1. Packages
  2. Fortios
  3. API Docs
  4. firewall
  5. Localinpolicy
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.firewall.Localinpolicy

Explore with Pulumi AI

fortios logo
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

    Configure user defined IPv4 local-in policies.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as fortios from "@pulumiverse/fortios";
    
    const trname = new fortios.firewall.Localinpolicy("trname", {
        action: "accept",
        dstaddrs: [{
            name: "all",
        }],
        haMgmtIntfOnly: "disable",
        intf: "port4",
        policyid: 1,
        schedule: "always",
        services: [{
            name: "ALL",
        }],
        srcaddrs: [{
            name: "all",
        }],
        status: "enable",
    });
    
    import pulumi
    import pulumiverse_fortios as fortios
    
    trname = fortios.firewall.Localinpolicy("trname",
        action="accept",
        dstaddrs=[fortios.firewall.LocalinpolicyDstaddrArgs(
            name="all",
        )],
        ha_mgmt_intf_only="disable",
        intf="port4",
        policyid=1,
        schedule="always",
        services=[fortios.firewall.LocalinpolicyServiceArgs(
            name="ALL",
        )],
        srcaddrs=[fortios.firewall.LocalinpolicySrcaddrArgs(
            name="all",
        )],
        status="enable")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/firewall"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := firewall.NewLocalinpolicy(ctx, "trname", &firewall.LocalinpolicyArgs{
    			Action: pulumi.String("accept"),
    			Dstaddrs: firewall.LocalinpolicyDstaddrArray{
    				&firewall.LocalinpolicyDstaddrArgs{
    					Name: pulumi.String("all"),
    				},
    			},
    			HaMgmtIntfOnly: pulumi.String("disable"),
    			Intf:           pulumi.String("port4"),
    			Policyid:       pulumi.Int(1),
    			Schedule:       pulumi.String("always"),
    			Services: firewall.LocalinpolicyServiceArray{
    				&firewall.LocalinpolicyServiceArgs{
    					Name: pulumi.String("ALL"),
    				},
    			},
    			Srcaddrs: firewall.LocalinpolicySrcaddrArray{
    				&firewall.LocalinpolicySrcaddrArgs{
    					Name: pulumi.String("all"),
    				},
    			},
    			Status: pulumi.String("enable"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Fortios = Pulumiverse.Fortios;
    
    return await Deployment.RunAsync(() => 
    {
        var trname = new Fortios.Firewall.Localinpolicy("trname", new()
        {
            Action = "accept",
            Dstaddrs = new[]
            {
                new Fortios.Firewall.Inputs.LocalinpolicyDstaddrArgs
                {
                    Name = "all",
                },
            },
            HaMgmtIntfOnly = "disable",
            Intf = "port4",
            Policyid = 1,
            Schedule = "always",
            Services = new[]
            {
                new Fortios.Firewall.Inputs.LocalinpolicyServiceArgs
                {
                    Name = "ALL",
                },
            },
            Srcaddrs = new[]
            {
                new Fortios.Firewall.Inputs.LocalinpolicySrcaddrArgs
                {
                    Name = "all",
                },
            },
            Status = "enable",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.fortios.firewall.Localinpolicy;
    import com.pulumi.fortios.firewall.LocalinpolicyArgs;
    import com.pulumi.fortios.firewall.inputs.LocalinpolicyDstaddrArgs;
    import com.pulumi.fortios.firewall.inputs.LocalinpolicyServiceArgs;
    import com.pulumi.fortios.firewall.inputs.LocalinpolicySrcaddrArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var trname = new Localinpolicy("trname", LocalinpolicyArgs.builder()
                .action("accept")
                .dstaddrs(LocalinpolicyDstaddrArgs.builder()
                    .name("all")
                    .build())
                .haMgmtIntfOnly("disable")
                .intf("port4")
                .policyid(1)
                .schedule("always")
                .services(LocalinpolicyServiceArgs.builder()
                    .name("ALL")
                    .build())
                .srcaddrs(LocalinpolicySrcaddrArgs.builder()
                    .name("all")
                    .build())
                .status("enable")
                .build());
    
        }
    }
    
    resources:
      trname:
        type: fortios:firewall:Localinpolicy
        properties:
          action: accept
          dstaddrs:
            - name: all
          haMgmtIntfOnly: disable
          intf: port4
          policyid: 1
          schedule: always
          services:
            - name: ALL
          srcaddrs:
            - name: all
          status: enable
    

    Create Localinpolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Localinpolicy(name: string, args: LocalinpolicyArgs, opts?: CustomResourceOptions);
    @overload
    def Localinpolicy(resource_name: str,
                      args: LocalinpolicyArgs,
                      opts: Optional[ResourceOptions] = None)
    
