fortios.firewall.Localinpolicy
Explore with Pulumi AI
Configure user defined IPv4 local-in policies.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";
const trname = new fortios.firewall.Localinpolicy("trname", {
action: "accept",
dstaddrs: [{
name: "all",
}],
haMgmtIntfOnly: "disable",
intf: "port4",
policyid: 1,
schedule: "always",
services: [{
name: "ALL",
}],
srcaddrs: [{
name: "all",
}],
status: "enable",
});
import pulumi
import pulumiverse_fortios as fortios
trname = fortios.firewall.Localinpolicy("trname",
action="accept",
dstaddrs=[fortios.firewall.LocalinpolicyDstaddrArgs(
name="all",
)],
ha_mgmt_intf_only="disable",
intf="port4",
policyid=1,
schedule="always",
services=[fortios.firewall.LocalinpolicyServiceArgs(
name="ALL",
)],
srcaddrs=[fortios.firewall.LocalinpolicySrcaddrArgs(
name="all",
)],
status="enable")
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/firewall"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := firewall.NewLocalinpolicy(ctx, "trname", &firewall.LocalinpolicyArgs{
Action: pulumi.String("accept"),
Dstaddrs: firewall.LocalinpolicyDstaddrArray{
&firewall.LocalinpolicyDstaddrArgs{
Name: pulumi.String("all"),
},
},
HaMgmtIntfOnly: pulumi.String("disable"),
Intf: pulumi.String("port4"),
Policyid: pulumi.Int(1),
Schedule: pulumi.String("always"),
Services: firewall.LocalinpolicyServiceArray{
&firewall.LocalinpolicyServiceArgs{
Name: pulumi.String("ALL"),
},
},
Srcaddrs: firewall.LocalinpolicySrcaddrArray{
&firewall.LocalinpolicySrcaddrArgs{
Name: pulumi.String("all"),
},
},
Status: pulumi.String("enable"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;
return await Deployment.RunAsync(() =>
{
var trname = new Fortios.Firewall.Localinpolicy("trname", new()
{
Action = "accept",
Dstaddrs = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyDstaddrArgs
{
Name = "all",
},
},
HaMgmtIntfOnly = "disable",
Intf = "port4",
Policyid = 1,
Schedule = "always",
Services = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyServiceArgs
{
Name = "ALL",
},
},
Srcaddrs = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicySrcaddrArgs
{
Name = "all",
},
},
Status = "enable",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.firewall.Localinpolicy;
import com.pulumi.fortios.firewall.LocalinpolicyArgs;
import com.pulumi.fortios.firewall.inputs.LocalinpolicyDstaddrArgs;
import com.pulumi.fortios.firewall.inputs.LocalinpolicyServiceArgs;
import com.pulumi.fortios.firewall.inputs.LocalinpolicySrcaddrArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var trname = new Localinpolicy("trname", LocalinpolicyArgs.builder()
.action("accept")
.dstaddrs(LocalinpolicyDstaddrArgs.builder()
.name("all")
.build())
.haMgmtIntfOnly("disable")
.intf("port4")
.policyid(1)
.schedule("always")
.services(LocalinpolicyServiceArgs.builder()
.name("ALL")
.build())
.srcaddrs(LocalinpolicySrcaddrArgs.builder()
.name("all")
.build())
.status("enable")
.build());
}
}
resources:
trname:
type: fortios:firewall:Localinpolicy
properties:
action: accept
dstaddrs:
- name: all
haMgmtIntfOnly: disable
intf: port4
policyid: 1
schedule: always
services:
- name: ALL
srcaddrs:
- name: all
status: enable
Create Localinpolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Localinpolicy(name: string, args: LocalinpolicyArgs, opts?: CustomResourceOptions);
@overload
def Localinpolicy(resource_name: str,
args: LocalinpolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Localinpolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
dstaddrs: Optional[Sequence[LocalinpolicyDstaddrArgs]] = None,
srcaddrs: Optional[Sequence[LocalinpolicySrcaddrArgs]] = None,
schedule: Optional[str] = None,
internet_service_src_negate: Optional[str] = None,
intf_blocks: Optional[Sequence[LocalinpolicyIntfBlockArgs]] = None,
get_all_tables: Optional[str] = None,
ha_mgmt_intf_only: Optional[str] = None,
internet_service_src: Optional[str] = None,
internet_service_src_custom_groups: Optional[Sequence[LocalinpolicyInternetServiceSrcCustomGroupArgs]] = None,
internet_service_src_customs: Optional[Sequence[LocalinpolicyInternetServiceSrcCustomArgs]] = None,
internet_service_src_groups: Optional[Sequence[LocalinpolicyInternetServiceSrcGroupArgs]] = None,
