1. Packages
  2. Fortios
  3. API Docs
  4. fmg
  5. FirewallSecurityPolicy
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.fmg.FirewallSecurityPolicy

Explore with Pulumi AI

fortios logo
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

    This resource supports Create/Read/Update/Delete firewall security policy on FortiManager which could be installed to the FortiGate later

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as fortios from "@pulumiverse/fortios";
    
    const test1 = new fortios.fmg.FirewallSecurityPolicy("test1", {
        action: "accept",
        avProfiles: ["g-default"],
        capturePacket: "enable",
        comments: "policy test",
        dnsfilterProfiles: ["default"],
        dstaddrs: ["all"],
        dstintfs: ["any"],
        fixedport: "enable",
        groups: ["Guest-group"],
        ippool: "disable",
        logtraffic: "all",
        logtrafficStart: "enable",
        nat: "enable",
        packageName: "dvm-test",
        profileType: "single",
        schedules: ["always"],
        services: ["ALL"],
        srcaddrs: ["all"],
        srcintfs: ["any"],
        trafficShapers: ["high-priority"],
        users: ["guest"],
        utmStatus: "enable",
    });
    
    import pulumi
    import pulumiverse_fortios as fortios
    
    test1 = fortios.fmg.FirewallSecurityPolicy("test1",
        action="accept",
        av_profiles=["g-default"],
        capture_packet="enable",
        comments="policy test",
        dnsfilter_profiles=["default"],
        dstaddrs=["all"],
        dstintfs=["any"],
        fixedport="enable",
        groups=["Guest-group"],
        ippool="disable",
        logtraffic="all",
        logtraffic_start="enable",
        nat="enable",
        package_name="dvm-test",
        profile_type="single",
        schedules=["always"],
        services=["ALL"],
        srcaddrs=["all"],
        srcintfs=["any"],
        traffic_shapers=["high-priority"],
        users=["guest"],
        utm_status="enable")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/fmg"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := fmg.NewFirewallSecurityPolicy(ctx, "test1", &fmg.FirewallSecurityPolicyArgs{
    			Action: pulumi.String("accept"),
    			AvProfiles: pulumi.StringArray{
    				pulumi.String("g-default"),
    			},
    			CapturePacket: pulumi.String("enable"),
    			Comments:      pulumi.String("policy test"),
    			DnsfilterProfiles: pulumi.StringArray{
    				pulumi.String("default"),
    			},
    			Dstaddrs: pulumi.StringArray{
    				pulumi.String("all"),
    			},
    			Dstintfs: pulumi.StringArray{
    				pulumi.String("any"),
    			},
    			Fixedport: pulumi.String("enable"),
    			Groups: pulumi.StringArray{
    				pulumi.String("Guest-group"),
    			},
    			Ippool:          pulumi.String("disable"),
    			Logtraffic:      pulumi.String("all"),
    			LogtrafficStart: pulumi.String("enable"),
    			Nat:             pulumi.String("enable"),
    			PackageName:     pulumi.String("dvm-test"),
    			ProfileType:     pulumi.String("single"),
    			Schedules: pulumi.StringArray{
    				pulumi.String("always"),
    			},
    			Services: pulumi.StringArray{
    				pulumi.String("ALL"),
    			},
    			Srcaddrs: pulumi.StringArray{
    				pulumi.String("all"),
    			},
    			Srcintfs: pulumi.StringArray{
    				pulumi.String("any"),
    			},
    			TrafficShapers: pulumi.StringArray{
    				pulumi.String("high-priority"),
    			},
    			Users: pulumi.StringArray{
    				pulumi.String("guest"),
    			},
    			UtmStatus: pulumi.String("enable"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Fortios = Pulumiverse.Fortios;
    
    return await Deployment.RunAsync(() => 
    {
        var test1 = new Fortios.Fmg.FirewallSecurityPolicy("test1", new()
        {
            Action = "accept",
            AvProfiles = new[]
            {
                "g-default",
            },
            CapturePacket = "enable",
            Comments = "policy test",
            DnsfilterProfiles = new[]
            {
                "default",
            },
            Dstaddrs = new[]
            {
                "all",
            },
            Dstintfs = new[]
            {
                "any",
            },
            Fixedport = "enable",
            Groups = new[]
            {
                "Guest-group",
            },
            Ippool = "disable",
            Logtraffic = "all",
            LogtrafficStart = "enable",
            Nat = "enable",
            PackageName = "dvm-test",
            ProfileType = "single",
            Schedules = new[]
            {
                "always",
            },
            Services = new[]
            {
                "ALL",
            },
            Srcaddrs = new[]
            {
                "all",
            },
            Srcintfs = new[]
            {
                "any",
            },
            TrafficShapers = new[]
            {
                "high-priority",
            },
            Users = new[]
            {
                "guest",
            },
            UtmStatus = "enable",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.fortios.fmg.FirewallSecurityPolicy;
    import com.pulumi.fortios.fmg.FirewallSecurityPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var test1 = new FirewallSecurityPolicy("test1", FirewallSecurityPolicyArgs.builder()
                .action("accept")
                .avProfiles("g-default")
                .capturePacket("enable")
                .comments("policy test")
                .dnsfilterProfiles("default")
                .dstaddrs("all")
                .dstintfs("any")
                .fixedport("enable")
                .groups("Guest-group")
                .ippool("disable")
                .logtraffic("all")
                .logtrafficStart("enable")
                .nat("enable")
                .packageName("dvm-test")
                .profileType("single")
                .schedules("always")
                .services("ALL")
                .srcaddrs("all")
                .srcintfs("any")
                .trafficShapers("high-priority")
                .users("guest")
                .utmStatus("enable")
                .build());
    
        }
    }
    
    resources:
      test1:
        type: fortios:fmg:FirewallSecurityPolicy
        properties:
          action: accept
          avProfiles:
            - g-default
          capturePacket: enable
          comments: policy test
          dnsfilterProfiles:
            - default
          dstaddrs:
            - all
          dstintfs:
            - any
          fixedport: enable
          groups:
            - Guest-group
          ippool: disable
          logtraffic: all
          logtrafficStart: enable
          nat: enable
          packageName: dvm-test
          profileType: single
          schedules:
            - always
          services:
            - ALL
          srcaddrs:
            - all
          srcintfs:
            - any
          trafficShapers:
            - high-priority
          users:
            - guest
          utmStatus: enable
    