    @overload
    def Localinpolicy(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      dstaddrs: Optional[Sequence[LocalinpolicyDstaddrArgs]] = None,
                      srcaddrs: Optional[Sequence[LocalinpolicySrcaddrArgs]] = None,
                      schedule: Optional[str] = None,
                      internet_service_src_negate: Optional[str] = None,
                      intf_blocks: Optional[Sequence[LocalinpolicyIntfBlockArgs]] = None,
                      get_all_tables: Optional[str] = None,
                      ha_mgmt_intf_only: Optional[str] = None,
                      internet_service_src: Optional[str] = None,
                      internet_service_src_custom_groups: Optional[Sequence[LocalinpolicyInternetServiceSrcCustomGroupArgs]] = None,
                      internet_service_src_customs: Optional[Sequence[LocalinpolicyInternetServiceSrcCustomArgs]] = None,
                      internet_service_src_groups: Optional[Sequence[LocalinpolicyInternetServiceSrcGroupArgs]] = None,
                      internet_service_src_names: Optional[Sequence[LocalinpolicyInternetServiceSrcNameArgs]] = None,
                      action: Optional[str] = None,
                      intf: Optional[str] = None,
                      dynamic_sort_subtable: Optional[str] = None,
                      policyid: Optional[int] = None,
                      dstaddr_negate: Optional[str] = None,
                      service_negate: Optional[str] = None,
                      services: Optional[Sequence[LocalinpolicyServiceArgs]] = None,
                      srcaddr_negate: Optional[str] = None,
                      comments: Optional[str] = None,
                      status: Optional[str] = None,
                      uuid: Optional[str] = None,
                      vdomparam: Optional[str] = None,
                      virtual_patch: Optional[str] = None)
    func NewLocalinpolicy(ctx *Context, name string, args LocalinpolicyArgs, opts ...ResourceOption) (*Localinpolicy, error)
    public Localinpolicy(string name, LocalinpolicyArgs args, CustomResourceOptions? opts = null)
    public Localinpolicy(String name, LocalinpolicyArgs args)
    public Localinpolicy(String name, LocalinpolicyArgs args, CustomResourceOptions options)
    
    type: fortios:firewall:Localinpolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args LocalinpolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args LocalinpolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args LocalinpolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args LocalinpolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args LocalinpolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var localinpolicyResource = new Fortios.Firewall.Localinpolicy("localinpolicyResource", new()
    {
        Dstaddrs = new[]
        {
            new Fortios.Firewall.Inputs.LocalinpolicyDstaddrArgs
            {
                Name = "string",
            },
        },
        Srcaddrs = new[]
        {
            new Fortios.Firewall.Inputs.LocalinpolicySrcaddrArgs
            {
                Name = "string",
            },
        },
        Schedule = "string",
        InternetServiceSrcNegate = "string",
        IntfBlocks = new[]
        {
            new Fortios.Firewall.Inputs.LocalinpolicyIntfBlockArgs
            {
                Name = "string",
            },
        },
        GetAllTables = "string",
        HaMgmtIntfOnly = "string",
        InternetServiceSrc = "string",
        InternetServiceSrcCustomGroups = new[]
        {
            new Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcCustomGroupArgs
            {
                Name = "string",
            },
        },
        InternetServiceSrcCustoms = new[]
        {
            new Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcCustomArgs
            {
                Name = "string",
            },
        },
        InternetServiceSrcGroups = new[]
        {
            new Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcGroupArgs
            {
                Name = "string",
            },
        },
        InternetServiceSrcNames = new[]
        {
            new Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcNameArgs
            {
                Name = "string",
            },
        },
        Action = "string",
        Intf = "string",
        DynamicSortSubtable = "string",
        Policyid = 0,
        DstaddrNegate = "string",
        ServiceNegate = "string",
        Services = new[]
        {
            new Fortios.Firewall.Inputs.LocalinpolicyServiceArgs
            {
                Name = "string",
            },
        },
        SrcaddrNegate = "string",
        Comments = "string",
        Status = "string",
        Uuid = "string",
        Vdomparam = "string",
        VirtualPatch = "string",
    });
    