internet_service_src_names: Optional[Sequence[LocalinpolicyInternetServiceSrcNameArgs]] = None,
action: Optional[str] = None,
intf: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
policyid: Optional[int] = None,
dstaddr_negate: Optional[str] = None,
service_negate: Optional[str] = None,
services: Optional[Sequence[LocalinpolicyServiceArgs]] = None,
srcaddr_negate: Optional[str] = None,
comments: Optional[str] = None,
status: Optional[str] = None,
uuid: Optional[str] = None,
vdomparam: Optional[str] = None,
virtual_patch: Optional[str] = None)
func NewLocalinpolicy(ctx *Context, name string, args LocalinpolicyArgs, opts ...ResourceOption) (*Localinpolicy, error)
public Localinpolicy(string name, LocalinpolicyArgs args, CustomResourceOptions? opts = null)
public Localinpolicy(String name, LocalinpolicyArgs args)
public Localinpolicy(String name, LocalinpolicyArgs args, CustomResourceOptions options)
type: fortios:firewall:Localinpolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args LocalinpolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LocalinpolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LocalinpolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LocalinpolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LocalinpolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var localinpolicyResource = new Fortios.Firewall.Localinpolicy("localinpolicyResource", new()
{
Dstaddrs = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyDstaddrArgs
{
Name = "string",
},
},
Srcaddrs = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicySrcaddrArgs
{
Name = "string",
},
},
Schedule = "string",
InternetServiceSrcNegate = "string",
IntfBlocks = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyIntfBlockArgs
{
Name = "string",
},
},
GetAllTables = "string",
HaMgmtIntfOnly = "string",
InternetServiceSrc = "string",
InternetServiceSrcCustomGroups = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcCustomGroupArgs
{
Name = "string",
},
},
InternetServiceSrcCustoms = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcCustomArgs
{
Name = "string",
},
},
InternetServiceSrcGroups = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcGroupArgs
{
Name = "string",
},
},
InternetServiceSrcNames = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcNameArgs
{
Name = "string",
},
},
Action = "string",
Intf = "string",
DynamicSortSubtable = "string",
Policyid = 0,
DstaddrNegate = "string",
ServiceNegate = "string",
Services = new[]
{
new Fortios.Firewall.Inputs.LocalinpolicyServiceArgs
{
Name = "string",
},
},
SrcaddrNegate = "string",
Comments = "string",
Status = "string",
Uuid = "string",
Vdomparam = "string",
VirtualPatch = "string",
});
example, err := firewall.NewLocalinpolicy(ctx, "localinpolicyResource", &firewall.LocalinpolicyArgs{
Dstaddrs: firewall.LocalinpolicyDstaddrArray{
&firewall.LocalinpolicyDstaddrArgs{
Name: pulumi.String("string"),
},
},
Srcaddrs: firewall.LocalinpolicySrcaddrArray{
&firewall.LocalinpolicySrcaddrArgs{
Name: pulumi.String("string"),
},
},
Schedule: pulumi.String("string"),
InternetServiceSrcNegate: pulumi.String("string"),
IntfBlocks: firewall.LocalinpolicyIntfBlockArray{
&firewall.LocalinpolicyIntfBlockArgs{
Name: pulumi.String("string"),
},
},
GetAllTables: pulumi.String("string"),
HaMgmtIntfOnly: pulumi.String("string"),
InternetServiceSrc: pulumi.String("string"),
InternetServiceSrcCustomGroups: firewall.LocalinpolicyInternetServiceSrcCustomGroupArray{
&firewall.LocalinpolicyInternetServiceSrcCustomGroupArgs{
Name: pulumi.String("string"),
},
},
InternetServiceSrcCustoms: firewall.LocalinpolicyInternetServiceSrcCustomArray{
&firewall.LocalinpolicyInternetServiceSrcCustomArgs{
Name: pulumi.String("string"),
},
},
InternetServiceSrcGroups: firewall.LocalinpolicyInternetServiceSrcGroupArray{
&firewall.LocalinpolicyInternetServiceSrcGroupArgs{
Name: pulumi.String("string"),
},
},
InternetServiceSrcNames: firewall.LocalinpolicyInternetServiceSrcNameArray{
&firewall.LocalinpolicyInternetServiceSrcNameArgs{
Name: pulumi.String("string"),
},
},
Action: pulumi.String("string"),