    Create FirewallSecurityPolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new FirewallSecurityPolicy(name: string, args: FirewallSecurityPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def FirewallSecurityPolicy(resource_name: str,
                               args: FirewallSecurityPolicyArgs,
                               opts: Optional[ResourceOptions] = None)
    
    @overload
    def FirewallSecurityPolicy(resource_name: str,
                               opts: Optional[ResourceOptions] = None,
                               dstaddrs: Optional[Sequence[str]] = None,
                               srcintfs: Optional[Sequence[str]] = None,
                               srcaddrs: Optional[Sequence[str]] = None,
                               services: Optional[Sequence[str]] = None,
                               schedules: Optional[Sequence[str]] = None,
                               dstintfs: Optional[Sequence[str]] = None,
                               ips_sensors: Optional[Sequence[str]] = None,
                               package_name: Optional[str] = None,
                               comments: Optional[str] = None,
                               fixedport: Optional[str] = None,
                               fsso: Optional[str] = None,
                               groups: Optional[Sequence[str]] = None,
                               inbound: Optional[str] = None,
                               internet_service: Optional[str] = None,
                               internet_service_ids: Optional[Sequence[str]] = None,
                               internet_service_names: Optional[Sequence[str]] = None,
                               internet_service_src: Optional[str] = None,
                               internet_service_src_ids: Optional[Sequence[str]] = None,
                               internet_service_src_names: Optional[Sequence[str]] = None,
                               ippool: Optional[str] = None,
                               action: Optional[str] = None,
                               logtraffic: Optional[str] = None,
                               logtraffic_start: Optional[str] = None,
                               name: Optional[str] = None,
                               nat: Optional[str] = None,
                               dnsfilter_profiles: Optional[Sequence[str]] = None,
                               per_ip_shapers: Optional[Sequence[str]] = None,
                               poolnames: Optional[Sequence[str]] = None,
                               profile_groups: Optional[Sequence[str]] = None,
                               profile_protocol_options: Optional[Sequence[str]] = None,
                               profile_type: Optional[str] = None,
                               rsso: Optional[str] = None,
                               capture_packet: Optional[str] = None,
                               av_profiles: Optional[Sequence[str]] = None,
                               application_lists: Optional[Sequence[str]] = None,
                               adom: Optional[str] = None,
                               traffic_shaper_reverses: Optional[Sequence[str]] = None,
                               traffic_shapers: Optional[Sequence[str]] = None,
                               users: Optional[Sequence[str]] = None,
                               utm_status: Optional[str] = None,
                               vpn_tunnels: Optional[Sequence[str]] = None,
                               waf_profiles: Optional[Sequence[str]] = None,
                               webfilter_profiles: Optional[Sequence[str]] = None)
    func NewFirewallSecurityPolicy(ctx *Context, name string, args FirewallSecurityPolicyArgs, opts ...ResourceOption) (*FirewallSecurityPolicy, error)
    public FirewallSecurityPolicy(string name, FirewallSecurityPolicyArgs args, CustomResourceOptions? opts = null)
    public FirewallSecurityPolicy(String name, FirewallSecurityPolicyArgs args)
    public FirewallSecurityPolicy(String name, FirewallSecurityPolicyArgs args, CustomResourceOptions options)
    
    type: fortios:fmg:FirewallSecurityPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args FirewallSecurityPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FirewallSecurityPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FirewallSecurityPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FirewallSecurityPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FirewallSecurityPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var firewallSecurityPolicyResource = new Fortios.Fmg.FirewallSecurityPolicy("firewallSecurityPolicyResource", new()
    {
        Dstaddrs = new[]
        {
            "string",
        },
        Srcintfs = new[]
        {
            "string",
        },
        Srcaddrs = new[]
        {
            "string",
        },
        Services = new[]
        {
            "string",
        },
        Schedules = new[]
        {
            "string",
        },
        Dstintfs = new[]
        {
            "string",
        },
        IpsSensors = new[]
        {
            "string",
        },
        PackageName = "string",
        Comments = "string",
        Fixedport = "string",
        Fsso = "string",
        Groups = new[]
        {
            "string",
        },
        Inbound = "string",
        InternetService = "string",
        InternetServiceIds = new[]
        {
            "string",
        },
        InternetServiceNames = new[]
        {
            "string",
        },
        InternetServiceSrc = "string",
        InternetServiceSrcIds = new[]
        {
            "string",
        },
        InternetServiceSrcNames = new[]
        {
            "string",
        },
        Ippool = "string",
        Action = "string",
        Logtraffic = "string",
        LogtrafficStart = "string",
        Name = "string",
        Nat = "string",
        DnsfilterProfiles = new[]
        {
            "string",
        },
        PerIpShapers = new[]
        {
            "string",
        },
        Poolnames = new[]
        {
            "string",
        },
        ProfileGroups = new[]
        {
            "string",
        },
        ProfileProtocolOptions = new[]
        {
            "string",
        },
        ProfileType = "string",
        Rsso = "string",
        CapturePacket = "string",
        AvProfiles = new[]
        {
            "string",
        },
        ApplicationLists = new[]
        {
            "string",
        },
        Adom = "string",
        TrafficShaperReverses = new[]
        {
            "string",
        },
        TrafficShapers = new[]
        {
            "string",
        },
        Users = new[]
        {
            "string",
        },
        UtmStatus = "string",
        VpnTunnels = new[]
        {
            "string",
        },
        WafProfiles = new[]
        {
            "string",
        },
        WebfilterProfiles = new[]
        {
            "string",
        },
    });
    
    example, err := fmg.NewFirewallSecurityPolicy(ctx, "firewallSecurityPolicyResource", &fmg.FirewallSecurityPolicyArgs{
    	Dstaddrs: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Srcintfs: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Srcaddrs: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Services: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Schedules: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Dstintfs: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	IpsSensors: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	PackageName: pulumi.String("string"),
    	Comments:    pulumi.String("string"),
    	Fixedport:   pulumi.String("string"),
    	Fsso:        pulumi.String("string"),
    	Groups: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Inbound:         pulumi.String("string"),
    	InternetService: pulumi.String("string"),
    	InternetServiceIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	InternetServiceNames: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	InternetServiceSrc: pulumi.String("string"),
    	InternetServiceSrcIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	InternetServiceSrcNames: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Ippool:          pulumi.String("string"),
    	Action:          pulumi.String("string"),
    	Logtraffic:      pulumi.String("string"),
    	LogtrafficStart: pulumi.String("string"),
    	Name:            pulumi.String("string"),
    	Nat:             pulumi.String("string"),
    	DnsfilterProfiles: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	PerIpShapers: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Poolnames: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ProfileGroups: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ProfileProtocolOptions: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ProfileType:   pulumi.String("string"),
    	Rsso:          pulumi.String("string"),
    	CapturePacket: pulumi.String("string"),
    	AvProfiles: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ApplicationLists: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Adom: pulumi.String("string"),
    	TrafficShaperReverses: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	TrafficShapers: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	Users: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	UtmStatus: pulumi.String("string"),
    	VpnTunnels: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	WafProfiles: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	WebfilterProfiles: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    })
    