    example, err := firewall.NewLocalinpolicy(ctx, "localinpolicyResource", &firewall.LocalinpolicyArgs{
    	Dstaddrs: firewall.LocalinpolicyDstaddrArray{
    		&firewall.LocalinpolicyDstaddrArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	Srcaddrs: firewall.LocalinpolicySrcaddrArray{
    		&firewall.LocalinpolicySrcaddrArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	Schedule:                 pulumi.String("string"),
    	InternetServiceSrcNegate: pulumi.String("string"),
    	IntfBlocks: firewall.LocalinpolicyIntfBlockArray{
    		&firewall.LocalinpolicyIntfBlockArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	GetAllTables:       pulumi.String("string"),
    	HaMgmtIntfOnly:     pulumi.String("string"),
    	InternetServiceSrc: pulumi.String("string"),
    	InternetServiceSrcCustomGroups: firewall.LocalinpolicyInternetServiceSrcCustomGroupArray{
    		&firewall.LocalinpolicyInternetServiceSrcCustomGroupArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	InternetServiceSrcCustoms: firewall.LocalinpolicyInternetServiceSrcCustomArray{
    		&firewall.LocalinpolicyInternetServiceSrcCustomArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	InternetServiceSrcGroups: firewall.LocalinpolicyInternetServiceSrcGroupArray{
    		&firewall.LocalinpolicyInternetServiceSrcGroupArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	InternetServiceSrcNames: firewall.LocalinpolicyInternetServiceSrcNameArray{
    		&firewall.LocalinpolicyInternetServiceSrcNameArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	Action:              pulumi.String("string"),
    	Intf:                pulumi.String("string"),
    	DynamicSortSubtable: pulumi.String("string"),
    	Policyid:            pulumi.Int(0),
    	DstaddrNegate:       pulumi.String("string"),
    	ServiceNegate:       pulumi.String("string"),
    	Services: firewall.LocalinpolicyServiceArray{
    		&firewall.LocalinpolicyServiceArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	SrcaddrNegate: pulumi.String("string"),
    	Comments:      pulumi.String("string"),
    	Status:        pulumi.String("string"),
    	Uuid:          pulumi.String("string"),
    	Vdomparam:     pulumi.String("string"),
    	VirtualPatch:  pulumi.String("string"),
    })
    
    var localinpolicyResource = new Localinpolicy("localinpolicyResource", LocalinpolicyArgs.builder()
        .dstaddrs(LocalinpolicyDstaddrArgs.builder()
            .name("string")
            .build())
        .srcaddrs(LocalinpolicySrcaddrArgs.builder()
            .name("string")
            .build())
        .schedule("string")
        .internetServiceSrcNegate("string")
        .intfBlocks(LocalinpolicyIntfBlockArgs.builder()
            .name("string")
            .build())
        .getAllTables("string")
        .haMgmtIntfOnly("string")
        .internetServiceSrc("string")
        .internetServiceSrcCustomGroups(LocalinpolicyInternetServiceSrcCustomGroupArgs.builder()
            .name("string")
            .build())
        .internetServiceSrcCustoms(LocalinpolicyInternetServiceSrcCustomArgs.builder()
            .name("string")
            .build())
        .internetServiceSrcGroups(LocalinpolicyInternetServiceSrcGroupArgs.builder()
            .name("string")
            .build())
        .internetServiceSrcNames(LocalinpolicyInternetServiceSrcNameArgs.builder()
            .name("string")
            .build())
        .action("string")
        .intf("string")
        .dynamicSortSubtable("string")
        .policyid(0)
        .dstaddrNegate("string")
        .serviceNegate("string")
        .services(LocalinpolicyServiceArgs.builder()
            .name("string")
            .build())
        .srcaddrNegate("string")
        .comments("string")
        .status("string")
        .uuid("string")
        .vdomparam("string")
        .virtualPatch("string")
        .build());
    
    localinpolicy_resource = fortios.firewall.Localinpolicy("localinpolicyResource",
        dstaddrs=[{
            "name": "string",
        }],
        srcaddrs=[{
            "name": "string",
        }],
        schedule="string",
        internet_service_src_negate="string",
        intf_blocks=[{
            "name": "string",
        }],
        get_all_tables="string",
        ha_mgmt_intf_only="string",
        internet_service_src="string",
        internet_service_src_custom_groups=[{
            "name": "string",
        }],
        internet_service_src_customs=[{
            "name": "string",
        }],
        internet_service_src_groups=[{
            "name": "string",
        }],
        internet_service_src_names=[{
            "name": "string",
        }],
        action="string",
        intf="string",
        dynamic_sort_subtable="string",
        policyid=0,
        dstaddr_negate="string",
        service_negate="string",
        services=[{
            "name": "string",
        }],
        srcaddr_negate="string",
        comments="string",
        status="string",
        uuid="string",
        vdomparam="string",
        virtual_patch="string")
    