Intf: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
Policyid: pulumi.Int(0),
DstaddrNegate: pulumi.String("string"),
ServiceNegate: pulumi.String("string"),
Services: firewall.LocalinpolicyServiceArray{
&firewall.LocalinpolicyServiceArgs{
Name: pulumi.String("string"),
},
},
SrcaddrNegate: pulumi.String("string"),
Comments: pulumi.String("string"),
Status: pulumi.String("string"),
Uuid: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
VirtualPatch: pulumi.String("string"),
})
var localinpolicyResource = new Localinpolicy("localinpolicyResource", LocalinpolicyArgs.builder()
.dstaddrs(LocalinpolicyDstaddrArgs.builder()
.name("string")
.build())
.srcaddrs(LocalinpolicySrcaddrArgs.builder()
.name("string")
.build())
.schedule("string")
.internetServiceSrcNegate("string")
.intfBlocks(LocalinpolicyIntfBlockArgs.builder()
.name("string")
.build())
.getAllTables("string")
.haMgmtIntfOnly("string")
.internetServiceSrc("string")
.internetServiceSrcCustomGroups(LocalinpolicyInternetServiceSrcCustomGroupArgs.builder()
.name("string")
.build())
.internetServiceSrcCustoms(LocalinpolicyInternetServiceSrcCustomArgs.builder()
.name("string")
.build())
.internetServiceSrcGroups(LocalinpolicyInternetServiceSrcGroupArgs.builder()
.name("string")
.build())
.internetServiceSrcNames(LocalinpolicyInternetServiceSrcNameArgs.builder()
.name("string")
.build())
.action("string")
.intf("string")
.dynamicSortSubtable("string")
.policyid(0)
.dstaddrNegate("string")
.serviceNegate("string")
.services(LocalinpolicyServiceArgs.builder()
.name("string")
.build())
.srcaddrNegate("string")
.comments("string")
.status("string")
.uuid("string")
.vdomparam("string")
.virtualPatch("string")
.build());
localinpolicy_resource = fortios.firewall.Localinpolicy("localinpolicyResource",
dstaddrs=[{
"name": "string",
}],
srcaddrs=[{
"name": "string",
}],
schedule="string",
internet_service_src_negate="string",
intf_blocks=[{
"name": "string",
}],
get_all_tables="string",
ha_mgmt_intf_only="string",
internet_service_src="string",
internet_service_src_custom_groups=[{
"name": "string",
}],
internet_service_src_customs=[{
"name": "string",
}],
internet_service_src_groups=[{
"name": "string",
}],
internet_service_src_names=[{
"name": "string",
}],
action="string",
intf="string",
dynamic_sort_subtable="string",
policyid=0,
dstaddr_negate="string",
service_negate="string",
services=[{
"name": "string",
}],
srcaddr_negate="string",
comments="string",
status="string",
uuid="string",
vdomparam="string",
virtual_patch="string")
const localinpolicyResource = new fortios.firewall.Localinpolicy("localinpolicyResource", {
dstaddrs: [{
name: "string",
}],
srcaddrs: [{
name: "string",
}],
schedule: "string",
internetServiceSrcNegate: "string",
intfBlocks: [{
name: "string",
}],
getAllTables: "string",
haMgmtIntfOnly: "string",
internetServiceSrc: "string",
internetServiceSrcCustomGroups: [{
name: "string",
}],
internetServiceSrcCustoms: [{
name: "string",
}],
internetServiceSrcGroups: [{
name: "string",
}],
internetServiceSrcNames: [{
name: "string",
}],
action: "string",
intf: "string",
dynamicSortSubtable: "string",
policyid: 0,
dstaddrNegate: "string",
serviceNegate: "string",
services: [{
name: "string",
}],
srcaddrNegate: "string",
comments: "string",
status: "string",
uuid: "string",
vdomparam: "string",
virtualPatch: "string",
});
type: fortios:firewall:Localinpolicy
properties:
action: string
comments: string
dstaddrNegate: string
dstaddrs:
- name: string
dynamicSortSubtable: string
getAllTables: string
haMgmtIntfOnly: string
internetServiceSrc: string
internetServiceSrcCustomGroups:
- name: string
internetServiceSrcCustoms:
- name: string
internetServiceSrcGroups:
- name: string
internetServiceSrcNames:
- name: string
internetServiceSrcNegate: string
intf: string
intfBlocks:
- name: string
policyid: 0
schedule: string
serviceNegate: string
services:
- name: string
srcaddrNegate: string
srcaddrs:
- name: string
status: string
uuid: string
vdomparam: string
virtualPatch: string
Localinpolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Localinpolicy resource accepts the following input properties:
- Dstaddrs
List<Pulumiverse.
Fortios. Firewall. Inputs. Localinpolicy Dstaddr> - Destination address object from available options. The structure of
dstaddr
block is documented below. - Schedule string
- Schedule object from available options.
- Srcaddrs
List<Pulumiverse.
Fortios. Firewall. Inputs. Localinpolicy Srcaddr> - Source address object from available options. The structure of
srcaddr
block is documented below. - Action string
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - Comments string
- Comment.
- Dstaddr
Negate string - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Ha
Mgmt stringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - Internet
Service stringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - Internet
Service List<Pulumiverse.Src Custom Groups Fortios. Firewall. Inputs. Localinpolicy Internet Service Src Custom Group> - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - Internet
Service List<Pulumiverse.Src Customs Fortios. Firewall. Inputs. Localinpolicy Internet Service Src Custom> - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - Internet
Service List<Pulumiverse.Src Groups Fortios. Firewall. Inputs. Localinpolicy Internet Service Src Group> - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - Internet
Service List<Pulumiverse.Src Names Fortios. Firewall. Inputs. Localinpolicy Internet Service Src Name> - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - Internet
Service stringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - Intf string
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - Intf
Blocks List<Pulumiverse.Fortios. Firewall. Inputs. Localinpolicy Intf Block> - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - Policyid int
- User defined local in policy ID.
- Service
Negate string - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - Services
List<Pulumiverse.
Fortios. Firewall. Inputs. Localinpolicy Service> - Service object from available options. The structure of
service
block is documented below. - Srcaddr
Negate string - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - Status string
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - Uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Virtual
Patch string - Enable/disable virtual patching. Valid values:
enable
,disable
.
- Dstaddrs
[]Localinpolicy
Dstaddr Args - Destination address object from available options. The structure of
dstaddr
block is documented below. - Schedule string
- Schedule object from available options.
- Srcaddrs
[]Localinpolicy
Srcaddr Args - Source address object from available options. The structure of
srcaddr
block is documented below. - Action string
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - Comments string
- Comment.
- Dstaddr
Negate string - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Ha
Mgmt stringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - Internet
Service stringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - Internet
Service []LocalinpolicySrc Custom Groups Internet Service Src Custom Group Args - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - Internet
Service []LocalinpolicySrc Customs Internet Service Src Custom Args - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - Internet
Service []LocalinpolicySrc Groups Internet Service Src Group Args - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - Internet
Service []LocalinpolicySrc Names Internet Service Src Name Args - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - Internet
Service stringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - Intf string
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - Intf
Blocks []LocalinpolicyIntf Block Args - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - Policyid int
- User defined local in policy ID.
- Service
Negate string - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - Services
[]Localinpolicy
Service Args - Service object from available options. The structure of
service
block is documented below. - Srcaddr
Negate string - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - Status string
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - Uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Virtual
Patch string - Enable/disable virtual patching. Valid values:
enable
,disable
.
- dstaddrs
List<Localinpolicy
Dstaddr> - Destination address object from available options. The structure of
dstaddr
block is documented below. - schedule String
- Schedule object from available options.
- srcaddrs
List<Localinpolicy
Srcaddr> - Source address object from available options. The structure of
srcaddr
block is documented below. - action String
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - comments String
- Comment.
- dstaddr
Negate String - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ha
Mgmt StringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - internet
Service StringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - internet
Service List<LocalinpolicySrc Custom Groups Internet Service Src Custom Group> - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - internet
Service List<LocalinpolicySrc Customs Internet Service Src Custom> - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - internet
Service List<LocalinpolicySrc Groups Internet Service Src Group> - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - internet
Service List<LocalinpolicySrc Names Internet Service Src Name> - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - internet
Service StringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - intf String
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - intf
Blocks List<LocalinpolicyIntf Block> - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - policyid Integer
- User defined local in policy ID.
- service
Negate String - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - services
List<Localinpolicy
Service> - Service object from available options. The structure of
service
block is documented below. - srcaddr
Negate String - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - status String
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - uuid String
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- virtual
Patch String - Enable/disable virtual patching. Valid values:
enable
,disable
.
- dstaddrs
Localinpolicy
Dstaddr[] - Destination address object from available options. The structure of
dstaddr
block is documented below. - schedule string
- Schedule object from available options.
- srcaddrs
Localinpolicy
Srcaddr[] - Source address object from available options. The structure of
srcaddr
block is documented below. - action string
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - comments string
- Comment.
- dstaddr
Negate string - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ha
Mgmt stringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - internet
Service stringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - internet
Service LocalinpolicySrc Custom Groups Internet Service Src Custom Group[] - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - internet
Service LocalinpolicySrc Customs Internet Service Src Custom[] - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - internet
Service LocalinpolicySrc Groups Internet Service Src Group[] - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - internet
Service LocalinpolicySrc Names Internet Service Src Name[] - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - internet
Service stringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - intf string
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - intf
Blocks LocalinpolicyIntf Block[] - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - policyid number
- User defined local in policy ID.
- service
Negate string - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - services
Localinpolicy
Service[] - Service object from available options. The structure of
service
block is documented below. - srcaddr
Negate string - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - status string
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- virtual
Patch string - Enable/disable virtual patching. Valid values:
enable
,disable
.
- dstaddrs
Sequence[Localinpolicy
Dstaddr Args] - Destination address object from available options. The structure of
dstaddr
block is documented below. - schedule str
- Schedule object from available options.
- srcaddrs
Sequence[Localinpolicy
Srcaddr Args] - Source address object from available options. The structure of
srcaddr
block is documented below. - action str
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - comments str
- Comment.
- dstaddr_
negate str - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ha_
mgmt_ strintf_ only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - internet_
service_ strsrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - internet_
service_ Sequence[Localinpolicysrc_ custom_ groups Internet Service Src Custom Group Args] - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - internet_
service_ Sequence[Localinpolicysrc_ customs Internet Service Src Custom Args] - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - internet_
service_ Sequence[Localinpolicysrc_ groups Internet Service Src Group Args] - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - internet_
service_ Sequence[Localinpolicysrc_ names Internet Service Src Name Args] - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - internet_
service_ strsrc_ negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - intf str
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - intf_
blocks Sequence[LocalinpolicyIntf Block Args] - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - policyid int
- User defined local in policy ID.
- service_
negate str - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - services
Sequence[Localinpolicy
Service Args] - Service object from available options. The structure of
service
block is documented below. - srcaddr_
negate str - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - status str
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - uuid str
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- virtual_
patch str - Enable/disable virtual patching. Valid values:
enable
,disable
.
- dstaddrs List<Property Map>
- Destination address object from available options. The structure of
dstaddr
block is documented below. - schedule String
- Schedule object from available options.
- srcaddrs List<Property Map>
- Source address object from available options. The structure of
srcaddr
block is documented below. - action String
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - comments String
- Comment.
- dstaddr
Negate String - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ha
Mgmt StringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - internet
Service StringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - internet
Service List<Property Map>Src Custom Groups - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - internet
Service List<Property Map>Src Customs - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - internet
Service List<Property Map>Src Groups - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - internet
Service List<Property Map>Src Names - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - internet
Service StringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - intf String
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - intf
Blocks List<Property Map> - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - policyid Number
- User defined local in policy ID.
- service
Negate String - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - services List<Property Map>
- Service object from available options. The structure of
service
block is documented below. - srcaddr
Negate String - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - status String
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - uuid String
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- virtual
Patch String - Enable/disable virtual patching. Valid values:
enable
,disable
.
Outputs
All input properties are implicitly available as output properties. Additionally, the Localinpolicy resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Localinpolicy Resource
Get an existing Localinpolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LocalinpolicyState, opts?: CustomResourceOptions): Localinpolicy
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
comments: Optional[str] = None,
dstaddr_negate: Optional[str] = None,
dstaddrs: Optional[Sequence[LocalinpolicyDstaddrArgs]] = None,
dynamic_sort_subtable: Optional[str] = None,
get_all_tables: Optional[str] = None,
ha_mgmt_intf_only: Optional[str] = None,
internet_service_src: Optional[str] = None,
internet_service_src_custom_groups: Optional[Sequence[LocalinpolicyInternetServiceSrcCustomGroupArgs]] = None,
internet_service_src_customs: Optional[Sequence[LocalinpolicyInternetServiceSrcCustomArgs]] = None,
internet_service_src_groups: Optional[Sequence[LocalinpolicyInternetServiceSrcGroupArgs]] = None,
internet_service_src_names: Optional[Sequence[LocalinpolicyInternetServiceSrcNameArgs]] = None,
internet_service_src_negate: Optional[str] = None,
intf: Optional[str] = None,
intf_blocks: Optional[Sequence[LocalinpolicyIntfBlockArgs]] = None,
policyid: Optional[int] = None,
schedule: Optional[str] = None,
service_negate: Optional[str] = None,
services: Optional[Sequence[LocalinpolicyServiceArgs]] = None,
srcaddr_negate: Optional[str] = None,
srcaddrs: Optional[Sequence[LocalinpolicySrcaddrArgs]] = None,
status: Optional[str] = None,
uuid: Optional[str] = None,
vdomparam: Optional[str] = None,
virtual_patch: Optional[str] = None) -> Localinpolicy
func GetLocalinpolicy(ctx *Context, name string, id IDInput, state *LocalinpolicyState, opts ...ResourceOption) (*Localinpolicy, error)
public static Localinpolicy Get(string name, Input<string> id, LocalinpolicyState? state, CustomResourceOptions? opts = null)
public static Localinpolicy get(String name, Output<String> id, LocalinpolicyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action string
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - Comments string
- Comment.
- Dstaddr
Negate string - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - Dstaddrs
List<Pulumiverse.
Fortios. Firewall. Inputs. Localinpolicy Dstaddr> - Destination address object from available options. The structure of
dstaddr
block is documented below. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Ha
Mgmt stringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - Internet
Service stringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - Internet
Service List<Pulumiverse.Src Custom Groups Fortios. Firewall. Inputs. Localinpolicy Internet Service Src Custom Group> - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - Internet
Service List<Pulumiverse.Src Customs Fortios. Firewall. Inputs. Localinpolicy Internet Service Src Custom> - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - Internet
Service List<Pulumiverse.Src Groups Fortios. Firewall. Inputs. Localinpolicy Internet Service Src Group> - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - Internet
Service List<Pulumiverse.Src Names Fortios. Firewall. Inputs. Localinpolicy Internet Service Src Name> - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - Internet
Service stringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - Intf string
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - Intf
Blocks List<Pulumiverse.Fortios. Firewall. Inputs. Localinpolicy Intf Block> - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - Policyid int
- User defined local in policy ID.
- Schedule string
- Schedule object from available options.
- Service
Negate string - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - Services
List<Pulumiverse.
Fortios. Firewall. Inputs. Localinpolicy Service> - Service object from available options. The structure of
service
block is documented below. - Srcaddr
Negate string - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - Srcaddrs
List<Pulumiverse.
Fortios. Firewall. Inputs. Localinpolicy Srcaddr> - Source address object from available options. The structure of
srcaddr
block is documented below. - Status string
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - Uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Virtual
Patch string - Enable/disable virtual patching. Valid values:
enable
,disable
.
- Action string
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - Comments string
- Comment.
- Dstaddr
Negate string - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - Dstaddrs
[]Localinpolicy
Dstaddr Args - Destination address object from available options. The structure of
dstaddr
block is documented below. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Ha
Mgmt stringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - Internet
Service stringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - Internet
Service []LocalinpolicySrc Custom Groups Internet Service Src Custom Group Args - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - Internet
Service []LocalinpolicySrc Customs Internet Service Src Custom Args - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - Internet
Service []LocalinpolicySrc Groups Internet Service Src Group Args - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - Internet
Service []LocalinpolicySrc Names Internet Service Src Name Args - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - Internet
Service stringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - Intf string
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - Intf
Blocks []LocalinpolicyIntf Block Args - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - Policyid int
- User defined local in policy ID.
- Schedule string
- Schedule object from available options.
- Service
Negate string - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - Services
[]Localinpolicy
Service Args - Service object from available options. The structure of
service
block is documented below. - Srcaddr
Negate string - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - Srcaddrs
[]Localinpolicy
Srcaddr Args - Source address object from available options. The structure of
srcaddr
block is documented below. - Status string
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - Uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Virtual
Patch string - Enable/disable virtual patching. Valid values:
enable
,disable
.
- action String
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - comments String
- Comment.
- dstaddr
Negate String - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - dstaddrs
List<Localinpolicy
Dstaddr> - Destination address object from available options. The structure of
dstaddr
block is documented below. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ha
Mgmt StringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - internet
Service StringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - internet
Service List<LocalinpolicySrc Custom Groups Internet Service Src Custom Group> - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - internet
Service List<LocalinpolicySrc Customs Internet Service Src Custom> - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - internet
Service List<LocalinpolicySrc Groups Internet Service Src Group> - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - internet
Service List<LocalinpolicySrc Names Internet Service Src Name> - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - internet
Service StringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - intf String
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - intf
Blocks List<LocalinpolicyIntf Block> - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - policyid Integer
- User defined local in policy ID.
- schedule String
- Schedule object from available options.
- service
Negate String - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - services
List<Localinpolicy
Service> - Service object from available options. The structure of
service
block is documented below. - srcaddr
Negate String - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - srcaddrs
List<Localinpolicy
Srcaddr> - Source address object from available options. The structure of
srcaddr
block is documented below. - status String
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - uuid String
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- virtual
Patch String - Enable/disable virtual patching. Valid values:
enable
,disable
.
- action string
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - comments string
- Comment.
- dstaddr
Negate string - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - dstaddrs
Localinpolicy
Dstaddr[] - Destination address object from available options. The structure of
dstaddr
block is documented below. - dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ha
Mgmt stringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - internet
Service stringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - internet
Service LocalinpolicySrc Custom Groups Internet Service Src Custom Group[] - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - internet
Service LocalinpolicySrc Customs Internet Service Src Custom[] - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - internet
Service LocalinpolicySrc Groups Internet Service Src Group[] - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - internet
Service LocalinpolicySrc Names Internet Service Src Name[] - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - internet
Service stringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - intf string
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - intf
Blocks LocalinpolicyIntf Block[] - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - policyid number
- User defined local in policy ID.
- schedule string
- Schedule object from available options.
- service
Negate string - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - services
Localinpolicy
Service[] - Service object from available options. The structure of
service
block is documented below. - srcaddr
Negate string - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - srcaddrs
Localinpolicy
Srcaddr[] - Source address object from available options. The structure of
srcaddr
block is documented below. - status string
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - uuid string
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- virtual
Patch string - Enable/disable virtual patching. Valid values:
enable
,disable
.
- action str
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - comments str
- Comment.
- dstaddr_
negate str - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - dstaddrs
Sequence[Localinpolicy
Dstaddr Args] - Destination address object from available options. The structure of
dstaddr
block is documented below. - dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ha_
mgmt_ strintf_ only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - internet_
service_ strsrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - internet_
service_ Sequence[Localinpolicysrc_ custom_ groups Internet Service Src Custom Group Args] - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - internet_
service_ Sequence[Localinpolicysrc_ customs Internet Service Src Custom Args] - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - internet_
service_ Sequence[Localinpolicysrc_ groups Internet Service Src Group Args] - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - internet_
service_ Sequence[Localinpolicysrc_ names Internet Service Src Name Args] - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - internet_
service_ strsrc_ negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - intf str
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - intf_
blocks Sequence[LocalinpolicyIntf Block Args] - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - policyid int
- User defined local in policy ID.
- schedule str
- Schedule object from available options.
- service_
negate str - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - services
Sequence[Localinpolicy
Service Args] - Service object from available options. The structure of
service
block is documented below. - srcaddr_
negate str - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - srcaddrs
Sequence[Localinpolicy
Srcaddr Args] - Source address object from available options. The structure of
srcaddr
block is documented below. - status str
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - uuid str
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- virtual_
patch str - Enable/disable virtual patching. Valid values:
enable
,disable
.
- action String
- Action performed on traffic matching the policy (default = deny). Valid values:
accept
,deny
. - comments String
- Comment.
- dstaddr
Negate String - When enabled dstaddr specifies what the destination address must NOT be. Valid values:
enable
,disable
. - dstaddrs List<Property Map>
- Destination address object from available options. The structure of
dstaddr
block is documented below. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- ha
Mgmt StringIntf Only - Enable/disable dedicating the HA management interface only for local-in policy. Valid values:
enable
,disable
. - internet
Service StringSrc - Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values:
enable
,disable
. - internet
Service List<Property Map>Src Custom Groups - Custom Internet Service source group name. The structure of
internet_service_src_custom_group
block is documented below. - internet
Service List<Property Map>Src Customs - Custom Internet Service source name. The structure of
internet_service_src_custom
block is documented below. - internet
Service List<Property Map>Src Groups - Internet Service source group name. The structure of
internet_service_src_group
block is documented below. - internet
Service List<Property Map>Src Names - Internet Service source name. The structure of
internet_service_src_name
block is documented below. - internet
Service StringSrc Negate - When enabled internet-service-src specifies what the service must NOT be. Valid values:
enable
,disable
. - intf String
- Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf_block
. - intf
Blocks List<Property Map> - Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable
intf
. The structure ofintf_block
block is documented below. - policyid Number
- User defined local in policy ID.
- schedule String
- Schedule object from available options.
- service
Negate String - When enabled service specifies what the service must NOT be. Valid values:
enable
,disable
. - services List<Property Map>
- Service object from available options. The structure of
service
block is documented below. - srcaddr
Negate String - When enabled srcaddr specifies what the source address must NOT be. Valid values:
enable
,disable
. - srcaddrs List<Property Map>
- Source address object from available options. The structure of
srcaddr
block is documented below. - status String
- Enable/disable this local-in policy. Valid values:
enable
,disable
. - uuid String
- Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- virtual
Patch String - Enable/disable virtual patching. Valid values:
enable
,disable
.
Supporting Types
LocalinpolicyDstaddr, LocalinpolicyDstaddrArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
LocalinpolicyInternetServiceSrcCustom, LocalinpolicyInternetServiceSrcCustomArgs
- Name string
- Custom Internet Service name.
- Name string
- Custom Internet Service name.
- name String
- Custom Internet Service name.
- name string
- Custom Internet Service name.
- name str
- Custom Internet Service name.
- name String
- Custom Internet Service name.
LocalinpolicyInternetServiceSrcCustomGroup, LocalinpolicyInternetServiceSrcCustomGroupArgs
- Name string
- Custom Internet Service group name.
- Name string
- Custom Internet Service group name.
- name String
- Custom Internet Service group name.
- name string
- Custom Internet Service group name.
- name str
- Custom Internet Service group name.
- name String
- Custom Internet Service group name.
LocalinpolicyInternetServiceSrcGroup, LocalinpolicyInternetServiceSrcGroupArgs
- Name string
- Internet Service group name.
- Name string
- Internet Service group name.
- name String
- Internet Service group name.
- name string
- Internet Service group name.
- name str
- Internet Service group name.
- name String
- Internet Service group name.
LocalinpolicyInternetServiceSrcName, LocalinpolicyInternetServiceSrcNameArgs
- Name string
- Internet Service name.
- Name string
- Internet Service name.
- name String
- Internet Service name.
- name string
- Internet Service name.
- name str
- Internet Service name.
- name String
- Internet Service name.
LocalinpolicyIntfBlock, LocalinpolicyIntfBlockArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
LocalinpolicyService, LocalinpolicyServiceArgs
- Name string
- Service name.
- Name string
- Service name.
- name String
- Service name.
- name string
- Service name.
- name str
- Service name.
- name String
- Service name.
LocalinpolicySrcaddr, LocalinpolicySrcaddrArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
Import
Firewall LocalInPolicy can be imported using any of these accepted formats:
$ pulumi import fortios:firewall/localinpolicy:Localinpolicy labelname {{policyid}}
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:firewall/localinpolicy:Localinpolicy labelname {{policyid}}
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.