    var firewallSecurityPolicyResource = new FirewallSecurityPolicy("firewallSecurityPolicyResource", FirewallSecurityPolicyArgs.builder()
        .dstaddrs("string")
        .srcintfs("string")
        .srcaddrs("string")
        .services("string")
        .schedules("string")
        .dstintfs("string")
        .ipsSensors("string")
        .packageName("string")
        .comments("string")
        .fixedport("string")
        .fsso("string")
        .groups("string")
        .inbound("string")
        .internetService("string")
        .internetServiceIds("string")
        .internetServiceNames("string")
        .internetServiceSrc("string")
        .internetServiceSrcIds("string")
        .internetServiceSrcNames("string")
        .ippool("string")
        .action("string")
        .logtraffic("string")
        .logtrafficStart("string")
        .name("string")
        .nat("string")
        .dnsfilterProfiles("string")
        .perIpShapers("string")
        .poolnames("string")
        .profileGroups("string")
        .profileProtocolOptions("string")
        .profileType("string")
        .rsso("string")
        .capturePacket("string")
        .avProfiles("string")
        .applicationLists("string")
        .adom("string")
        .trafficShaperReverses("string")
        .trafficShapers("string")
        .users("string")
        .utmStatus("string")
        .vpnTunnels("string")
        .wafProfiles("string")
        .webfilterProfiles("string")
        .build());
    
    firewall_security_policy_resource = fortios.fmg.FirewallSecurityPolicy("firewallSecurityPolicyResource",
        dstaddrs=["string"],
        srcintfs=["string"],
        srcaddrs=["string"],
        services=["string"],
        schedules=["string"],
        dstintfs=["string"],
        ips_sensors=["string"],
        package_name="string",
        comments="string",
        fixedport="string",
        fsso="string",
        groups=["string"],
        inbound="string",
        internet_service="string",
        internet_service_ids=["string"],
        internet_service_names=["string"],
        internet_service_src="string",
        internet_service_src_ids=["string"],
        internet_service_src_names=["string"],
        ippool="string",
        action="string",
        logtraffic="string",
        logtraffic_start="string",
        name="string",
        nat="string",
        dnsfilter_profiles=["string"],
        per_ip_shapers=["string"],
        poolnames=["string"],
        profile_groups=["string"],
        profile_protocol_options=["string"],
        profile_type="string",
        rsso="string",
        capture_packet="string",
        av_profiles=["string"],
        application_lists=["string"],
        adom="string",
        traffic_shaper_reverses=["string"],
        traffic_shapers=["string"],
        users=["string"],
        utm_status="string",
        vpn_tunnels=["string"],
        waf_profiles=["string"],
        webfilter_profiles=["string"])
    
    const firewallSecurityPolicyResource = new fortios.fmg.FirewallSecurityPolicy("firewallSecurityPolicyResource", {
        dstaddrs: ["string"],
        srcintfs: ["string"],
        srcaddrs: ["string"],
        services: ["string"],
        schedules: ["string"],
        dstintfs: ["string"],
        ipsSensors: ["string"],
        packageName: "string",
        comments: "string",
        fixedport: "string",
        fsso: "string",
        groups: ["string"],
        inbound: "string",
        internetService: "string",
        internetServiceIds: ["string"],
        internetServiceNames: ["string"],
        internetServiceSrc: "string",
        internetServiceSrcIds: ["string"],
        internetServiceSrcNames: ["string"],
        ippool: "string",
        action: "string",
        logtraffic: "string",
        logtrafficStart: "string",
        name: "string",
        nat: "string",
        dnsfilterProfiles: ["string"],
        perIpShapers: ["string"],
        poolnames: ["string"],
        profileGroups: ["string"],
        profileProtocolOptions: ["string"],
        profileType: "string",
        rsso: "string",
        capturePacket: "string",
        avProfiles: ["string"],
        applicationLists: ["string"],
        adom: "string",
        trafficShaperReverses: ["string"],
        trafficShapers: ["string"],
        users: ["string"],
        utmStatus: "string",
        vpnTunnels: ["string"],
        wafProfiles: ["string"],
        webfilterProfiles: ["string"],
    });
    
    type: fortios:fmg:FirewallSecurityPolicy
    properties:
        action: string
        adom: string
        applicationLists:
            - string
        avProfiles:
            - string
        capturePacket: string
        comments: string
        dnsfilterProfiles:
            - string
        dstaddrs:
            - string
        dstintfs:
            - string
        fixedport: string
        fsso: string
        groups:
            - string
        inbound: string
        internetService: string
        internetServiceIds:
            - string
        internetServiceNames:
            - string
        internetServiceSrc: string
        internetServiceSrcIds:
            - string
        internetServiceSrcNames:
            - string
        ippool: string
        ipsSensors:
            - string
        logtraffic: string
        logtrafficStart: string
        name: string
        nat: string
        packageName: string
        perIpShapers:
            - string
        poolnames:
            - string
        profileGroups:
            - string
        profileProtocolOptions:
            - string
        profileType: string
        rsso: string
        schedules:
            - string
        services:
            - string
        srcaddrs:
            - string
        srcintfs:
            - string
        trafficShaperReverses:
            - string
        trafficShapers:
            - string
        users:
            - string
        utmStatus: string
        vpnTunnels:
            - string
        wafProfiles:
            - string
        webfilterProfiles:
            - string
    

    FirewallSecurityPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The FirewallSecurityPolicy resource accepts the following input properties:

    Dstaddrs List<string>
    Destination address and adress group names.
    Dstintfs List<string>
    Outgoing interface.
    Schedules List<string>
    Schedule name.
    Services List<string>
    Service and service group names.
    Srcaddrs List<string>
    Source address and adress group names.
    Srcintfs List<string>
    Incoming interface.
    Action string
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    Adom string
    ADOM name. default is 'root'.
    ApplicationLists List<string>
    Name of an existing Application list.
    AvProfiles List<string>
    Name of an existing Antivirus profile.
    CapturePacket string
    Enable/disable capture packets.
    Comments string
    Comments.
    DnsfilterProfiles List<string>
    Name of an existing DNS filter profile.
    Fixedport string
    Enable/disable to prevent source NAT from changing a session's source port.
    Fsso string
    Enable/disable Fortinet Single Sign-On.
    Groups List<string>
    Names of user groups that can authenticate with this policy.
    Inbound string
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    InternetService string
    Enable/disable use of Destination Internet Services for this policy.
    InternetServiceIds List<string>
    Destination Internet Service ID.
    InternetServiceNames List<string>
    Destination Internet Service Name.
    InternetServiceSrc string
    Enable/disable use of Source Internet Services for this policy.
    InternetServiceSrcIds List<string>
    Source Internet Service ID.
    InternetServiceSrcNames List<string>
    Source Internet Service Name.
    Ippool string
    Enable/disable to use IP Pools for source NAT.
    IpsSensors List<string>
    Name of an existing IPS sensor.
    Logtraffic string
    Enable or disable logging. Enum: [disable, all, utm]
    LogtrafficStart string
    Record logs when a session starts and ends. Enum: [disable, enable]
    Name string
    Policy name.
    Nat string
    Enable/disable source NAT.
    PackageName string
    The package name which the policy will be added to.
    PerIpShapers List<string>
    Per-IP traffic shaper.
    Poolnames List<string>
    IP Pool names.
    ProfileGroups List<string>
    Name of profile group.
    ProfileProtocolOptions List<string>
    Name of an existing Protocol options profile.
    ProfileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    Rsso string
    Enable/disable RADIUS Single Sign-On.
    TrafficShaperReverses List<string>
    Reverse traffic shaper.
    TrafficShapers List<string>
    Traffic shaper.
    Users List<string>
    Names of individual users that can authenticate with this policy.
    UtmStatus string
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    VpnTunnels List<string>
    WafProfiles List<string>
    Name of an existing Web application firewall profile.
    WebfilterProfiles List<string>
    Name of an existing Web filter profile.
    Dstaddrs []string
    Destination address and adress group names.
    Dstintfs []string
    Outgoing interface.
    Schedules []string
    Schedule name.
    Services []string
    Service and service group names.
    Srcaddrs []string
    Source address and adress group names.
    Srcintfs []string
    Incoming interface.
    Action string
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    Adom string
    ADOM name. default is 'root'.
    ApplicationLists []string
    Name of an existing Application list.
    AvProfiles []string
    Name of an existing Antivirus profile.
    CapturePacket string
    Enable/disable capture packets.
    Comments string
    Comments.
    DnsfilterProfiles []string
    Name of an existing DNS filter profile.
    Fixedport string
    Enable/disable to prevent source NAT from changing a session's source port.
    Fsso string
    Enable/disable Fortinet Single Sign-On.
    Groups []string
    Names of user groups that can authenticate with this policy.
    Inbound string
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    InternetService string
    Enable/disable use of Destination Internet Services for this policy.
    InternetServiceIds []string
    Destination Internet Service ID.
    InternetServiceNames []string
    Destination Internet Service Name.
    InternetServiceSrc string
    Enable/disable use of Source Internet Services for this policy.
    InternetServiceSrcIds []string
    Source Internet Service ID.
    InternetServiceSrcNames []string
    Source Internet Service Name.
    Ippool string
    Enable/disable to use IP Pools for source NAT.
    IpsSensors []string
    Name of an existing IPS sensor.
    Logtraffic string
    Enable or disable logging. Enum: [disable, all, utm]
    LogtrafficStart string
    Record logs when a session starts and ends. Enum: [disable, enable]
    Name string
    Policy name.
    Nat string
    Enable/disable source NAT.
    PackageName string
    The package name which the policy will be added to.
    PerIpShapers []string
    Per-IP traffic shaper.
    Poolnames []string
    IP Pool names.
    ProfileGroups []string
    Name of profile group.
    ProfileProtocolOptions []string
    Name of an existing Protocol options profile.
    ProfileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    Rsso string
    Enable/disable RADIUS Single Sign-On.
    TrafficShaperReverses []string
    Reverse traffic shaper.
    TrafficShapers []string
    Traffic shaper.
    Users []string
    Names of individual users that can authenticate with this policy.
    UtmStatus string
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    VpnTunnels []string
    WafProfiles []string
    Name of an existing Web application firewall profile.
    WebfilterProfiles []string
    Name of an existing Web filter profile.
    dstaddrs List<String>
    Destination address and adress group names.
    dstintfs List<String>
    Outgoing interface.
    schedules List<String>
    Schedule name.
    services List<String>
    Service and service group names.
    srcaddrs List<String>
    Source address and adress group names.
    srcintfs List<String>
    Incoming interface.
    action String
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    adom String
    ADOM name. default is 'root'.
    applicationLists List<String>
    Name of an existing Application list.
    avProfiles List<String>
    Name of an existing Antivirus profile.
    capturePacket String
    Enable/disable capture packets.
    comments String
    Comments.
    dnsfilterProfiles List<String>
    Name of an existing DNS filter profile.
    fixedport String
    Enable/disable to prevent source NAT from changing a session's source port.
    fsso String
    Enable/disable Fortinet Single Sign-On.
    groups List<String>
    Names of user groups that can authenticate with this policy.
    inbound String
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    internetService String
    Enable/disable use of Destination Internet Services for this policy.
    internetServiceIds List<String>
    Destination Internet Service ID.
    internetServiceNames List<String>
    Destination Internet Service Name.
    internetServiceSrc String
    Enable/disable use of Source Internet Services for this policy.
    internetServiceSrcIds List<String>
    Source Internet Service ID.
    internetServiceSrcNames List<String>
    Source Internet Service Name.
    ippool String
    Enable/disable to use IP Pools for source NAT.
    ipsSensors List<String>
    Name of an existing IPS sensor.
    logtraffic String
    Enable or disable logging. Enum: [disable, all, utm]
    logtrafficStart String
    Record logs when a session starts and ends. Enum: [disable, enable]
    name String
    Policy name.
    nat String
    Enable/disable source NAT.
    packageName String
    The package name which the policy will be added to.
    perIpShapers List<String>
    Per-IP traffic shaper.
    poolnames List<String>
    IP Pool names.
    profileGroups List<String>
    Name of profile group.
    profileProtocolOptions List<String>
    Name of an existing Protocol options profile.
    profileType String
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    rsso String
    Enable/disable RADIUS Single Sign-On.
    trafficShaperReverses List<String>
    Reverse traffic shaper.
    trafficShapers List<String>
    Traffic shaper.
    users List<String>
    Names of individual users that can authenticate with this policy.
    utmStatus String
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    vpnTunnels List<String>
    wafProfiles List<String>
    Name of an existing Web application firewall profile.
    webfilterProfiles List<String>
    Name of an existing Web filter profile.
    dstaddrs string[]
    Destination address and adress group names.
    dstintfs string[]
    Outgoing interface.
    schedules string[]
    Schedule name.
    services string[]
    Service and service group names.
    srcaddrs string[]
    Source address and adress group names.
    srcintfs string[]
    Incoming interface.
    action string
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    adom string
    ADOM name. default is 'root'.
    applicationLists string[]
    Name of an existing Application list.
    avProfiles string[]
    Name of an existing Antivirus profile.
    capturePacket string
    Enable/disable capture packets.
    comments string
    Comments.
    dnsfilterProfiles string[]
    Name of an existing DNS filter profile.
    fixedport string
    Enable/disable to prevent source NAT from changing a session's source port.
    fsso string
    Enable/disable Fortinet Single Sign-On.
    groups string[]
    Names of user groups that can authenticate with this policy.
    inbound string
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    internetService string
    Enable/disable use of Destination Internet Services for this policy.
    internetServiceIds string[]
    Destination Internet Service ID.
    internetServiceNames string[]
    Destination Internet Service Name.
    internetServiceSrc string
    Enable/disable use of Source Internet Services for this policy.
    internetServiceSrcIds string[]
    Source Internet Service ID.
    internetServiceSrcNames string[]
    Source Internet Service Name.
    ippool string
    Enable/disable to use IP Pools for source NAT.
    ipsSensors string[]
    Name of an existing IPS sensor.
    logtraffic string
    Enable or disable logging. Enum: [disable, all, utm]
    logtrafficStart string
    Record logs when a session starts and ends. Enum: [disable, enable]
    name string
    Policy name.
    nat string
    Enable/disable source NAT.
    packageName string
    The package name which the policy will be added to.
    perIpShapers string[]
    Per-IP traffic shaper.
    poolnames string[]
    IP Pool names.
    profileGroups string[]
    Name of profile group.
    profileProtocolOptions string[]
    Name of an existing Protocol options profile.
    profileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    rsso string
    Enable/disable RADIUS Single Sign-On.
    trafficShaperReverses string[]
    Reverse traffic shaper.
    trafficShapers string[]
    Traffic shaper.
    users string[]
    Names of individual users that can authenticate with this policy.
    utmStatus string
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    vpnTunnels string[]
    wafProfiles string[]
    Name of an existing Web application firewall profile.
    webfilterProfiles string[]
    Name of an existing Web filter profile.
    dstaddrs Sequence[str]
    Destination address and adress group names.
    dstintfs Sequence[str]
    Outgoing interface.
    schedules Sequence[str]
    Schedule name.
    services Sequence[str]
    Service and service group names.
    srcaddrs Sequence[str]
    Source address and adress group names.
    srcintfs Sequence[str]
    Incoming interface.
    action str
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    adom str
    ADOM name. default is 'root'.
    application_lists Sequence[str]
    Name of an existing Application list.
    av_profiles Sequence[str]
    Name of an existing Antivirus profile.
    capture_packet str
    Enable/disable capture packets.
    comments str
    Comments.
    dnsfilter_profiles Sequence[str]
    Name of an existing DNS filter profile.
    fixedport str
    Enable/disable to prevent source NAT from changing a session's source port.
    fsso str
    Enable/disable Fortinet Single Sign-On.
    groups Sequence[str]
    Names of user groups that can authenticate with this policy.
    inbound str
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    internet_service str
    Enable/disable use of Destination Internet Services for this policy.
    internet_service_ids Sequence[str]
    Destination Internet Service ID.
    internet_service_names Sequence[str]
    Destination Internet Service Name.
    internet_service_src str
    Enable/disable use of Source Internet Services for this policy.
    internet_service_src_ids Sequence[str]
    Source Internet Service ID.
    internet_service_src_names Sequence[str]
    Source Internet Service Name.
    ippool str
    Enable/disable to use IP Pools for source NAT.
    ips_sensors Sequence[str]
    Name of an existing IPS sensor.
    logtraffic str
    Enable or disable logging. Enum: [disable, all, utm]
    logtraffic_start str
    Record logs when a session starts and ends. Enum: [disable, enable]
    name str
    Policy name.
    nat str
    Enable/disable source NAT.
    package_name str
    The package name which the policy will be added to.
    per_ip_shapers Sequence[str]
    Per-IP traffic shaper.
    poolnames Sequence[str]
    IP Pool names.
    profile_groups Sequence[str]
    Name of profile group.
    profile_protocol_options Sequence[str]
    Name of an existing Protocol options profile.
    profile_type str
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    rsso str
    Enable/disable RADIUS Single Sign-On.
    traffic_shaper_reverses Sequence[str]
    Reverse traffic shaper.
    traffic_shapers Sequence[str]
    Traffic shaper.
    users Sequence[str]
    Names of individual users that can authenticate with this policy.
    utm_status str
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    vpn_tunnels Sequence[str]
    waf_profiles Sequence[str]
    Name of an existing Web application firewall profile.
    webfilter_profiles Sequence[str]
    Name of an existing Web filter profile.
    dstaddrs List<String>
    Destination address and adress group names.
    dstintfs List<String>
    Outgoing interface.
    schedules List<String>
    Schedule name.
    services List<String>
    Service and service group names.
    srcaddrs List<String>
    Source address and adress group names.
    srcintfs List<String>
    Incoming interface.
    action String
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    adom String
    ADOM name. default is 'root'.
    applicationLists List<String>
    Name of an existing Application list.
    avProfiles List<String>
    Name of an existing Antivirus profile.
    capturePacket String
    Enable/disable capture packets.
    comments String
    Comments.
    dnsfilterProfiles List<String>
    Name of an existing DNS filter profile.
    fixedport String
    Enable/disable to prevent source NAT from changing a session's source port.
    fsso String
    Enable/disable Fortinet Single Sign-On.
    groups List<String>
    Names of user groups that can authenticate with this policy.
    inbound String
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    internetService String
    Enable/disable use of Destination Internet Services for this policy.
    internetServiceIds List<String>
    Destination Internet Service ID.
    internetServiceNames List<String>
    Destination Internet Service Name.
    internetServiceSrc String
    Enable/disable use of Source Internet Services for this policy.
    internetServiceSrcIds List<String>
    Source Internet Service ID.
    internetServiceSrcNames List<String>
    Source Internet Service Name.
    ippool String
    Enable/disable to use IP Pools for source NAT.
    ipsSensors List<String>
    Name of an existing IPS sensor.
    logtraffic String
    Enable or disable logging. Enum: [disable, all, utm]
    logtrafficStart String
    Record logs when a session starts and ends. Enum: [disable, enable]
    name String
    Policy name.
    nat String
    Enable/disable source NAT.
    packageName String
    The package name which the policy will be added to.
    perIpShapers List<String>
    Per-IP traffic shaper.
    poolnames List<String>
    IP Pool names.
    profileGroups List<String>
    Name of profile group.
    profileProtocolOptions List<String>
    Name of an existing Protocol options profile.
    profileType String
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    rsso String
    Enable/disable RADIUS Single Sign-On.
    trafficShaperReverses List<String>
    Reverse traffic shaper.
    trafficShapers List<String>
    Traffic shaper.
    users List<String>
    Names of individual users that can authenticate with this policy.
    utmStatus String
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    vpnTunnels List<String>
    wafProfiles List<String>
    Name of an existing Web application firewall profile.
    webfilterProfiles List<String>
    Name of an existing Web filter profile.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the FirewallSecurityPolicy resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing FirewallSecurityPolicy Resource

    Get an existing FirewallSecurityPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FirewallSecurityPolicyState, opts?: CustomResourceOptions): FirewallSecurityPolicy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            action: Optional[str] = None,
            adom: Optional[str] = None,
            application_lists: Optional[Sequence[str]] = None,
            av_profiles: Optional[Sequence[str]] = None,
            capture_packet: Optional[str] = None,
            comments: Optional[str] = None,
            dnsfilter_profiles: Optional[Sequence[str]] = None,
            dstaddrs: Optional[Sequence[str]] = None,
            dstintfs: Optional[Sequence[str]] = None,
            fixedport: Optional[str] = None,
            fsso: Optional[str] = None,
            groups: Optional[Sequence[str]] = None,
            inbound: Optional[str] = None,
            internet_service: Optional[str] = None,
            internet_service_ids: Optional[Sequence[str]] = None,
            internet_service_names: Optional[Sequence[str]] = None,
            internet_service_src: Optional[str] = None,
            internet_service_src_ids: Optional[Sequence[str]] = None,
            internet_service_src_names: Optional[Sequence[str]] = None,
            ippool: Optional[str] = None,
            ips_sensors: Optional[Sequence[str]] = None,
            logtraffic: Optional[str] = None,
            logtraffic_start: Optional[str] = None,
            name: Optional[str] = None,
            nat: Optional[str] = None,
            package_name: Optional[str] = None,
            per_ip_shapers: Optional[Sequence[str]] = None,
            poolnames: Optional[Sequence[str]] = None,
            profile_groups: Optional[Sequence[str]] = None,
            profile_protocol_options: Optional[Sequence[str]] = None,
            profile_type: Optional[str] = None,
            rsso: Optional[str] = None,
            schedules: Optional[Sequence[str]] = None,
            services: Optional[Sequence[str]] = None,
            srcaddrs: Optional[Sequence[str]] = None,
            srcintfs: Optional[Sequence[str]] = None,
            traffic_shaper_reverses: Optional[Sequence[str]] = None,
            traffic_shapers: Optional[Sequence[str]] = None,
            users: Optional[Sequence[str]] = None,
            utm_status: Optional[str] = None,
            vpn_tunnels: Optional[Sequence[str]] = None,
            waf_profiles: Optional[Sequence[str]] = None,
            webfilter_profiles: Optional[Sequence[str]] = None) -> FirewallSecurityPolicy
    func GetFirewallSecurityPolicy(ctx *Context, name string, id IDInput, state *FirewallSecurityPolicyState, opts ...ResourceOption) (*FirewallSecurityPolicy, error)
    public static FirewallSecurityPolicy Get(string name, Input<string> id, FirewallSecurityPolicyState? state, CustomResourceOptions? opts = null)
    public static FirewallSecurityPolicy get(String name, Output<String> id, FirewallSecurityPolicyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Action string
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    Adom string
    ADOM name. default is 'root'.
    ApplicationLists List<string>
    Name of an existing Application list.
    AvProfiles List<string>
    Name of an existing Antivirus profile.
    CapturePacket string
    Enable/disable capture packets.
    Comments string
    Comments.
    DnsfilterProfiles List<string>
    Name of an existing DNS filter profile.
    Dstaddrs List<string>
    Destination address and adress group names.
    Dstintfs List<string>
    Outgoing interface.
    Fixedport string
    Enable/disable to prevent source NAT from changing a session's source port.
    Fsso string
    Enable/disable Fortinet Single Sign-On.
    Groups List<string>
    Names of user groups that can authenticate with this policy.
    Inbound string
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    InternetService string
    Enable/disable use of Destination Internet Services for this policy.
    InternetServiceIds List<string>
    Destination Internet Service ID.
    InternetServiceNames List<string>
    Destination Internet Service Name.
    InternetServiceSrc string
    Enable/disable use of Source Internet Services for this policy.
    InternetServiceSrcIds List<string>
    Source Internet Service ID.
    InternetServiceSrcNames List<string>
    Source Internet Service Name.
    Ippool string
    Enable/disable to use IP Pools for source NAT.
    IpsSensors List<string>
    Name of an existing IPS sensor.
    Logtraffic string
    Enable or disable logging. Enum: [disable, all, utm]
    LogtrafficStart string
    Record logs when a session starts and ends. Enum: [disable, enable]
    Name string
    Policy name.
    Nat string
    Enable/disable source NAT.
    PackageName string
    The package name which the policy will be added to.
    PerIpShapers List<string>
    Per-IP traffic shaper.
    Poolnames List<string>
    IP Pool names.
    ProfileGroups List<string>
    Name of profile group.
    ProfileProtocolOptions List<string>
    Name of an existing Protocol options profile.
    ProfileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    Rsso string
    Enable/disable RADIUS Single Sign-On.
    Schedules List<string>
    Schedule name.
    Services List<string>
    Service and service group names.
    Srcaddrs List<string>
    Source address and adress group names.
    Srcintfs List<string>
    Incoming interface.
    TrafficShaperReverses List<string>
    Reverse traffic shaper.
    TrafficShapers List<string>
    Traffic shaper.
    Users List<string>
    Names of individual users that can authenticate with this policy.
    UtmStatus string
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    VpnTunnels List<string>
    WafProfiles List<string>
    Name of an existing Web application firewall profile.
    WebfilterProfiles List<string>
    Name of an existing Web filter profile.
    Action string
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    Adom string
    ADOM name. default is 'root'.
    ApplicationLists []string
    Name of an existing Application list.
    AvProfiles []string
    Name of an existing Antivirus profile.
    CapturePacket string
    Enable/disable capture packets.
    Comments string
    Comments.
    DnsfilterProfiles []string
    Name of an existing DNS filter profile.
    Dstaddrs []string
    Destination address and adress group names.
    Dstintfs []string
    Outgoing interface.
    Fixedport string
    Enable/disable to prevent source NAT from changing a session's source port.
    Fsso string
    Enable/disable Fortinet Single Sign-On.
    Groups []string
    Names of user groups that can authenticate with this policy.
    Inbound string
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    InternetService string
    Enable/disable use of Destination Internet Services for this policy.
    InternetServiceIds []string