    const localinpolicyResource = new fortios.firewall.Localinpolicy("localinpolicyResource", {
        dstaddrs: [{
            name: "string",
        }],
        srcaddrs: [{
            name: "string",
        }],
        schedule: "string",
        internetServiceSrcNegate: "string",
        intfBlocks: [{
            name: "string",
        }],
        getAllTables: "string",
        haMgmtIntfOnly: "string",
        internetServiceSrc: "string",
        internetServiceSrcCustomGroups: [{
            name: "string",
        }],
        internetServiceSrcCustoms: [{
            name: "string",
        }],
        internetServiceSrcGroups: [{
            name: "string",
        }],
        internetServiceSrcNames: [{
            name: "string",
        }],
        action: "string",
        intf: "string",
        dynamicSortSubtable: "string",
        policyid: 0,
        dstaddrNegate: "string",
        serviceNegate: "string",
        services: [{
            name: "string",
        }],
        srcaddrNegate: "string",
        comments: "string",
        status: "string",
        uuid: "string",
        vdomparam: "string",
        virtualPatch: "string",
    });
    
    type: fortios:firewall:Localinpolicy
    properties:
        action: string
        comments: string
        dstaddrNegate: string
        dstaddrs:
            - name: string
        dynamicSortSubtable: string
        getAllTables: string
        haMgmtIntfOnly: string
        internetServiceSrc: string
        internetServiceSrcCustomGroups:
            - name: string
        internetServiceSrcCustoms:
            - name: string
        internetServiceSrcGroups:
            - name: string
        internetServiceSrcNames:
            - name: string
        internetServiceSrcNegate: string
        intf: string
        intfBlocks:
            - name: string
        policyid: 0
        schedule: string
        serviceNegate: string
        services:
            - name: string
        srcaddrNegate: string
        srcaddrs:
            - name: string
        status: string
        uuid: string
        vdomparam: string
        virtualPatch: string
    

    Localinpolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Localinpolicy resource accepts the following input properties:

    Dstaddrs List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyDstaddr>
    Destination address object from available options. The structure of dstaddr block is documented below.
    Schedule string
    Schedule object from available options.
    Srcaddrs List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicySrcaddr>
    Source address object from available options. The structure of srcaddr block is documented below.
    Action string
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    Comments string
    Comment.
    DstaddrNegate string
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    HaMgmtIntfOnly string
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    InternetServiceSrc string
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    InternetServiceSrcCustomGroups List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcCustomGroup>
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    InternetServiceSrcCustoms List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcCustom>
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    InternetServiceSrcGroups List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcGroup>
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    InternetServiceSrcNames List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcName>
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    InternetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    Intf string
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    IntfBlocks List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyIntfBlock>
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    Policyid int
    User defined local in policy ID.
    ServiceNegate string
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    Services List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyService>
    Service object from available options. The structure of service block is documented below.
    SrcaddrNegate string
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    Status string
    Enable/disable this local-in policy. Valid values: enable, disable.
    Uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    VirtualPatch string
    Enable/disable virtual patching. Valid values: enable, disable.
    Dstaddrs []LocalinpolicyDstaddrArgs
    Destination address object from available options. The structure of dstaddr block is documented below.
    Schedule string
    Schedule object from available options.
    Srcaddrs []LocalinpolicySrcaddrArgs
    Source address object from available options. The structure of srcaddr block is documented below.
    Action string
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    Comments string
    Comment.
    DstaddrNegate string
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    HaMgmtIntfOnly string
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    InternetServiceSrc string
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    InternetServiceSrcCustomGroups []LocalinpolicyInternetServiceSrcCustomGroupArgs
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    InternetServiceSrcCustoms []LocalinpolicyInternetServiceSrcCustomArgs
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    InternetServiceSrcGroups []LocalinpolicyInternetServiceSrcGroupArgs
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    InternetServiceSrcNames []LocalinpolicyInternetServiceSrcNameArgs
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    InternetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    Intf string
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    IntfBlocks []LocalinpolicyIntfBlockArgs
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    Policyid int
    User defined local in policy ID.
    ServiceNegate string
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    Services []LocalinpolicyServiceArgs
    Service object from available options. The structure of service block is documented below.
    SrcaddrNegate string
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    Status string
    Enable/disable this local-in policy. Valid values: enable, disable.
    Uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    VirtualPatch string
    Enable/disable virtual patching. Valid values: enable, disable.
    dstaddrs List<LocalinpolicyDstaddr>
    Destination address object from available options. The structure of dstaddr block is documented below.
    schedule String
    Schedule object from available options.
    srcaddrs List<LocalinpolicySrcaddr>
    Source address object from available options. The structure of srcaddr block is documented below.
    action String
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    comments String
    Comment.
    dstaddrNegate String
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    haMgmtIntfOnly String
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    internetServiceSrc String
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    internetServiceSrcCustomGroups List<LocalinpolicyInternetServiceSrcCustomGroup>
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    internetServiceSrcCustoms List<LocalinpolicyInternetServiceSrcCustom>
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    internetServiceSrcGroups List<LocalinpolicyInternetServiceSrcGroup>
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    internetServiceSrcNames List<LocalinpolicyInternetServiceSrcName>
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    internetServiceSrcNegate String
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    intf String
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    intfBlocks List<LocalinpolicyIntfBlock>
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    policyid Integer
    User defined local in policy ID.
    serviceNegate String
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    services List<LocalinpolicyService>
    Service object from available options. The structure of service block is documented below.
    srcaddrNegate String
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    status String
    Enable/disable this local-in policy. Valid values: enable, disable.
    uuid String
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    virtualPatch String
    Enable/disable virtual patching. Valid values: enable, disable.
    dstaddrs LocalinpolicyDstaddr[]
    Destination address object from available options. The structure of dstaddr block is documented below.
    schedule string
    Schedule object from available options.
    srcaddrs LocalinpolicySrcaddr[]
    Source address object from available options. The structure of srcaddr block is documented below.
    action string
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    comments string
    Comment.
    dstaddrNegate string
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    dynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    haMgmtIntfOnly string
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    internetServiceSrc string
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    internetServiceSrcCustomGroups LocalinpolicyInternetServiceSrcCustomGroup[]
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    internetServiceSrcCustoms LocalinpolicyInternetServiceSrcCustom[]
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    internetServiceSrcGroups LocalinpolicyInternetServiceSrcGroup[]
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    internetServiceSrcNames LocalinpolicyInternetServiceSrcName[]
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    internetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    intf string
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    intfBlocks LocalinpolicyIntfBlock[]
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    policyid number
    User defined local in policy ID.
    serviceNegate string
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    services LocalinpolicyService[]
    Service object from available options. The structure of service block is documented below.
    srcaddrNegate string
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    status string
    Enable/disable this local-in policy. Valid values: enable, disable.
    uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    virtualPatch string
    Enable/disable virtual patching. Valid values: enable, disable.
    dstaddrs Sequence[LocalinpolicyDstaddrArgs]
    Destination address object from available options. The structure of dstaddr block is documented below.
    schedule str
    Schedule object from available options.
    srcaddrs Sequence[LocalinpolicySrcaddrArgs]
    Source address object from available options. The structure of srcaddr block is documented below.
    action str
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    comments str
    Comment.
    dstaddr_negate str
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    dynamic_sort_subtable str
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    get_all_tables str
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ha_mgmt_intf_only str
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    internet_service_src str
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    internet_service_src_custom_groups Sequence[LocalinpolicyInternetServiceSrcCustomGroupArgs]
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    internet_service_src_customs Sequence[LocalinpolicyInternetServiceSrcCustomArgs]
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    internet_service_src_groups Sequence[LocalinpolicyInternetServiceSrcGroupArgs]
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    internet_service_src_names Sequence[LocalinpolicyInternetServiceSrcNameArgs]
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    internet_service_src_negate str
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    intf str
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    intf_blocks Sequence[LocalinpolicyIntfBlockArgs]
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    policyid int
    User defined local in policy ID.
    service_negate str
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    services Sequence[LocalinpolicyServiceArgs]
    Service object from available options. The structure of service block is documented below.
    srcaddr_negate str
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    status str
    Enable/disable this local-in policy. Valid values: enable, disable.
    uuid str
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    virtual_patch str
    Enable/disable virtual patching. Valid values: enable, disable.
    dstaddrs List<Property Map>
    Destination address object from available options. The structure of dstaddr block is documented below.
    schedule String
    Schedule object from available options.
    srcaddrs List<Property Map>
    Source address object from available options. The structure of srcaddr block is documented below.
    action String
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    comments String
    Comment.
    dstaddrNegate String
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    haMgmtIntfOnly String
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    internetServiceSrc String
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    internetServiceSrcCustomGroups List<Property Map>
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    internetServiceSrcCustoms List<Property Map>
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    internetServiceSrcGroups List<Property Map>
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    internetServiceSrcNames List<Property Map>
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    internetServiceSrcNegate String
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    intf String
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    intfBlocks List<Property Map>
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    policyid Number
    User defined local in policy ID.
    serviceNegate String
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    services List<Property Map>
    Service object from available options. The structure of service block is documented below.
    srcaddrNegate String
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    status String
    Enable/disable this local-in policy. Valid values: enable, disable.
    uuid String
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    virtualPatch String
    Enable/disable virtual patching. Valid values: enable, disable.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Localinpolicy resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Localinpolicy Resource

    Get an existing Localinpolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: LocalinpolicyState, opts?: CustomResourceOptions): Localinpolicy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            action: Optional[str] = None,
            comments: Optional[str] = None,
            dstaddr_negate: Optional[str] = None,
            dstaddrs: Optional[Sequence[LocalinpolicyDstaddrArgs]] = None,
            dynamic_sort_subtable: Optional[str] = None,
            get_all_tables: Optional[str] = None,
            ha_mgmt_intf_only: Optional[str] = None,
            internet_service_src: Optional[str] = None,
            internet_service_src_custom_groups: Optional[Sequence[LocalinpolicyInternetServiceSrcCustomGroupArgs]] = None,
            internet_service_src_customs: Optional[Sequence[LocalinpolicyInternetServiceSrcCustomArgs]] = None,
            internet_service_src_groups: Optional[Sequence[LocalinpolicyInternetServiceSrcGroupArgs]] = None,
            internet_service_src_names: Optional[Sequence[LocalinpolicyInternetServiceSrcNameArgs]] = None,
            internet_service_src_negate: Optional[str] = None,
            intf: Optional[str] = None,
            intf_blocks: Optional[Sequence[LocalinpolicyIntfBlockArgs]] = None,
            policyid: Optional[int] = None,
            schedule: Optional[str] = None,
            service_negate: Optional[str] = None,
            services: Optional[Sequence[LocalinpolicyServiceArgs]] = None,
            srcaddr_negate: Optional[str] = None,
            srcaddrs: Optional[Sequence[LocalinpolicySrcaddrArgs]] = None,
            status: Optional[str] = None,
            uuid: Optional[str] = None,
            vdomparam: Optional[str] = None,
            virtual_patch: Optional[str] = None) -> Localinpolicy
    func GetLocalinpolicy(ctx *Context, name string, id IDInput, state *LocalinpolicyState, opts ...ResourceOption) (*Localinpolicy, error)
    public static Localinpolicy Get(string name, Input<string> id, LocalinpolicyState? state, CustomResourceOptions? opts = null)
    public static Localinpolicy get(String name, Output<String> id, LocalinpolicyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Action string
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    Comments string
    Comment.
    DstaddrNegate string
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    Dstaddrs List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyDstaddr>
    Destination address object from available options. The structure of dstaddr block is documented below.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    HaMgmtIntfOnly string
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    InternetServiceSrc string
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    InternetServiceSrcCustomGroups List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcCustomGroup>
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    InternetServiceSrcCustoms List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcCustom>
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    InternetServiceSrcGroups List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcGroup>
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    InternetServiceSrcNames List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyInternetServiceSrcName>
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    InternetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    Intf string
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    IntfBlocks List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyIntfBlock>
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    Policyid int
    User defined local in policy ID.
    Schedule string
    Schedule object from available options.
    ServiceNegate string
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    Services List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicyService>
    Service object from available options. The structure of service block is documented below.
    SrcaddrNegate string
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    Srcaddrs List<Pulumiverse.Fortios.Firewall.Inputs.LocalinpolicySrcaddr>
    Source address object from available options. The structure of srcaddr block is documented below.
    Status string
    Enable/disable this local-in policy. Valid values: enable, disable.
    Uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    VirtualPatch string
    Enable/disable virtual patching. Valid values: enable, disable.
    Action string
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    Comments string
    Comment.
    DstaddrNegate string
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    Dstaddrs []LocalinpolicyDstaddrArgs
    Destination address object from available options. The structure of dstaddr block is documented below.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    HaMgmtIntfOnly string
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    InternetServiceSrc string
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    InternetServiceSrcCustomGroups []LocalinpolicyInternetServiceSrcCustomGroupArgs
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    InternetServiceSrcCustoms []LocalinpolicyInternetServiceSrcCustomArgs
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    InternetServiceSrcGroups []LocalinpolicyInternetServiceSrcGroupArgs
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    InternetServiceSrcNames []LocalinpolicyInternetServiceSrcNameArgs
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    InternetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    Intf string
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    IntfBlocks []LocalinpolicyIntfBlockArgs
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    Policyid int
    User defined local in policy ID.
    Schedule string
    Schedule object from available options.
    ServiceNegate string
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    Services []LocalinpolicyServiceArgs
    Service object from available options. The structure of service block is documented below.
    SrcaddrNegate string
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    Srcaddrs []LocalinpolicySrcaddrArgs
    Source address object from available options. The structure of srcaddr block is documented below.
    Status string
    Enable/disable this local-in policy. Valid values: enable, disable.
    Uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    VirtualPatch string
    Enable/disable virtual patching. Valid values: enable, disable.
    action String
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    comments String
    Comment.
    dstaddrNegate String
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    dstaddrs List<LocalinpolicyDstaddr>
    Destination address object from available options. The structure of dstaddr block is documented below.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    haMgmtIntfOnly String
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    internetServiceSrc String
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    internetServiceSrcCustomGroups List<LocalinpolicyInternetServiceSrcCustomGroup>
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    internetServiceSrcCustoms List<LocalinpolicyInternetServiceSrcCustom>
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    internetServiceSrcGroups List<LocalinpolicyInternetServiceSrcGroup>
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    internetServiceSrcNames List<LocalinpolicyInternetServiceSrcName>
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    internetServiceSrcNegate String
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    intf String
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    intfBlocks List<LocalinpolicyIntfBlock>
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    policyid Integer
    User defined local in policy ID.
    schedule String
    Schedule object from available options.
    serviceNegate String
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    services List<LocalinpolicyService>
    Service object from available options. The structure of service block is documented below.
    srcaddrNegate String
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    srcaddrs List<LocalinpolicySrcaddr>
    Source address object from available options. The structure of srcaddr block is documented below.
    status String
    Enable/disable this local-in policy. Valid values: enable, disable.
    uuid String
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    virtualPatch String
    Enable/disable virtual patching. Valid values: enable, disable.
    action string
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    comments string
    Comment.
    dstaddrNegate string
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    dstaddrs LocalinpolicyDstaddr[]
    Destination address object from available options. The structure of dstaddr block is documented below.
    dynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    haMgmtIntfOnly string
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    internetServiceSrc string
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    internetServiceSrcCustomGroups LocalinpolicyInternetServiceSrcCustomGroup[]
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    internetServiceSrcCustoms LocalinpolicyInternetServiceSrcCustom[]
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    internetServiceSrcGroups LocalinpolicyInternetServiceSrcGroup[]
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    internetServiceSrcNames LocalinpolicyInternetServiceSrcName[]
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    internetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    intf string
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    intfBlocks LocalinpolicyIntfBlock[]
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    policyid number
    User defined local in policy ID.
    schedule string
    Schedule object from available options.
    serviceNegate string
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    services LocalinpolicyService[]
    Service object from available options. The structure of service block is documented below.
    srcaddrNegate string
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    srcaddrs LocalinpolicySrcaddr[]
    Source address object from available options. The structure of srcaddr block is documented below.
    status string
    Enable/disable this local-in policy. Valid values: enable, disable.
    uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    virtualPatch string
    Enable/disable virtual patching. Valid values: enable, disable.
    action str
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    comments str
    Comment.
    dstaddr_negate str
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    dstaddrs Sequence[LocalinpolicyDstaddrArgs]
    Destination address object from available options. The structure of dstaddr block is documented below.
    dynamic_sort_subtable str
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    get_all_tables str
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ha_mgmt_intf_only str
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    internet_service_src str
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    internet_service_src_custom_groups Sequence[LocalinpolicyInternetServiceSrcCustomGroupArgs]
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    internet_service_src_customs Sequence[LocalinpolicyInternetServiceSrcCustomArgs]
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    internet_service_src_groups Sequence[LocalinpolicyInternetServiceSrcGroupArgs]
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    internet_service_src_names Sequence[LocalinpolicyInternetServiceSrcNameArgs]
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    internet_service_src_negate str
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    intf str
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    intf_blocks Sequence[LocalinpolicyIntfBlockArgs]
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    policyid int
    User defined local in policy ID.
    schedule str
    Schedule object from available options.
    service_negate str
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    services Sequence[LocalinpolicyServiceArgs]
    Service object from available options. The structure of service block is documented below.
    srcaddr_negate str
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    srcaddrs Sequence[LocalinpolicySrcaddrArgs]
    Source address object from available options. The structure of srcaddr block is documented below.
    status str
    Enable/disable this local-in policy. Valid values: enable, disable.
    uuid str
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    virtual_patch str
    Enable/disable virtual patching. Valid values: enable, disable.
    action String
    Action performed on traffic matching the policy (default = deny). Valid values: accept, deny.
    comments String
    Comment.
    dstaddrNegate String
    When enabled dstaddr specifies what the destination address must NOT be. Valid values: enable, disable.
    dstaddrs List<Property Map>
    Destination address object from available options. The structure of dstaddr block is documented below.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    haMgmtIntfOnly String
    Enable/disable dedicating the HA management interface only for local-in policy. Valid values: enable, disable.
    internetServiceSrc String
    Enable/disable use of Internet Services in source for this local-in policy. If enabled, source address is not used. Valid values: enable, disable.
    internetServiceSrcCustomGroups List<Property Map>
    Custom Internet Service source group name. The structure of internet_service_src_custom_group block is documented below.
    internetServiceSrcCustoms List<Property Map>
    Custom Internet Service source name. The structure of internet_service_src_custom block is documented below.
    internetServiceSrcGroups List<Property Map>
    Internet Service source group name. The structure of internet_service_src_group block is documented below.
    internetServiceSrcNames List<Property Map>
    Internet Service source name. The structure of internet_service_src_name block is documented below.
    internetServiceSrcNegate String
    When enabled internet-service-src specifies what the service must NOT be. Valid values: enable, disable.
    intf String
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf_block.
    intfBlocks List<Property Map>
    Incoming interface name from available options. Due to the data type change of API, for other versions of FortiOS, please check variable intf. The structure of intf_block block is documented below.
    policyid Number
    User defined local in policy ID.
    schedule String
    Schedule object from available options.
    serviceNegate String
    When enabled service specifies what the service must NOT be. Valid values: enable, disable.
    services List<Property Map>
    Service object from available options. The structure of service block is documented below.
    srcaddrNegate String
    When enabled srcaddr specifies what the source address must NOT be. Valid values: enable, disable.
    srcaddrs List<Property Map>
    Source address object from available options. The structure of srcaddr block is documented below.
    status String
    Enable/disable this local-in policy. Valid values: enable, disable.
    uuid String
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    virtualPatch String
    Enable/disable virtual patching. Valid values: enable, disable.

    Supporting Types

    LocalinpolicyDstaddr, LocalinpolicyDstaddrArgs

    Name string
    Address name.
    Name string
    Address name.
    name String
    Address name.
    name string
    Address name.
    name str
    Address name.
    name String
    Address name.

    LocalinpolicyInternetServiceSrcCustom, LocalinpolicyInternetServiceSrcCustomArgs

    Name string
    Custom Internet Service name.
    Name string
    Custom Internet Service name.
    name String
    Custom Internet Service name.
    name string
    Custom Internet Service name.
    name str
    Custom Internet Service name.
    name String
    Custom Internet Service name.

    LocalinpolicyInternetServiceSrcCustomGroup, LocalinpolicyInternetServiceSrcCustomGroupArgs

    Name string
    Custom Internet Service group name.
    Name string
    Custom Internet Service group name.
    name String
    Custom Internet Service group name.
    name string
    Custom Internet Service group name.
    name str
    Custom Internet Service group name.
    name String
    Custom Internet Service group name.

    LocalinpolicyInternetServiceSrcGroup, LocalinpolicyInternetServiceSrcGroupArgs

    Name string
    Internet Service group name.
    Name string
    Internet Service group name.
    name String
    Internet Service group name.
    name string
    Internet Service group name.
    name str
    Internet Service group name.
    name String
    Internet Service group name.

    LocalinpolicyInternetServiceSrcName, LocalinpolicyInternetServiceSrcNameArgs

    Name string
    Internet Service name.
    Name string
    Internet Service name.
    name String
    Internet Service name.
    name string
    Internet Service name.
    name str
    Internet Service name.
    name String
    Internet Service name.

    LocalinpolicyIntfBlock, LocalinpolicyIntfBlockArgs

    Name string
    Address name.
    Name string
    Address name.
    name String
    Address name.
    name string
    Address name.
    name str
    Address name.
    name String
    Address name.

    LocalinpolicyService, LocalinpolicyServiceArgs

    Name string
    Service name.
    Name string
    Service name.
    name String
    Service name.
    name string
    Service name.
    name str
    Service name.
    name String
    Service name.

    LocalinpolicySrcaddr, LocalinpolicySrcaddrArgs

    Name string
    Address name.
    Name string
    Address name.
    name String
    Address name.
    name string
    Address name.
    name str
    Address name.
    name String
    Address name.

    Import

    Firewall LocalInPolicy can be imported using any of these accepted formats:

    $ pulumi import fortios:firewall/localinpolicy:Localinpolicy labelname {{policyid}}
    

    If you do not want to import arguments of block:

    $ export “FORTIOS_IMPORT_TABLE”=“false”

    $ pulumi import fortios:firewall/localinpolicy:Localinpolicy labelname {{policyid}}
    

    $ unset “FORTIOS_IMPORT_TABLE”

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    fortios pulumiverse/pulumi-fortios
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the fortios Terraform Provider.
    fortios logo
    Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse