration(0)
.httpCookiePath("string")
.httpCookieShare("string")
.httpsCookieSecure("string")
.id(0)
.ldbMethod("string")
.persistence("string")
.quic(AccessproxyApiGatewayQuicArgs.builder()
.ackDelayExponent(0)
.activeConnectionIdLimit(0)
.activeMigration("string")
.greaseQuicBit("string")
.maxAckDelay(0)
.maxDatagramFrameSize(0)
.maxIdleTimeout(0)
.maxUdpPayloadSize(0)
.build())
.realservers(AccessproxyApiGatewayRealserverArgs.builder()
.addrType("string")
.address("string")
.domain("string")
.externalAuth("string")
.healthCheck("string")
.healthCheckProto("string")
.holddownInterval("string")
.httpHost("string")
.id(0)
.ip("string")
.mappedport("string")
.port(0)
.sshClientCert("string")
.sshHostKeyValidation("string")
.sshHostKeys(AccessproxyApiGatewayRealserverSshHostKeyArgs.builder()
.name("string")
.build())
.status("string")
.translateHost("string")
.tunnelEncryption("string")
.type("string")
.weight(0)
.build())
.samlRedirect("string")
.samlServer("string")
.service("string")
.sslAlgorithm("string")
.sslCipherSuites(AccessproxyApiGatewaySslCipherSuiteArgs.builder()
.cipher("string")
.priority(0)
.versions("string")
.build())
.sslDhBits("string")
.sslMaxVersion("string")
.sslMinVersion("string")
.sslRenegotiation("string")
.sslVpnWebPortal("string")
.urlMap("string")
.urlMapType("string")
.virtualHost("string")
.build())
.authPortal("string")
.authVirtualHost("string")
.clientCert("string")
.decryptedTrafficMirror("string")
.dynamicSortSubtable("string")
.emptyCertAction("string")
.getAllTables("string")
.httpSupportedMaxVersion("string")
.logBlockedTraffic("string")
.name("string")
.svrPoolMultiplex("string")
.svrPoolServerMaxConcurrentRequest(0)
.svrPoolServerMaxRequest(0)
.svrPoolTtl(0)
.userAgentDetect("string")
.vdomparam("string")
.vip("string")
.build());
accessproxy_resource = fortios.firewall.Accessproxy("accessproxyResource",
add_vhost_domain_to_dnsdb="string",
api_gateway6s=[{
"applications": [{
"name": "string",
}],
"h2_support": "string",
"h3_support": "string",
"http_cookie_age": 0,
"http_cookie_domain": "string",
"http_cookie_domain_from_host": "string",
"http_cookie_generation": 0,
"http_cookie_path": "string",
"http_cookie_share": "string",
"https_cookie_secure": "string",
"id": 0,
"ldb_method": "string",
"persistence": "string",
"quic": {
"ack_delay_exponent": 0,
"active_connection_id_limit": 0,
"active_migration": "string",
"grease_quic_bit": "string",
"max_ack_delay": 0,
"max_datagram_frame_size": 0,
"max_idle_timeout": 0,
"max_udp_payload_size": 0,
},
"realservers": [{
"addr_type": "string",
"address": "string",
"domain": "string",
"external_auth": "string",
"health_check": "string",
"health_check_proto": "string",
"holddown_interval": "string",
"http_host": "string",
"id": 0,
"ip": "string",
"mappedport": "string",
"port": 0,
"ssh_client_cert": "string",
"ssh_host_key_validation": "string",
"ssh_host_keys": [{
"name": "string",
}],
"status": "string",
"translate_host": "string",
"tunnel_encryption": "string",
"type": "string",
"weight": 0,
}],
"saml_redirect": "string",
"saml_server": "string",
"service": "string",
"ssl_algorithm": "string",
"ssl_cipher_suites": [{
"cipher": "string",
"priority": 0,
"versions": "string",
}],
"ssl_dh_bits": "string",
"ssl_max_version": "string",
"ssl_min_version": "string",
"ssl_renegotiation": "string",
"ssl_vpn_web_portal": "string",
"url_map": "string",
"url_map_type": "string",
"virtual_host": "string",
}],
api_gateways=[{
"applications": [{
"name": "string",
}],
"h2_support": "string",
"h3_support": "string",
"http_cookie_age": 0,
"http_cookie_domain": "string",
"http_cookie_domain_from_host": "string",
"http_cookie_generation": 0,
"http_cookie_path": "string",
"http_cookie_share": "string",
"https_cookie_secure": "string",
"id": 0,
"ldb_method": "string",
"persistence": "string",
"quic": {
"ack_delay_exponent": 0,
"active_connection_id_limit": 0,
"active_migration": "string",
"grease_quic_bit": "string",
"max_ack_delay": 0,
"max_datagram_frame_size": 0,
"max_idle_timeout": 0,
"max_udp_payload_size": 0,
},
"realservers": [{
"addr_type": "string",
"address": "string",
"domain": "string",
"external_auth": "string",
"health_check": "string",
"health_check_proto": "string",
"holddown_interval": "string",
"http_host": "string",
"id": 0,
"ip": "string",
"mappedport": "string",
"port": 0,
"ssh_client_cert": "string",
"ssh_host_key_validation": "string",
"ssh_host_keys": [{
"name": "string",
}],
"status": "string",
"translate_host": "string",
"tunnel_encryption": "string",
"type": "string",
"weight": 0,
}],
"saml_redirect": "string",
"saml_server": "string",
"service": "string",
"ssl_algorithm": "string",
"ssl_cipher_suites": [{
"cipher": "string",
"priority": 0,
"versions": "string",
}],
"ssl_dh_bits": "string",
"ssl_max_version": "string",
"ssl_min_version": "string",
"ssl_renegotiation": "string",
"ssl_vpn_web_portal": "string",
"url_map": "string",
"url_map_type": "string",
"virtual_host": "string",
}],
auth_portal="string",
auth_virtual_host="string",
client_cert="string",
decrypted_traffic_mirror="string",
dynamic_sort_subtable="string",
empty_cert_action="string",
get_all_tables="string",
http_supported_max_version="string",
log_blocked_traffic="string",
name="string",
svr_pool_multiplex="string",
svr_pool_server_max_concurrent_request=0,
svr_pool_server_max_request=0,
svr_pool_ttl=0,
user_agent_detect="string",
vdomparam="string",
vip="string")
const accessproxyResource = new fortios.firewall.Accessproxy("accessproxyResource", {
addVhostDomainToDnsdb: "string",
apiGateway6s: [{
applications: [{
name: "string",
}],
h2Support: "string",
h3Support: "string",
httpCookieAge: 0,
httpCookieDomain: "string",
httpCookieDomainFromHost: "string",
httpCookieGeneration: 0,
httpCookiePath: "string",
httpCookieShare: "string",
httpsCookieSecure: "string",
id: 0,
ldbMethod: "string",
persistence: "string",
quic: {
ackDelayExponent: 0,
activeConnectionIdLimit: 0,
activeMigration: "string",
greaseQuicBit: "string",
maxAckDelay: 0,
maxDatagramFrameSize: 0,
maxIdleTimeout: 0,
maxUdpPayloadSize: 0,
},
realservers: [{
addrType: "string",
address: "string",
domain: "string",
externalAuth: "string",
healthCheck: "string",
healthCheckProto: "string",
holddownInterval: "string",
httpHost: "string",
id: 0,
ip: "string",
mappedport: "string",
port: 0,
sshClientCert: "string",
sshHostKeyValidation: "string",
sshHostKeys: [{
name: "string",
}],
status: "string",
translateHost: "string",
tunnelEncryption: "string",
type: "string",
weight: 0,
}],
samlRedirect: "string",
samlServer: "string",
service: "string",
sslAlgorithm: "string",
sslCipherSuites: [{
cipher: "string",
priority: 0,
versions: "string",
}],
sslDhBits: "string",
sslMaxVersion: "string",
sslMinVersion: "string",
sslRenegotiation: "string",
sslVpnWebPortal: "string",
urlMap: "string",
urlMapType: "string",
virtualHost: "string",
}],
apiGateways: [{
applications: [{
name: "string",
}],
h2Support: "string",
h3Support: "string",
httpCookieAge: 0,
httpCookieDomain: "string",
httpCookieDomainFromHost: "string",
httpCookieGeneration: 0,
httpCookiePath: "string",
httpCookieShare: "string",
httpsCookieSecure: "string",
id: 0,
ldbMethod: "string",
persistence: "string",
quic: {
ackDelayExponent: 0,
activeConnectionIdLimit: 0,
activeMigration: "string",
greaseQuicBit: "string",
maxAckDelay: 0,
maxDatagramFrameSize: 0,
maxIdleTimeout: 0,
maxUdpPayloadSize: 0,
},
realservers: [{
addrType: "string",
address: "string",
domain: "string",
externalAuth: "string",
healthCheck: "string",
healthCheckProto: "string",
holddownInterval: "string",
httpHost: "string",
id: 0,
ip: "string",
mappedport: "string",
port: 0,
sshClientCert: "string",
sshHostKeyValidation: "string",
sshHostKeys: [{
name: "string",
}],
status: "string",
translateHost: "string",
tunnelEncryption: "string",
type: "string",
weight: 0,
}],
samlRedirect: "string",
samlServer: "string",
service: "string",
sslAlgorithm: "string",
sslCipherSuites: [{
cipher: "string",
priority: 0,
versions: "string",
}],
sslDhBits: "string",
sslMaxVersion: "string",
sslMinVersion: "string",
sslRenegotiation: "string",
sslVpnWebPortal: "string",
urlMap: "string",
urlMapType: "string",
virtualHost: "string",
}],
authPortal: "string",
authVirtualHost: "string",
clientCert: "string",
decryptedTrafficMirror: "string",
dynamicSortSubtable: "string",
emptyCertAction: "string",
getAllTables: "string",
httpSupportedMaxVersion: "string",
logBlockedTraffic: "string",
name: "string",
svrPoolMultiplex: "string",
svrPoolServerMaxConcurrentRequest: 0,
svrPoolServerMaxRequest: 0,
svrPoolTtl: 0,
userAgentDetect: "string",
vdomparam: "string",
vip: "string",
});
type: fortios:firewall:Accessproxy
properties:
addVhostDomainToDnsdb: string
apiGateway6s:
- applications:
- name: string
h2Support: string
h3Support: string
httpCookieAge: 0
httpCookieDomain: string
httpCookieDomainFromHost: string
httpCookieGeneration: 0
httpCookiePath: string
httpCookieShare: string
httpsCookieSecure: string
id: 0
ldbMethod: string
persistence: string
quic:
ackDelayExponent: 0
activeConnectionIdLimit: 0
activeMigration: string
greaseQuicBit: string
maxAckDelay: 0
maxDatagramFrameSize: 0
maxIdleTimeout: 0
maxUdpPayloadSize: 0
realservers:
- addrType: string
address: string
domain: string
externalAuth: string
healthCheck: string
healthCheckProto: string
holddownInterval: string
httpHost: string
id: 0
ip: string
mappedport: string
port: 0
sshClientCert: string
sshHostKeyValidation: string
sshHostKeys:
- name: string
status: string
translateHost: string
tunnelEncryption: string
type: string
weight: 0
samlRedirect: string
samlServer: string
service: string
sslAlgorithm: string
sslCipherSuites:
- cipher: string
priority: 0
versions: string
sslDhBits: string
sslMaxVersion: string
sslMinVersion: string
sslRenegotiation: string
sslVpnWebPortal: string
urlMap: string
urlMapType: string
virtualHost: string
apiGateways:
- applications:
- name: string
h2Support: string
h3Support: string
httpCookieAge: 0
httpCookieDomain: string
httpCookieDomainFromHost: string
httpCookieGeneration: 0
httpCookiePath: string
httpCookieShare: string
httpsCookieSecure: string
id: 0
ldbMethod: string
persistence: string
quic:
ackDelayExponent: 0
activeConnectionIdLimit: 0
activeMigration: string
greaseQuicBit: string
maxAckDelay: 0
maxDatagramFrameSize: 0
maxIdleTimeout: 0
maxUdpPayloadSize: 0
realservers:
- addrType: string
address: string
domain: string
externalAuth: string
healthCheck: string
healthCheckProto: string
holddownInterval: string
httpHost: string
id: 0
ip: string
mappedport: string
port: 0
sshClientCert: string
sshHostKeyValidation: string
sshHostKeys:
- name: string
status: string
translateHost: string
tunnelEncryption: string
type: string
weight: 0
samlRedirect: string
samlServer: string
service: string
sslAlgorithm: string
sslCipherSuites:
- cipher: string
priority: 0
versions: string
sslDhBits: string
sslMaxVersion: string
sslMinVersion: string
sslRenegotiation: string
sslVpnWebPortal: string
urlMap: string
urlMapType: string
virtualHost: string
authPortal: string
authVirtualHost: string
clientCert: string
decryptedTrafficMirror: string
dynamicSortSubtable: string
emptyCertAction: string
getAllTables: string
httpSupportedMaxVersion: string
logBlockedTraffic: string
name: string
svrPoolMultiplex: string
svrPoolServerMaxConcurrentRequest: 0
svrPoolServerMaxRequest: 0
svrPoolTtl: 0
userAgentDetect: string
vdomparam: string
vip: string
Accessproxy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Accessproxy resource accepts the following input properties:
- Add
Vhost stringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - Api
Gateway6s List<Pulumiverse.Fortios. Firewall. Inputs. Accessproxy Api Gateway6> - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - Api
Gateways List<Pulumiverse.Fortios. Firewall. Inputs. Accessproxy Api Gateway> - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - Auth
Portal string - Enable/disable authentication portal. Valid values:
disable
,enable
. - Auth
Virtual stringHost - Virtual host for authentication portal.
- Client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - Decrypted
Traffic stringMirror - Decrypted traffic mirror.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Empty
Cert stringAction - Action of an empty client certificate.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Http
Supported stringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - Log
Blocked stringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - Name string
- Access Proxy name.
- Svr
Pool stringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - Svr
Pool intServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- Svr
Pool intServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- Svr
Pool intTtl - Time-to-live in the server pool for idle connections to servers.
- User
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Vip string
- Virtual IP name.
- Add
Vhost stringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - Api
Gateway6s []AccessproxyApi Gateway6Args - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - Api
Gateways []AccessproxyApi Gateway Args - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - Auth
Portal string - Enable/disable authentication portal. Valid values:
disable
,enable
. - Auth
Virtual stringHost - Virtual host for authentication portal.
- Client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - Decrypted
Traffic stringMirror - Decrypted traffic mirror.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Empty
Cert stringAction - Action of an empty client certificate.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Http
Supported stringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - Log
Blocked stringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - Name string
- Access Proxy name.
- Svr
Pool stringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - Svr
Pool intServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- Svr
Pool intServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- Svr
Pool intTtl - Time-to-live in the server pool for idle connections to servers.
- User
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Vip string
- Virtual IP name.
- add
Vhost StringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - api
Gateway6s List<AccessproxyApi Gateway6> - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - api
Gateways List<AccessproxyApi Gateway> - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - auth
Portal String - Enable/disable authentication portal. Valid values:
disable
,enable
. - auth
Virtual StringHost - Virtual host for authentication portal.
- client
Cert String - Enable/disable to request client certificate. Valid values:
disable
,enable
. - decrypted
Traffic StringMirror - Decrypted traffic mirror.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert StringAction - Action of an empty client certificate.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Supported StringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - log
Blocked StringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - name String
- Access Proxy name.
- svr
Pool StringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - svr
Pool IntegerServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- svr
Pool IntegerServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- svr
Pool IntegerTtl - Time-to-live in the server pool for idle connections to servers.
- user
Agent StringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vip String
- Virtual IP name.
- add
Vhost stringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - api
Gateway6s AccessproxyApi Gateway6[] - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - api
Gateways AccessproxyApi Gateway[] - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - auth
Portal string - Enable/disable authentication portal. Valid values:
disable
,enable
. - auth
Virtual stringHost - Virtual host for authentication portal.
- client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - decrypted
Traffic stringMirror - Decrypted traffic mirror.
- dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert stringAction - Action of an empty client certificate.
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Supported stringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - log
Blocked stringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - name string
- Access Proxy name.
- svr
Pool stringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - svr
Pool numberServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- svr
Pool numberServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- svr
Pool numberTtl - Time-to-live in the server pool for idle connections to servers.
- user
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vip string
- Virtual IP name.
- add_
vhost_ strdomain_ to_ dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - api_
gateway6s Sequence[AccessproxyApi Gateway6Args] - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - api_
gateways Sequence[AccessproxyApi Gateway Args] - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - auth_
portal str - Enable/disable authentication portal. Valid values:
disable
,enable
. - auth_
virtual_ strhost - Virtual host for authentication portal.
- client_
cert str - Enable/disable to request client certificate. Valid values:
disable
,enable
. - decrypted_
traffic_ strmirror - Decrypted traffic mirror.
- dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty_
cert_ straction - Action of an empty client certificate.
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http_
supported_ strmax_ version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - log_
blocked_ strtraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - name str
- Access Proxy name.
- svr_
pool_ strmultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - svr_
pool_ intserver_ max_ concurrent_ request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- svr_
pool_ intserver_ max_ request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- svr_
pool_ intttl - Time-to-live in the server pool for idle connections to servers.
- user_
agent_ strdetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vip str
- Virtual IP name.
- add
Vhost StringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - api
Gateway6s List<Property Map> - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - api
Gateways List<Property Map> - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - auth
Portal String - Enable/disable authentication portal. Valid values:
disable
,enable
. - auth
Virtual StringHost - Virtual host for authentication portal.
- client
Cert String - Enable/disable to request client certificate. Valid values:
disable
,enable
. - decrypted
Traffic StringMirror - Decrypted traffic mirror.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert StringAction - Action of an empty client certificate.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Supported StringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - log
Blocked StringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - name String
- Access Proxy name.
- svr
Pool StringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - svr
Pool NumberServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- svr
Pool NumberServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- svr
Pool NumberTtl - Time-to-live in the server pool for idle connections to servers.
- user
Agent StringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vip String
- Virtual IP name.
Outputs
All input properties are implicitly available as output properties. Additionally, the Accessproxy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Accessproxy Resource
Get an existing Accessproxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AccessproxyState, opts?: CustomResourceOptions): Accessproxy
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
add_vhost_domain_to_dnsdb: Optional[str] = None,
api_gateway6s: Optional[Sequence[AccessproxyApiGateway6Args]] = None,
api_gateways: Optional[Sequence[AccessproxyApiGatewayArgs]] = None,
auth_portal: Optional[str] = None,
auth_virtual_host: Optional[str] = None,
client_cert: Optional[str] = None,
decrypted_traffic_mirror: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
empty_cert_action: Optional[str] = None,
get_all_tables: Optional[str] = None,
http_supported_max_version: Optional[str] = None,
log_blocked_traffic: Optional[str] = None,
name: Optional[str] = None,
svr_pool_multiplex: Optional[str] = None,
svr_pool_server_max_concurrent_request: Optional[int] = None,
svr_pool_server_max_request: Optional[int] = None,
svr_pool_ttl: Optional[int] = None,
user_agent_detect: Optional[str] = None,
vdomparam: Optional[str] = None,
vip: Optional[str] = None) -> Accessproxy
func GetAccessproxy(ctx *Context, name string, id IDInput, state *AccessproxyState, opts ...ResourceOption) (*Accessproxy, error)
public static Accessproxy Get(string name, Input<string> id, AccessproxyState? state, CustomResourceOptions? opts = null)
public static Accessproxy get(String name, Output<String> id, AccessproxyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Add
Vhost stringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - Api
Gateway6s List<Pulumiverse.Fortios. Firewall. Inputs. Accessproxy Api Gateway6> - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - Api
Gateways List<Pulumiverse.Fortios. Firewall. Inputs. Accessproxy Api Gateway> - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - Auth
Portal string - Enable/disable authentication portal. Valid values:
disable
,enable
. - Auth
Virtual stringHost - Virtual host for authentication portal.
- Client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - Decrypted
Traffic stringMirror - Decrypted traffic mirror.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Empty
Cert stringAction - Action of an empty client certificate.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Http
Supported stringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - Log
Blocked stringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - Name string
- Access Proxy name.
- Svr
Pool stringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - Svr
Pool intServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- Svr
Pool intServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- Svr
Pool intTtl - Time-to-live in the server pool for idle connections to servers.
- User
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Vip string
- Virtual IP name.
- Add
Vhost stringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - Api
Gateway6s []AccessproxyApi Gateway6Args - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - Api
Gateways []AccessproxyApi Gateway Args - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - Auth
Portal string - Enable/disable authentication portal. Valid values:
disable
,enable
. - Auth
Virtual stringHost - Virtual host for authentication portal.
- Client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - Decrypted
Traffic stringMirror - Decrypted traffic mirror.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Empty
Cert stringAction - Action of an empty client certificate.
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Http
Supported stringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - Log
Blocked stringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - Name string
- Access Proxy name.
- Svr
Pool stringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - Svr
Pool intServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- Svr
Pool intServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- Svr
Pool intTtl - Time-to-live in the server pool for idle connections to servers.
- User
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Vip string
- Virtual IP name.
- add
Vhost StringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - api
Gateway6s List<AccessproxyApi Gateway6> - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - api
Gateways List<AccessproxyApi Gateway> - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - auth
Portal String - Enable/disable authentication portal. Valid values:
disable
,enable
. - auth
Virtual StringHost - Virtual host for authentication portal.
- client
Cert String - Enable/disable to request client certificate. Valid values:
disable
,enable
. - decrypted
Traffic StringMirror - Decrypted traffic mirror.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert StringAction - Action of an empty client certificate.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Supported StringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - log
Blocked StringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - name String
- Access Proxy name.
- svr
Pool StringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - svr
Pool IntegerServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- svr
Pool IntegerServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- svr
Pool IntegerTtl - Time-to-live in the server pool for idle connections to servers.
- user
Agent StringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vip String
- Virtual IP name.
- add
Vhost stringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - api
Gateway6s AccessproxyApi Gateway6[] - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - api
Gateways AccessproxyApi Gateway[] - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - auth
Portal string - Enable/disable authentication portal. Valid values:
disable
,enable
. - auth
Virtual stringHost - Virtual host for authentication portal.
- client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - decrypted
Traffic stringMirror - Decrypted traffic mirror.
- dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert stringAction - Action of an empty client certificate.
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Supported stringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - log
Blocked stringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - name string
- Access Proxy name.
- svr
Pool stringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - svr
Pool numberServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- svr
Pool numberServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- svr
Pool numberTtl - Time-to-live in the server pool for idle connections to servers.
- user
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vip string
- Virtual IP name.
- add_
vhost_ strdomain_ to_ dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - api_
gateway6s Sequence[AccessproxyApi Gateway6Args] - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - api_
gateways Sequence[AccessproxyApi Gateway Args] - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - auth_
portal str - Enable/disable authentication portal. Valid values:
disable
,enable
. - auth_
virtual_ strhost - Virtual host for authentication portal.
- client_
cert str - Enable/disable to request client certificate. Valid values:
disable
,enable
. - decrypted_
traffic_ strmirror - Decrypted traffic mirror.
- dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty_
cert_ straction - Action of an empty client certificate.
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http_
supported_ strmax_ version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - log_
blocked_ strtraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - name str
- Access Proxy name.
- svr_
pool_ strmultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - svr_
pool_ intserver_ max_ concurrent_ request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- svr_
pool_ intserver_ max_ request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- svr_
pool_ intttl - Time-to-live in the server pool for idle connections to servers.
- user_
agent_ strdetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vip str
- Virtual IP name.
- add
Vhost StringDomain To Dnsdb - Enable/disable adding vhost/domain to dnsdb for ztna dox tunnel. Valid values:
enable
,disable
. - api
Gateway6s List<Property Map> - Set IPv6 API Gateway. The structure of
api_gateway6
block is documented below. - api
Gateways List<Property Map> - Set IPv4 API Gateway. The structure of
api_gateway
block is documented below. - auth
Portal String - Enable/disable authentication portal. Valid values:
disable
,enable
. - auth
Virtual StringHost - Virtual host for authentication portal.
- client
Cert String - Enable/disable to request client certificate. Valid values:
disable
,enable
. - decrypted
Traffic StringMirror - Decrypted traffic mirror.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert StringAction - Action of an empty client certificate.
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Supported StringMax Version - Maximum supported HTTP versions. default = HTTP2 Valid values:
http1
,http2
. - log
Blocked StringTraffic - Enable/disable logging of blocked traffic. Valid values:
enable
,disable
. - name String
- Access Proxy name.
- svr
Pool StringMultiplex - Enable/disable server pool multiplexing. Share connected server in HTTP, HTTPS, and web-portal api-gateway. Valid values:
enable
,disable
. - svr
Pool NumberServer Max Concurrent Request - Maximum number of concurrent requests that servers in server pool could handle (default = unlimited).
- svr
Pool NumberServer Max Request - Maximum number of requests that servers in server pool handle before disconnecting (default = unlimited).
- svr
Pool NumberTtl - Time-to-live in the server pool for idle connections to servers.
- user
Agent StringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- vip String
- Virtual IP name.
Supporting Types
AccessproxyApiGateway, AccessproxyApiGatewayArgs
- Applications
List<Pulumiverse.
Fortios. Firewall. Inputs. Accessproxy Api Gateway Application> - SaaS application controlled by this Access Proxy. The structure of
application
block is documented below. - H2Support string
- HTTP2 support, default=Enable. Valid values:
enable
,disable
. - H3Support string
- HTTP3/QUIC support, default=Disable. Valid values:
enable
,disable
. - int
- Time in minutes that client web browsers should keep a cookie. Default is 60 minutes. 0 = no time limit.
- string
- Domain that HTTP cookie persistence should apply to.
- string
- Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values:
disable
,enable
. - int
- Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
- string
- Limit HTTP cookie persistence to the specified path.
- string
- Control sharing of cookies across API Gateway. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values:
disable
,same-ip
. - string
- Enable/disable verification that inserted HTTPS cookies are secure. Valid values:
disable
,enable
. - Id int
- API Gateway ID.
- Ldb
Method string - Method used to distribute sessions to real servers. Valid values:
static
,round-robin
,weighted
,first-alive
,http-host
. - Persistence string
- Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values:
none
,http-cookie
. - Quic
Pulumiverse.
Fortios. Firewall. Inputs. Accessproxy Api Gateway Quic - QUIC setting. The structure of
quic
block is documented below. - Realservers
List<Pulumiverse.
Fortios. Firewall. Inputs. Accessproxy Api Gateway Realserver> - Select the real servers that this Access Proxy will distribute traffic to. The structure of
realservers
block is documented below. - Saml
Redirect string - Enable/disable SAML redirection after successful authentication. Valid values:
disable
,enable
. - Saml
Server string - SAML service provider configuration for VIP authentication.
- Service string
- Service.
- Ssl
Algorithm string - Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values:
high
,medium
,low
. - Ssl
Cipher List<Pulumiverse.Suites Fortios. Firewall. Inputs. Accessproxy Api Gateway Ssl Cipher Suite> - SSL/TLS cipher suites to offer to a server, ordered by priority. The structure of
ssl_cipher_suites
block is documented below. - Ssl
Dh stringBits - Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values:
768
,1024
,1536
,2048
,3072
,4096
. - Ssl
Max stringVersion - Highest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - Ssl
Min stringVersion - Lowest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - Ssl
Renegotiation string - Enable/disable secure renegotiation to comply with RFC 5746. Valid values:
enable
,disable
. - Ssl
Vpn stringWeb Portal - SSL-VPN web portal.
- Url
Map string - URL pattern to match.
- Url
Map stringType - Type of url-map. Valid values:
sub-string
,wildcard
,regex
. - Virtual
Host string - Virtual host.
- Applications
[]Accessproxy
Api Gateway Application - SaaS application controlled by this Access Proxy. The structure of
application
block is documented below. - H2Support string
- HTTP2 support, default=Enable. Valid values:
enable
,disable
. - H3Support string
- HTTP3/QUIC support, default=Disable. Valid values:
enable
,disable
. - int
- Time in minutes that client web browsers should keep a cookie. Default is 60 minutes. 0 = no time limit.
- string
- Domain that HTTP cookie persistence should apply to.
- string
- Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values:
disable
,enable
. - int
- Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
- string
- Limit HTTP cookie persistence to the specified path.
- string
- Control sharing of cookies across API Gateway. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values:
disable
,same-ip
. - string
- Enable/disable verification that inserted HTTPS cookies are secure. Valid values:
disable
,enable
. - Id int
- API Gateway ID.
- Ldb
Method string - Method used to distribute sessions to real servers. Valid values:
static
,round-robin
,weighted
,first-alive
,http-host
. - Persistence string
- Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values:
none
,http-cookie
. - Quic
Accessproxy
Api Gateway Quic - QUIC setting. The structure of
quic
block is documented below. - Realservers
[]Accessproxy
Api Gateway Realserver - Select the real servers that this Access Proxy will distribute traffic to. The structure of
realservers
block is documented below. - Saml
Redirect string - Enable/disable SAML redirection after successful authentication. Valid values:
disable
,enable
. - Saml
Server string - SAML service provider configuration for VIP authentication.
- Service string
- Service.
- Ssl
Algorithm string - Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values:
high
,medium
,low
. - Ssl
Cipher []AccessproxySuites Api Gateway Ssl Cipher Suite - SSL/TLS cipher suites to offer to a server, ordered by priority. The structure of
ssl_cipher_suites
block is documented below. - Ssl
Dh stringBits - Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values:
768
,1024
,1536
,2048
,3072
,4096
. - Ssl
Max stringVersion - Highest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - Ssl
Min stringVersion - Lowest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - Ssl
Renegotiation string - Enable/disable secure renegotiation to comply with RFC 5746. Valid values:
enable
,disable
. - Ssl
Vpn stringWeb Portal - SSL-VPN web portal.
- Url
Map string - URL pattern to match.
- Url
Map stringType - Type of url-map. Valid values:
sub-string
,wildcard
,regex
. - Virtual
Host string - Virtual host.
- applications
List<Accessproxy
Api Gateway Application> - SaaS application controlled by this Access Proxy. The structure of
application
block is documented below. - h2Support String
- HTTP2 support, default=Enable. Valid values:
enable
,disable
. - h3Support String
- HTTP3/QUIC support, default=Disable. Valid values:
enable
,disable
. - Integer
- Time in minutes that client web browsers should keep a cookie. Default is 60 minutes. 0 = no time limit.
- String
- Domain that HTTP cookie persistence should apply to.
- String
- Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values:
disable
,enable
. - Integer
- Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
- String
- Limit HTTP cookie persistence to the specified path.
- String
- Control sharing of cookies across API Gateway. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values:
disable
,same-ip
. - String
- Enable/disable verification that inserted HTTPS cookies are secure. Valid values:
disable
,enable
. - id Integer
- API Gateway ID.
- ldb
Method String - Method used to distribute sessions to real servers. Valid values:
static
,round-robin
,weighted
,first-alive
,http-host
. - persistence String
- Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values:
none
,http-cookie
. - quic
Accessproxy
Api Gateway Quic - QUIC setting. The structure of
quic
block is documented below. - realservers
List<Accessproxy
Api Gateway Realserver> - Select the real servers that this Access Proxy will distribute traffic to. The structure of
realservers
block is documented below. - saml
Redirect String - Enable/disable SAML redirection after successful authentication. Valid values:
disable
,enable
. - saml
Server String - SAML service provider configuration for VIP authentication.
- service String
- Service.
- ssl
Algorithm String - Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values:
high
,medium
,low
. - ssl
Cipher List<AccessproxySuites Api Gateway Ssl Cipher Suite> - SSL/TLS cipher suites to offer to a server, ordered by priority. The structure of
ssl_cipher_suites
block is documented below. - ssl
Dh StringBits - Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values:
768
,1024
,1536
,2048
,3072
,4096
. - ssl
Max StringVersion - Highest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - ssl
Min StringVersion - Lowest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - ssl
Renegotiation String - Enable/disable secure renegotiation to comply with RFC 5746. Valid values:
enable
,disable
. - ssl
Vpn StringWeb Portal - SSL-VPN web portal.
- url
Map String - URL pattern to match.
- url
Map StringType - Type of url-map. Valid values:
sub-string
,wildcard
,regex
. - virtual
Host String - Virtual host.
- applications
Accessproxy
Api Gateway Application[] - SaaS application controlled by this Access Proxy. The structure of
application
block is documented below. - h2Support string
- HTTP2 support, default=Enable. Valid values:
enable
,disable
. - h3Support string
- HTTP3/QUIC support, default=Disable. Valid values:
enable
,disable
. - number
- Time in minutes that client web browsers should keep a cookie. Default is 60 minutes. 0 = no time limit.
- string
- Domain that HTTP cookie persistence should apply to.
- string
- Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values:
disable
,enable
. - number
- Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
- string
- Limit HTTP cookie persistence to the specified path.
- string
- Control sharing of cookies across API Gateway. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values:
disable
,same-ip
. - string
- Enable/disable verification that inserted HTTPS cookies are secure. Valid values:
disable
,enable
. - id number
- API Gateway ID.
- ldb
Method string - Method used to distribute sessions to real servers. Valid values:
static
,round-robin
,weighted
,first-alive
,http-host
. - persistence string
- Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values:
none
,http-cookie
. - quic
Accessproxy
Api Gateway Quic - QUIC setting. The structure of
quic
block is documented below. - realservers
Accessproxy
Api Gateway Realserver[] - Select the real servers that this Access Proxy will distribute traffic to. The structure of
realservers
block is documented below. - saml
Redirect string - Enable/disable SAML redirection after successful authentication. Valid values:
disable
,enable
. - saml
Server string - SAML service provider configuration for VIP authentication.
- service string
- Service.
- ssl
Algorithm string - Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values:
high
,medium
,low
. - ssl
Cipher AccessproxySuites Api Gateway Ssl Cipher Suite[] - SSL/TLS cipher suites to offer to a server, ordered by priority. The structure of
ssl_cipher_suites
block is documented below. - ssl
Dh stringBits - Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values:
768
,1024
,1536
,2048
,3072
,4096
. - ssl
Max stringVersion - Highest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - ssl
Min stringVersion - Lowest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - ssl
Renegotiation string - Enable/disable secure renegotiation to comply with RFC 5746. Valid values:
enable
,disable
. - ssl
Vpn stringWeb Portal - SSL-VPN web portal.
- url
Map string - URL pattern to match.
- url
Map stringType - Type of url-map. Valid values:
sub-string
,wildcard
,regex
. - virtual
Host string - Virtual host.
- applications
Sequence[Accessproxy
Api Gateway Application] - SaaS application controlled by this Access Proxy. The structure of
application
block is documented below. - h2_
support str - HTTP2 support, default=Enable. Valid values:
enable
,disable
. - h3_
support str - HTTP3/QUIC support, default=Disable. Valid values:
enable
,disable
. - int
- Time in minutes that client web browsers should keep a cookie. Default is 60 minutes. 0 = no time limit.
- str
- Domain that HTTP cookie persistence should apply to.
- str
- Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values:
disable
,enable
. - int
- Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
- str
- Limit HTTP cookie persistence to the specified path.
- str
- Control sharing of cookies across API Gateway. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values:
disable
,same-ip
. - str
- Enable/disable verification that inserted HTTPS cookies are secure. Valid values:
disable
,enable
. - id int
- API Gateway ID.
- ldb_
method str - Method used to distribute sessions to real servers. Valid values:
static
,round-robin
,weighted
,first-alive
,http-host
. - persistence str
- Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values:
none
,http-cookie
. - quic
Accessproxy
Api Gateway Quic - QUIC setting. The structure of
quic
block is documented below. - realservers
Sequence[Accessproxy
Api Gateway Realserver] - Select the real servers that this Access Proxy will distribute traffic to. The structure of
realservers
block is documented below. - saml_
redirect str - Enable/disable SAML redirection after successful authentication. Valid values:
disable
,enable
. - saml_
server str - SAML service provider configuration for VIP authentication.
- service str
- Service.
- ssl_
algorithm str - Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values:
high
,medium
,low
. - ssl_
cipher_ Sequence[Accessproxysuites Api Gateway Ssl Cipher Suite] - SSL/TLS cipher suites to offer to a server, ordered by priority. The structure of
ssl_cipher_suites
block is documented below. - ssl_
dh_ strbits - Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values:
768
,1024
,1536
,2048
,3072
,4096
. - ssl_
max_ strversion - Highest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - ssl_
min_ strversion - Lowest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - ssl_
renegotiation str - Enable/disable secure renegotiation to comply with RFC 5746. Valid values:
enable
,disable
. - ssl_
vpn_ strweb_ portal - SSL-VPN web portal.
- url_
map str - URL pattern to match.
- url_
map_ strtype - Type of url-map. Valid values:
sub-string
,wildcard
,regex
. - virtual_
host str - Virtual host.
- applications List<Property Map>
- SaaS application controlled by this Access Proxy. The structure of
application
block is documented below. - h2Support String
- HTTP2 support, default=Enable. Valid values:
enable
,disable
. - h3Support String
- HTTP3/QUIC support, default=Disable. Valid values:
enable
,disable
. - Number
- Time in minutes that client web browsers should keep a cookie. Default is 60 minutes. 0 = no time limit.
- String
- Domain that HTTP cookie persistence should apply to.
- String
- Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values:
disable
,enable
. - Number
- Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
- String
- Limit HTTP cookie persistence to the specified path.
- String
- Control sharing of cookies across API Gateway. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values:
disable
,same-ip
. - String
- Enable/disable verification that inserted HTTPS cookies are secure. Valid values:
disable
,enable
. - id Number
- API Gateway ID.
- ldb
Method String - Method used to distribute sessions to real servers. Valid values:
static
,round-robin
,weighted
,first-alive
,http-host
. - persistence String
- Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values:
none
,http-cookie
. - quic Property Map
- QUIC setting. The structure of
quic
block is documented below. - realservers List<Property Map>
- Select the real servers that this Access Proxy will distribute traffic to. The structure of
realservers
block is documented below. - saml
Redirect String - Enable/disable SAML redirection after successful authentication. Valid values:
disable
,enable
. - saml
Server String - SAML service provider configuration for VIP authentication.
- service String
- Service.
- ssl
Algorithm String - Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values:
high
,medium
,low
. - ssl
Cipher List<Property Map>Suites - SSL/TLS cipher suites to offer to a server, ordered by priority. The structure of
ssl_cipher_suites
block is documented below. - ssl
Dh StringBits - Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values:
768
,1024
,1536
,2048
,3072
,4096
. - ssl
Max StringVersion - Highest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - ssl
Min StringVersion - Lowest SSL/TLS version acceptable from a server. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
. - ssl
Renegotiation String - Enable/disable secure renegotiation to comply with RFC 5746. Valid values:
enable
,disable
. - ssl
Vpn StringWeb Portal - SSL-VPN web portal.
- url
Map String - URL pattern to match.
- url
Map StringType - Type of url-map. Valid values:
sub-string
,wildcard
,regex
. - virtual
Host String - Virtual host.
AccessproxyApiGateway6, AccessproxyApiGateway6Args
- Applications
List<Pulumiverse.
Fortios. Firewall. Inputs. Accessproxy Api Gateway6Application> - H2Support string
- H3Support string
- int
- string
- string
- int
- string
- string
- string
- Id int
- an identifier for the resource with format {{name}}.
- Ldb
Method string - Persistence string
- Quic
Pulumiverse.
Fortios. Firewall. Inputs. Accessproxy Api Gateway6Quic - Realservers
List<Pulumiverse.
Fortios. Firewall. Inputs. Accessproxy Api Gateway6Realserver> - Saml
Redirect string - Saml
Server string - Service string
- Ssl
Algorithm string - Ssl
Cipher List<Pulumiverse.Suites Fortios. Firewall. Inputs. Accessproxy Api Gateway6Ssl Cipher Suite> - Ssl
Dh stringBits - Ssl
Max stringVersion - Ssl
Min stringVersion - Ssl
Renegotiation string - Ssl
Vpn stringWeb Portal - Url
Map string - Url
Map stringType - Virtual
Host string
- Applications
[]Accessproxy
Api Gateway6Application - H2Support string
- H3Support string
- int
- string
- string
- int
- string
- string
- string
- Id int
- an identifier for the resource with format {{name}}.
- Ldb
Method string - Persistence string
- Quic
Accessproxy
Api Gateway6Quic - Realservers
[]Accessproxy
Api Gateway6Realserver - Saml
Redirect string - Saml
Server string - Service string
- Ssl
Algorithm string - Ssl
Cipher []AccessproxySuites Api Gateway6Ssl Cipher Suite - Ssl
Dh stringBits - Ssl
Max stringVersion - Ssl
Min stringVersion - Ssl
Renegotiation string - Ssl
Vpn stringWeb Portal - Url
Map string - Url
Map stringType - Virtual
Host string
- applications
List<Accessproxy
Api Gateway6Application> - h2Support String
- h3Support String
- Integer
- String
- String
- Integer
- String
- String
- String
- id Integer
- an identifier for the resource with format {{name}}.
- ldb
Method String - persistence String
- quic
Accessproxy
Api Gateway6Quic - realservers
List<Accessproxy
Api Gateway6Realserver> - saml
Redirect String - saml
Server String - service String
- ssl
Algorithm String - ssl
Cipher List<AccessproxySuites Api Gateway6Ssl Cipher Suite> - ssl
Dh StringBits - ssl
Max StringVersion - ssl
Min StringVersion - ssl
Renegotiation String - ssl
Vpn StringWeb Portal - url
Map String - url
Map StringType - virtual
Host String
- applications
Accessproxy
Api Gateway6Application[] - h2Support string
- h3Support string
- number
- string
- string
- number
- string
- string
- string
- id number
- an identifier for the resource with format {{name}}.
- ldb
Method string - persistence string
- quic
Accessproxy
Api Gateway6Quic - realservers
Accessproxy
Api Gateway6Realserver[] - saml
Redirect string - saml
Server string - service string
- ssl
Algorithm string - ssl
Cipher AccessproxySuites Api Gateway6Ssl Cipher Suite[] - ssl
Dh stringBits - ssl
Max stringVersion - ssl
Min stringVersion - ssl
Renegotiation string - ssl
Vpn stringWeb Portal - url
Map string - url
Map stringType - virtual
Host string
- applications
Sequence[Accessproxy
Api Gateway6Application] - h2_
support str - h3_
support str - int
- str
- str
- int
- str
- str
- str
- id int
- an identifier for the resource with format {{name}}.
- ldb_
method str - persistence str
- quic
Accessproxy
Api Gateway6Quic - realservers
Sequence[Accessproxy
Api Gateway6Realserver] - saml_
redirect str - saml_
server str - service str
- ssl_
algorithm str - ssl_
cipher_ Sequence[Accessproxysuites Api Gateway6Ssl Cipher Suite] - ssl_
dh_ strbits - ssl_
max_ strversion - ssl_
min_ strversion - ssl_
renegotiation str - ssl_
vpn_ strweb_ portal - url_
map str - url_
map_ strtype - virtual_
host str
- applications List<Property Map>
- h2Support String
- h3Support String
- Number
- String
- String
- Number
- String
- String
- String
- id Number
- an identifier for the resource with format {{name}}.
- ldb
Method String - persistence String
- quic Property Map
- realservers List<Property Map>
- saml
Redirect String - saml
Server String - service String
- ssl
Algorithm String - ssl
Cipher List<Property Map>Suites - ssl
Dh StringBits - ssl
Max StringVersion - ssl
Min StringVersion - ssl
Renegotiation String - ssl
Vpn StringWeb Portal - url
Map String - url
Map StringType - virtual
Host String
AccessproxyApiGateway6Application, AccessproxyApiGateway6ApplicationArgs
- Name string
- SaaS application name.
- Name string
- SaaS application name.
- name String
- SaaS application name.
- name string
- SaaS application name.
- name str
- SaaS application name.
- name String
- SaaS application name.
AccessproxyApiGateway6Quic, AccessproxyApiGateway6QuicArgs
- Ack
Delay intExponent - ACK delay exponent (1 - 20, default = 3).
- Active
Connection intId Limit - Active connection ID limit (1 - 8, default = 2).
- Active
Migration string - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - Grease
Quic stringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - Max
Ack intDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- Max
Datagram intFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- Max
Idle intTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- Max
Udp intPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- Ack
Delay intExponent - ACK delay exponent (1 - 20, default = 3).
- Active
Connection intId Limit - Active connection ID limit (1 - 8, default = 2).
- Active
Migration string - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - Grease
Quic stringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - Max
Ack intDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- Max
Datagram intFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- Max
Idle intTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- Max
Udp intPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- ack
Delay IntegerExponent - ACK delay exponent (1 - 20, default = 3).
- active
Connection IntegerId Limit - Active connection ID limit (1 - 8, default = 2).
- active
Migration String - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - grease
Quic StringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - max
Ack IntegerDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- max
Datagram IntegerFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- max
Idle IntegerTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- max
Udp IntegerPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- ack
Delay numberExponent - ACK delay exponent (1 - 20, default = 3).
- active
Connection numberId Limit - Active connection ID limit (1 - 8, default = 2).
- active
Migration string - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - grease
Quic stringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - max
Ack numberDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- max
Datagram numberFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- max
Idle numberTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- max
Udp numberPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- ack_
delay_ intexponent - ACK delay exponent (1 - 20, default = 3).
- active_
connection_ intid_ limit - Active connection ID limit (1 - 8, default = 2).
- active_
migration str - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - grease_
quic_ strbit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - max_
ack_ intdelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- max_
datagram_ intframe_ size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- max_
idle_ inttimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- max_
udp_ intpayload_ size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- ack
Delay NumberExponent - ACK delay exponent (1 - 20, default = 3).
- active
Connection NumberId Limit - Active connection ID limit (1 - 8, default = 2).
- active
Migration String - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - grease
Quic StringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - max
Ack NumberDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- max
Datagram NumberFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- max
Idle NumberTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- max
Udp NumberPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
AccessproxyApiGateway6Realserver, AccessproxyApiGateway6RealserverArgs
- Addr
Type string - Type of address. Valid values:
ip
,fqdn
. - Address string
- Address or address group of the real server.
- Domain string
- Wildcard domain name of the real server.
- External
Auth string - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - Health
Check string - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - Health
Check stringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - Holddown
Interval string - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - Http
Host string - HTTP server domain name in HTTP header.
- Id int
- Real server ID.
- Ip string
- IPv6 address of the real server.
- Mappedport string
- Port for communicating with the real server.
- Port int
- Port for communicating with the real server.
- Ssh
Client stringCert - Set access-proxy SSH client certificate profile.
- Ssh
Host stringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - Ssh
Host List<Pulumiverse.Keys Fortios. Firewall. Inputs. Accessproxy Api Gateway6Realserver Ssh Host Key> - One or more server host key. The structure of
ssh_host_key
block is documented below. - Status string
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - Translate
Host string - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - Tunnel
Encryption string - Tunnel encryption. Valid values:
enable
,disable
. - Type string
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - Weight int
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- Addr
Type string - Type of address. Valid values:
ip
,fqdn
. - Address string
- Address or address group of the real server.
- Domain string
- Wildcard domain name of the real server.
- External
Auth string - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - Health
Check string - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - Health
Check stringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - Holddown
Interval string - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - Http
Host string - HTTP server domain name in HTTP header.
- Id int
- Real server ID.
- Ip string
- IPv6 address of the real server.
- Mappedport string
- Port for communicating with the real server.
- Port int
- Port for communicating with the real server.
- Ssh
Client stringCert - Set access-proxy SSH client certificate profile.
- Ssh
Host stringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - Ssh
Host []AccessproxyKeys Api Gateway6Realserver Ssh Host Key - One or more server host key. The structure of
ssh_host_key
block is documented below. - Status string
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - Translate
Host string - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - Tunnel
Encryption string - Tunnel encryption. Valid values:
enable
,disable
. - Type string
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - Weight int
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- addr
Type String - Type of address. Valid values:
ip
,fqdn
. - address String
- Address or address group of the real server.
- domain String
- Wildcard domain name of the real server.
- external
Auth String - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - health
Check String - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - health
Check StringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - holddown
Interval String - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - http
Host String - HTTP server domain name in HTTP header.
- id Integer
- Real server ID.
- ip String
- IPv6 address of the real server.
- mappedport String
- Port for communicating with the real server.
- port Integer
- Port for communicating with the real server.
- ssh
Client StringCert - Set access-proxy SSH client certificate profile.
- ssh
Host StringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - ssh
Host List<AccessproxyKeys Api Gateway6Realserver Ssh Host Key> - One or more server host key. The structure of
ssh_host_key
block is documented below. - status String
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - translate
Host String - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - tunnel
Encryption String - Tunnel encryption. Valid values:
enable
,disable
. - type String
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - weight Integer
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- addr
Type string - Type of address. Valid values:
ip
,fqdn
. - address string
- Address or address group of the real server.
- domain string
- Wildcard domain name of the real server.
- external
Auth string - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - health
Check string - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - health
Check stringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - holddown
Interval string - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - http
Host string - HTTP server domain name in HTTP header.
- id number
- Real server ID.
- ip string
- IPv6 address of the real server.
- mappedport string
- Port for communicating with the real server.
- port number
- Port for communicating with the real server.
- ssh
Client stringCert - Set access-proxy SSH client certificate profile.
- ssh
Host stringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - ssh
Host AccessproxyKeys Api Gateway6Realserver Ssh Host Key[] - One or more server host key. The structure of
ssh_host_key
block is documented below. - status string
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - translate
Host string - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - tunnel
Encryption string - Tunnel encryption. Valid values:
enable
,disable
. - type string
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - weight number
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- addr_
type str - Type of address. Valid values:
ip
,fqdn
. - address str
- Address or address group of the real server.
- domain str
- Wildcard domain name of the real server.
- external_
auth str - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - health_
check str - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - health_
check_ strproto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - holddown_
interval str - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - http_
host str - HTTP server domain name in HTTP header.
- id int
- Real server ID.
- ip str
- IPv6 address of the real server.
- mappedport str
- Port for communicating with the real server.
- port int
- Port for communicating with the real server.
- ssh_
client_ strcert - Set access-proxy SSH client certificate profile.
- ssh_
host_ strkey_ validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - ssh_
host_ Sequence[Accessproxykeys Api Gateway6Realserver Ssh Host Key] - One or more server host key. The structure of
ssh_host_key
block is documented below. - status str
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - translate_
host str - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - tunnel_
encryption str - Tunnel encryption. Valid values:
enable
,disable
. - type str
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - weight int
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- addr
Type String - Type of address. Valid values:
ip
,fqdn
. - address String
- Address or address group of the real server.
- domain String
- Wildcard domain name of the real server.
- external
Auth String - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - health
Check String - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - health
Check StringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - holddown
Interval String - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - http
Host String - HTTP server domain name in HTTP header.
- id Number
- Real server ID.
- ip String
- IPv6 address of the real server.
- mappedport String
- Port for communicating with the real server.
- port Number
- Port for communicating with the real server.
- ssh
Client StringCert - Set access-proxy SSH client certificate profile.
- ssh
Host StringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - ssh
Host List<Property Map>Keys - One or more server host key. The structure of
ssh_host_key
block is documented below. - status String
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - translate
Host String - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - tunnel
Encryption String - Tunnel encryption. Valid values:
enable
,disable
. - type String
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - weight Number
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
AccessproxyApiGateway6RealserverSshHostKey, AccessproxyApiGateway6RealserverSshHostKeyArgs
- Name string
- Server host key name.
- Name string
- Server host key name.
- name String
- Server host key name.
- name string
- Server host key name.
- name str
- Server host key name.
- name String
- Server host key name.
AccessproxyApiGateway6SslCipherSuite, AccessproxyApiGateway6SslCipherSuiteArgs
- Cipher string
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - Priority int
- SSL/TLS cipher suites priority.
- Versions string
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- Cipher string
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - Priority int
- SSL/TLS cipher suites priority.
- Versions string
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- cipher String
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - priority Integer
- SSL/TLS cipher suites priority.
- versions String
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- cipher string
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - priority number
- SSL/TLS cipher suites priority.
- versions string
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- cipher str
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - priority int
- SSL/TLS cipher suites priority.
- versions str
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- cipher String
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - priority Number
- SSL/TLS cipher suites priority.
- versions String
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
AccessproxyApiGatewayApplication, AccessproxyApiGatewayApplicationArgs
- Name string
- SaaS application name.
- Name string
- SaaS application name.
- name String
- SaaS application name.
- name string
- SaaS application name.
- name str
- SaaS application name.
- name String
- SaaS application name.
AccessproxyApiGatewayQuic, AccessproxyApiGatewayQuicArgs
- Ack
Delay intExponent - ACK delay exponent (1 - 20, default = 3).
- Active
Connection intId Limit - Active connection ID limit (1 - 8, default = 2).
- Active
Migration string - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - Grease
Quic stringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - Max
Ack intDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- Max
Datagram intFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- Max
Idle intTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- Max
Udp intPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- Ack
Delay intExponent - ACK delay exponent (1 - 20, default = 3).
- Active
Connection intId Limit - Active connection ID limit (1 - 8, default = 2).
- Active
Migration string - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - Grease
Quic stringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - Max
Ack intDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- Max
Datagram intFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- Max
Idle intTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- Max
Udp intPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- ack
Delay IntegerExponent - ACK delay exponent (1 - 20, default = 3).
- active
Connection IntegerId Limit - Active connection ID limit (1 - 8, default = 2).
- active
Migration String - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - grease
Quic StringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - max
Ack IntegerDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- max
Datagram IntegerFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- max
Idle IntegerTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- max
Udp IntegerPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- ack
Delay numberExponent - ACK delay exponent (1 - 20, default = 3).
- active
Connection numberId Limit - Active connection ID limit (1 - 8, default = 2).
- active
Migration string - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - grease
Quic stringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - max
Ack numberDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- max
Datagram numberFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- max
Idle numberTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- max
Udp numberPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- ack_
delay_ intexponent - ACK delay exponent (1 - 20, default = 3).
- active_
connection_ intid_ limit - Active connection ID limit (1 - 8, default = 2).
- active_
migration str - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - grease_
quic_ strbit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - max_
ack_ intdelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- max_
datagram_ intframe_ size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- max_
idle_ inttimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- max_
udp_ intpayload_ size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
- ack
Delay NumberExponent - ACK delay exponent (1 - 20, default = 3).
- active
Connection NumberId Limit - Active connection ID limit (1 - 8, default = 2).
- active
Migration String - Enable/disable active migration (default = disable). Valid values:
enable
,disable
. - grease
Quic StringBit - Enable/disable grease QUIC bit (default = enable). Valid values:
enable
,disable
. - max
Ack NumberDelay - Maximum ACK delay in milliseconds (1 - 16383, default = 25).
- max
Datagram NumberFrame Size - Maximum datagram frame size in bytes (1 - 1500, default = 1500).
- max
Idle NumberTimeout - Maximum idle timeout milliseconds (1 - 60000, default = 30000).
- max
Udp NumberPayload Size - Maximum UDP payload size in bytes (1200 - 1500, default = 1500).
AccessproxyApiGatewayRealserver, AccessproxyApiGatewayRealserverArgs
- Addr
Type string - Type of address. Valid values:
ip
,fqdn
. - Address string
- Address or address group of the real server.
- Domain string
- Wildcard domain name of the real server.
- External
Auth string - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - Health
Check string - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - Health
Check stringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - Holddown
Interval string - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - Http
Host string - HTTP server domain name in HTTP header.
- Id int
- Real server ID.
- Ip string
- IPv6 address of the real server.
- Mappedport string
- Port for communicating with the real server.
- Port int
- Port for communicating with the real server.
- Ssh
Client stringCert - Set access-proxy SSH client certificate profile.
- Ssh
Host stringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - Ssh
Host List<Pulumiverse.Keys Fortios. Firewall. Inputs. Accessproxy Api Gateway Realserver Ssh Host Key> - One or more server host key. The structure of
ssh_host_key
block is documented below. - Status string
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - Translate
Host string - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - Tunnel
Encryption string - Tunnel encryption. Valid values:
enable
,disable
. - Type string
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - Weight int
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- Addr
Type string - Type of address. Valid values:
ip
,fqdn
. - Address string
- Address or address group of the real server.
- Domain string
- Wildcard domain name of the real server.
- External
Auth string - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - Health
Check string - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - Health
Check stringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - Holddown
Interval string - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - Http
Host string - HTTP server domain name in HTTP header.
- Id int
- Real server ID.
- Ip string
- IPv6 address of the real server.
- Mappedport string
- Port for communicating with the real server.
- Port int
- Port for communicating with the real server.
- Ssh
Client stringCert - Set access-proxy SSH client certificate profile.
- Ssh
Host stringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - Ssh
Host []AccessproxyKeys Api Gateway Realserver Ssh Host Key - One or more server host key. The structure of
ssh_host_key
block is documented below. - Status string
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - Translate
Host string - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - Tunnel
Encryption string - Tunnel encryption. Valid values:
enable
,disable
. - Type string
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - Weight int
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- addr
Type String - Type of address. Valid values:
ip
,fqdn
. - address String
- Address or address group of the real server.
- domain String
- Wildcard domain name of the real server.
- external
Auth String - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - health
Check String - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - health
Check StringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - holddown
Interval String - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - http
Host String - HTTP server domain name in HTTP header.
- id Integer
- Real server ID.
- ip String
- IPv6 address of the real server.
- mappedport String
- Port for communicating with the real server.
- port Integer
- Port for communicating with the real server.
- ssh
Client StringCert - Set access-proxy SSH client certificate profile.
- ssh
Host StringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - ssh
Host List<AccessproxyKeys Api Gateway Realserver Ssh Host Key> - One or more server host key. The structure of
ssh_host_key
block is documented below. - status String
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - translate
Host String - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - tunnel
Encryption String - Tunnel encryption. Valid values:
enable
,disable
. - type String
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - weight Integer
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- addr
Type string - Type of address. Valid values:
ip
,fqdn
. - address string
- Address or address group of the real server.
- domain string
- Wildcard domain name of the real server.
- external
Auth string - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - health
Check string - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - health
Check stringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - holddown
Interval string - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - http
Host string - HTTP server domain name in HTTP header.
- id number
- Real server ID.
- ip string
- IPv6 address of the real server.
- mappedport string
- Port for communicating with the real server.
- port number
- Port for communicating with the real server.
- ssh
Client stringCert - Set access-proxy SSH client certificate profile.
- ssh
Host stringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - ssh
Host AccessproxyKeys Api Gateway Realserver Ssh Host Key[] - One or more server host key. The structure of
ssh_host_key
block is documented below. - status string
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - translate
Host string - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - tunnel
Encryption string - Tunnel encryption. Valid values:
enable
,disable
. - type string
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - weight number
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- addr_
type str - Type of address. Valid values:
ip
,fqdn
. - address str
- Address or address group of the real server.
- domain str
- Wildcard domain name of the real server.
- external_
auth str - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - health_
check str - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - health_
check_ strproto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - holddown_
interval str - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - http_
host str - HTTP server domain name in HTTP header.
- id int
- Real server ID.
- ip str
- IPv6 address of the real server.
- mappedport str
- Port for communicating with the real server.
- port int
- Port for communicating with the real server.
- ssh_
client_ strcert - Set access-proxy SSH client certificate profile.
- ssh_
host_ strkey_ validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - ssh_
host_ Sequence[Accessproxykeys Api Gateway Realserver Ssh Host Key] - One or more server host key. The structure of
ssh_host_key
block is documented below. - status str
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - translate_
host str - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - tunnel_
encryption str - Tunnel encryption. Valid values:
enable
,disable
. - type str
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - weight int
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
- addr
Type String - Type of address. Valid values:
ip
,fqdn
. - address String
- Address or address group of the real server.
- domain String
- Wildcard domain name of the real server.
- external
Auth String - Enable/disable use of external browser as user-agent for SAML user authentication. Valid values:
enable
,disable
. - health
Check String - Enable to check the responsiveness of the real server before forwarding traffic. Valid values:
disable
,enable
. - health
Check StringProto - Protocol of the health check monitor to use when polling to determine server's connectivity status. Valid values:
ping
,http
,tcp-connect
. - holddown
Interval String - Enable/disable holddown timer. Server will be considered active and reachable once the holddown period has expired (30 seconds). Valid values:
enable
,disable
. - http
Host String - HTTP server domain name in HTTP header.
- id Number
- Real server ID.
- ip String
- IPv6 address of the real server.
- mappedport String
- Port for communicating with the real server.
- port Number
- Port for communicating with the real server.
- ssh
Client StringCert - Set access-proxy SSH client certificate profile.
- ssh
Host StringKey Validation - Enable/disable SSH real server host key validation. Valid values:
disable
,enable
. - ssh
Host List<Property Map>Keys - One or more server host key. The structure of
ssh_host_key
block is documented below. - status String
- Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values:
active
,standby
,disable
. - translate
Host String - Enable/disable translation of hostname/IP from virtual server to real server. Valid values:
enable
,disable
. - tunnel
Encryption String - Tunnel encryption. Valid values:
enable
,disable
. - type String
- TCP forwarding server type. Valid values:
tcp-forwarding
,ssh
. - weight Number
- Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.
AccessproxyApiGatewayRealserverSshHostKey, AccessproxyApiGatewayRealserverSshHostKeyArgs
- Name string
- Server host key name.
- Name string
- Server host key name.
- name String
- Server host key name.
- name string
- Server host key name.
- name str
- Server host key name.
- name String
- Server host key name.
AccessproxyApiGatewaySslCipherSuite, AccessproxyApiGatewaySslCipherSuiteArgs
- Cipher string
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - Priority int
- SSL/TLS cipher suites priority.
- Versions string
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- Cipher string
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - Priority int
- SSL/TLS cipher suites priority.
- Versions string
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- cipher String
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - priority Integer
- SSL/TLS cipher suites priority.
- versions String
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- cipher string
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - priority number
- SSL/TLS cipher suites priority.
- versions string
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- cipher str
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - priority int
- SSL/TLS cipher suites priority.
- versions str
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
- cipher String
- Cipher suite name. Valid values:
TLS-AES-128-GCM-SHA256
,TLS-AES-256-GCM-SHA384
,TLS-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA
,TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
,TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA
,TLS-DHE-DSS-WITH-AES-128-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-128-GCM-SHA256
,TLS-DHE-DSS-WITH-AES-256-CBC-SHA256
,TLS-DHE-DSS-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA
,TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-AES-128-CBC-SHA
,TLS-RSA-WITH-AES-256-CBC-SHA
,TLS-RSA-WITH-AES-128-CBC-SHA256
,TLS-RSA-WITH-AES-128-GCM-SHA256
,TLS-RSA-WITH-AES-256-CBC-SHA256
,TLS-RSA-WITH-AES-256-GCM-SHA384
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA
,TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256
,TLS-DHE-RSA-WITH-SEED-CBC-SHA
,TLS-DHE-DSS-WITH-SEED-CBC-SHA
,TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256
,TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384
,TLS-RSA-WITH-SEED-CBC-SHA
,TLS-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256
,TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384
,TLS-ECDHE-RSA-WITH-RC4-128-SHA
,TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-3DES-EDE-CBC-SHA
,TLS-RSA-WITH-RC4-128-MD5
,TLS-RSA-WITH-RC4-128-SHA
,TLS-DHE-RSA-WITH-DES-CBC-SHA
,TLS-DHE-DSS-WITH-DES-CBC-SHA
,TLS-RSA-WITH-DES-CBC-SHA
. - priority Number
- SSL/TLS cipher suites priority.
- versions String
- SSL/TLS versions that the cipher suite can be used with. Valid values:
tls-1.0
,tls-1.1
,tls-1.2
,tls-1.3
.
Import
Firewall AccessProxy can be imported using any of these accepted formats:
$ pulumi import fortios:firewall/accessproxy:Accessproxy labelname {{name}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:firewall/accessproxy:Accessproxy labelname {{name}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.