    Destination Internet Service ID.
    InternetServiceNames []string
    Destination Internet Service Name.
    InternetServiceSrc string
    Enable/disable use of Source Internet Services for this policy.
    InternetServiceSrcIds []string
    Source Internet Service ID.
    InternetServiceSrcNames []string
    Source Internet Service Name.
    Ippool string
    Enable/disable to use IP Pools for source NAT.
    IpsSensors []string
    Name of an existing IPS sensor.
    Logtraffic string
    Enable or disable logging. Enum: [disable, all, utm]
    LogtrafficStart string
    Record logs when a session starts and ends. Enum: [disable, enable]
    Name string
    Policy name.
    Nat string
    Enable/disable source NAT.
    PackageName string
    The package name which the policy will be added to.
    PerIpShapers []string
    Per-IP traffic shaper.
    Poolnames []string
    IP Pool names.
    ProfileGroups []string
    Name of profile group.
    ProfileProtocolOptions []string
    Name of an existing Protocol options profile.
    ProfileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    Rsso string
    Enable/disable RADIUS Single Sign-On.
    Schedules []string
    Schedule name.
    Services []string
    Service and service group names.
    Srcaddrs []string
    Source address and adress group names.
    Srcintfs []string
    Incoming interface.
    TrafficShaperReverses []string
    Reverse traffic shaper.
    TrafficShapers []string
    Traffic shaper.
    Users []string
    Names of individual users that can authenticate with this policy.
    UtmStatus string
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    VpnTunnels []string
    WafProfiles []string
    Name of an existing Web application firewall profile.
    WebfilterProfiles []string
    Name of an existing Web filter profile.
    action String
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    adom String
    ADOM name. default is 'root'.
    applicationLists List<String>
    Name of an existing Application list.
    avProfiles List<String>
    Name of an existing Antivirus profile.
    capturePacket String
    Enable/disable capture packets.
    comments String
    Comments.
    dnsfilterProfiles List<String>
    Name of an existing DNS filter profile.
    dstaddrs List<String>
    Destination address and adress group names.
    dstintfs List<String>
    Outgoing interface.
    fixedport String
    Enable/disable to prevent source NAT from changing a session's source port.
    fsso String
    Enable/disable Fortinet Single Sign-On.
    groups List<String>
    Names of user groups that can authenticate with this policy.
    inbound String
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    internetService String
    Enable/disable use of Destination Internet Services for this policy.
    internetServiceIds List<String>
    Destination Internet Service ID.
    internetServiceNames List<String>
    Destination Internet Service Name.
    internetServiceSrc String
    Enable/disable use of Source Internet Services for this policy.
    internetServiceSrcIds List<String>
    Source Internet Service ID.
    internetServiceSrcNames List<String>
    Source Internet Service Name.
    ippool String
    Enable/disable to use IP Pools for source NAT.
    ipsSensors List<String>
    Name of an existing IPS sensor.
    logtraffic String
    Enable or disable logging. Enum: [disable, all, utm]
    logtrafficStart String
    Record logs when a session starts and ends. Enum: [disable, enable]
    name String
    Policy name.
    nat String
    Enable/disable source NAT.
    packageName String
    The package name which the policy will be added to.
    perIpShapers List<String>
    Per-IP traffic shaper.
    poolnames List<String>
    IP Pool names.
    profileGroups List<String>
    Name of profile group.
    profileProtocolOptions List<String>
    Name of an existing Protocol options profile.
    profileType String
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    rsso String
    Enable/disable RADIUS Single Sign-On.
    schedules List<String>
    Schedule name.
    services List<String>
    Service and service group names.
    srcaddrs List<String>
    Source address and adress group names.
    srcintfs List<String>
    Incoming interface.
    trafficShaperReverses List<String>
    Reverse traffic shaper.
    trafficShapers List<String>
    Traffic shaper.
    users List<String>
    Names of individual users that can authenticate with this policy.
    utmStatus String
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    vpnTunnels List<String>
    wafProfiles List<String>
    Name of an existing Web application firewall profile.
    webfilterProfiles List<String>
    Name of an existing Web filter profile.
    action string
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    adom string
    ADOM name. default is 'root'.
    applicationLists string[]
    Name of an existing Application list.
    avProfiles string[]
    Name of an existing Antivirus profile.
    capturePacket string
    Enable/disable capture packets.
    comments string
    Comments.
    dnsfilterProfiles string[]
    Name of an existing DNS filter profile.
    dstaddrs string[]
    Destination address and adress group names.
    dstintfs string[]
    Outgoing interface.
    fixedport string
    Enable/disable to prevent source NAT from changing a session's source port.
    fsso string
    Enable/disable Fortinet Single Sign-On.
    groups string[]
    Names of user groups that can authenticate with this policy.
    inbound string
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    internetService string
    Enable/disable use of Destination Internet Services for this policy.
    internetServiceIds string[]
    Destination Internet Service ID.
    internetServiceNames string[]
    Destination Internet Service Name.
    internetServiceSrc string
    Enable/disable use of Source Internet Services for this policy.
    internetServiceSrcIds string[]
    Source Internet Service ID.
    internetServiceSrcNames string[]
    Source Internet Service Name.
    ippool string
    Enable/disable to use IP Pools for source NAT.
    ipsSensors string[]
    Name of an existing IPS sensor.
    logtraffic string
    Enable or disable logging. Enum: [disable, all, utm]
    logtrafficStart string
    Record logs when a session starts and ends. Enum: [disable, enable]
    name string
    Policy name.
    nat string
    Enable/disable source NAT.
    packageName string
    The package name which the policy will be added to.
    perIpShapers string[]
    Per-IP traffic shaper.
    poolnames string[]
    IP Pool names.
    profileGroups string[]
    Name of profile group.
    profileProtocolOptions string[]
    Name of an existing Protocol options profile.
    profileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    rsso string
    Enable/disable RADIUS Single Sign-On.
    schedules string[]
    Schedule name.
    services string[]
    Service and service group names.
    srcaddrs string[]
    Source address and adress group names.
    srcintfs string[]
    Incoming interface.
    trafficShaperReverses string[]
    Reverse traffic shaper.
    trafficShapers string[]
    Traffic shaper.
    users string[]
    Names of individual users that can authenticate with this policy.
    utmStatus string
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    vpnTunnels string[]
    wafProfiles string[]
    Name of an existing Web application firewall profile.
    webfilterProfiles string[]
    Name of an existing Web filter profile.
    action str
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    adom str
    ADOM name. default is 'root'.
    application_lists Sequence[str]
    Name of an existing Application list.
    av_profiles Sequence[str]
    Name of an existing Antivirus profile.
    capture_packet str
    Enable/disable capture packets.
    comments str
    Comments.
    dnsfilter_profiles Sequence[str]
    Name of an existing DNS filter profile.
    dstaddrs Sequence[str]
    Destination address and adress group names.
    dstintfs Sequence[str]
    Outgoing interface.
    fixedport str
    Enable/disable to prevent source NAT from changing a session's source port.
    fsso str
    Enable/disable Fortinet Single Sign-On.
    groups Sequence[str]
    Names of user groups that can authenticate with this policy.
    inbound str
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    internet_service str
    Enable/disable use of Destination Internet Services for this policy.
    internet_service_ids Sequence[str]
    Destination Internet Service ID.
    internet_service_names Sequence[str]
    Destination Internet Service Name.
    internet_service_src str
    Enable/disable use of Source Internet Services for this policy.
    internet_service_src_ids Sequence[str]
    Source Internet Service ID.
    internet_service_src_names Sequence[str]
    Source Internet Service Name.
    ippool str
    Enable/disable to use IP Pools for source NAT.
    ips_sensors Sequence[str]
    Name of an existing IPS sensor.
    logtraffic str
    Enable or disable logging. Enum: [disable, all, utm]
    logtraffic_start str
    Record logs when a session starts and ends. Enum: [disable, enable]
    name str
    Policy name.
    nat str
    Enable/disable source NAT.
    package_name str
    The package name which the policy will be added to.
    per_ip_shapers Sequence[str]
    Per-IP traffic shaper.
    poolnames Sequence[str]
    IP Pool names.
    profile_groups Sequence[str]
    Name of profile group.
    profile_protocol_options Sequence[str]
    Name of an existing Protocol options profile.
    profile_type str
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    rsso str
    Enable/disable RADIUS Single Sign-On.
    schedules Sequence[str]
    Schedule name.
    services Sequence[str]
    Service and service group names.
    srcaddrs Sequence[str]
    Source address and adress group names.
    srcintfs Sequence[str]
    Incoming interface.
    traffic_shaper_reverses Sequence[str]
    Reverse traffic shaper.
    traffic_shapers Sequence[str]
    Traffic shaper.
    users Sequence[str]
    Names of individual users that can authenticate with this policy.
    utm_status str
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    vpn_tunnels Sequence[str]
    waf_profiles Sequence[str]
    Name of an existing Web application firewall profile.
    webfilter_profiles Sequence[str]
    Name of an existing Web filter profile.
    action String
    Policy action, default is deny. Enum: [allow, deny, ipsec].
    adom String
    ADOM name. default is 'root'.
    applicationLists List<String>
    Name of an existing Application list.
    avProfiles List<String>
    Name of an existing Antivirus profile.
    capturePacket String
    Enable/disable capture packets.
    comments String
    Comments.
    dnsfilterProfiles List<String>
    Name of an existing DNS filter profile.
    dstaddrs List<String>
    Destination address and adress group names.
    dstintfs List<String>
    Outgoing interface.
    fixedport String
    Enable/disable to prevent source NAT from changing a session's source port.
    fsso String
    Enable/disable Fortinet Single Sign-On.
    groups List<String>
    Names of user groups that can authenticate with this policy.
    inbound String
    Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Enum: [disable, enable]
    internetService String
    Enable/disable use of Destination Internet Services for this policy.
    internetServiceIds List<String>
    Destination Internet Service ID.
    internetServiceNames List<String>
    Destination Internet Service Name.
    internetServiceSrc String
    Enable/disable use of Source Internet Services for this policy.
    internetServiceSrcIds List<String>
    Source Internet Service ID.
    internetServiceSrcNames List<String>
    Source Internet Service Name.
    ippool String
    Enable/disable to use IP Pools for source NAT.
    ipsSensors List<String>
    Name of an existing IPS sensor.
    logtraffic String
    Enable or disable logging. Enum: [disable, all, utm]
    logtrafficStart String
    Record logs when a session starts and ends. Enum: [disable, enable]
    name String
    Policy name.
    nat String
    Enable/disable source NAT.
    packageName String
    The package name which the policy will be added to.
    perIpShapers List<String>
    Per-IP traffic shaper.
    poolnames List<String>
    IP Pool names.
    profileGroups List<String>
    Name of profile group.
    profileProtocolOptions List<String>
    Name of an existing Protocol options profile.
    profileType String
    Determine whether the firewall policy allows security profile groups or single profiles only. Enum: [single, group]
    rsso String
    Enable/disable RADIUS Single Sign-On.
    schedules List<String>
    Schedule name.
    services List<String>
    Service and service group names.
    srcaddrs List<String>
    Source address and adress group names.
    srcintfs List<String>
    Incoming interface.
    trafficShaperReverses List<String>
    Reverse traffic shaper.
    trafficShapers List<String>
    Traffic shaper.
    users List<String>
    Names of individual users that can authenticate with this policy.
    utmStatus String
    Enable/disable to add one or more security profiles (AV, IPS, etc.) to the firewall policy.
    vpnTunnels List<String>
    wafProfiles List<String>
    Name of an existing Web application firewall profile.
    webfilterProfiles List<String>
    Name of an existing Web filter profile.

    Package Details

    Repository
    fortios pulumiverse/pulumi-fortios
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the fortios Terraform Provider.
    fortios logo
    Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse