1. Packages
  2. Fortios
  3. API Docs
  4. webproxy
  5. Global
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.webproxy.Global

Explore with Pulumi AI

fortios logo
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

    Configure Web proxy global settings.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as fortios from "@pulumiverse/fortios";
    
    const trname = new fortios.webproxy.Global("trname", {
        fastPolicyMatch: "enable",
        forwardProxyAuth: "disable",
        forwardServerAffinityTimeout: 30,
        learnClientIp: "disable",
        maxMessageLength: 32,
        maxRequestLength: 4,
        maxWafBodyCacheLength: 32,
        proxyFqdn: "default.fqdn",
        sslCaCert: "Fortinet_CA_SSL",
        sslCert: "Fortinet_Factory",
        strictWebCheck: "disable",
        tunnelNonHttp: "enable",
        unknownHttpVersion: "best-effort",
    });
    
    import pulumi
    import pulumiverse_fortios as fortios
    
    trname = fortios.webproxy.Global("trname",
        fast_policy_match="enable",
        forward_proxy_auth="disable",
        forward_server_affinity_timeout=30,
        learn_client_ip="disable",
        max_message_length=32,
        max_request_length=4,
        max_waf_body_cache_length=32,
        proxy_fqdn="default.fqdn",
        ssl_ca_cert="Fortinet_CA_SSL",
        ssl_cert="Fortinet_Factory",
        strict_web_check="disable",
        tunnel_non_http="enable",
        unknown_http_version="best-effort")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/webproxy"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := webproxy.NewGlobal(ctx, "trname", &webproxy.GlobalArgs{
    			FastPolicyMatch:              pulumi.String("enable"),
    			ForwardProxyAuth:             pulumi.String("disable"),
    			ForwardServerAffinityTimeout: pulumi.Int(30),
    			LearnClientIp:                pulumi.String("disable"),
    			MaxMessageLength:             pulumi.Int(32),
    			MaxRequestLength:             pulumi.Int(4),
    			MaxWafBodyCacheLength:        pulumi.Int(32),
    			ProxyFqdn:                    pulumi.String("default.fqdn"),
    			SslCaCert:                    pulumi.String("Fortinet_CA_SSL"),
    			SslCert:                      pulumi.String("Fortinet_Factory"),
    			StrictWebCheck:               pulumi.String("disable"),
    			TunnelNonHttp:                pulumi.String("enable"),
    			UnknownHttpVersion:           pulumi.String("best-effort"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Fortios = Pulumiverse.Fortios;
    
    return await Deployment.RunAsync(() => 
    {
        var trname = new Fortios.Webproxy.Global("trname", new()
        {
            FastPolicyMatch = "enable",
            ForwardProxyAuth = "disable",
            ForwardServerAffinityTimeout = 30,
            LearnClientIp = "disable",
            MaxMessageLength = 32,
            MaxRequestLength = 4,
            MaxWafBodyCacheLength = 32,
            ProxyFqdn = "default.fqdn",
            SslCaCert = "Fortinet_CA_SSL",
            SslCert = "Fortinet_Factory",
            StrictWebCheck = "disable",
            TunnelNonHttp = "enable",
            UnknownHttpVersion = "best-effort",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.fortios.webproxy.Global;
    import com.pulumi.fortios.webproxy.GlobalArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var trname = new Global("trname", GlobalArgs.builder()
                .fastPolicyMatch("enable")
                .forwardProxyAuth("disable")
                .forwardServerAffinityTimeout(30)
                .learnClientIp("disable")
                .maxMessageLength(32)
                .maxRequestLength(4)
                .maxWafBodyCacheLength(32)
                .proxyFqdn("default.fqdn")
                .sslCaCert("Fortinet_CA_SSL")
                .sslCert("Fortinet_Factory")
                .strictWebCheck("disable")
                .tunnelNonHttp("enable")
                .unknownHttpVersion("best-effort")
                .build());
    
        }
    }
    
    resources:
      trname:
        type: fortios:webproxy:Global
        properties:
          fastPolicyMatch: enable
          forwardProxyAuth: disable
          forwardServerAffinityTimeout: 30
          learnClientIp: disable
          maxMessageLength: 32
          maxRequestLength: 4
          maxWafBodyCacheLength: 32
          proxyFqdn: default.fqdn
          sslCaCert: Fortinet_CA_SSL
          sslCert: Fortinet_Factory
          strictWebCheck: disable
          tunnelNonHttp: enable
          unknownHttpVersion: best-effort
    

    Create Global Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Global(name: string, args: GlobalArgs, opts?: CustomResourceOptions);
    @overload
    def Global(resource_name: str,
               args: GlobalArgs,
               opts: Optional[ResourceOptions] = None)
    
    @overload
    def Global(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               proxy_fqdn: Optional[str] = None,
               max_message_length: Optional[int] = None,
               unknown_http_version: Optional[str] = None,
               forward_proxy_auth: Optional[str] = None,
               forward_server_affinity_timeout: Optional[int] = None,
               get_all_tables: Optional[str] = None,
               ldap_user_cache: Optional[str] = None,
               learn_client_ip: Optional[str] = None,
               learn_client_ip_from_header: Optional[str] = None,
               learn_client_ip_srcaddr6s: Optional[Sequence[GlobalLearnClientIpSrcaddr6Args]] = None,
               learn_client_ip_srcaddrs: Optional[Sequence[GlobalLearnClientIpSrcaddrArgs]] = None,
               log_app_id: Optional[str] = None,
               log_forward_server: Optional[str] = None,
               webproxy_profile: Optional[str] = None,
               fast_policy_match: Optional[str] = None,
               proxy_transparent_cert_inspection: Optional[str] = None,
               max_waf_body_cache_length: Optional[int] = None,
               policy_category_deep_inspect: Optional[str] = None,
               dynamic_sort_subtable: Optional[str] = None,
               max_request_length: Optional[int] = None,
               src_affinity_exempt_addr: Optional[str] = None,
               src_affinity_exempt_addr6: Optional[str] = None,
               ssl_ca_cert: Optional[str] = None,
               ssl_cert: Optional[str] = None,
               strict_web_check: Optional[str] = None,
               tunnel_non_http: Optional[str] = None,
               always_learn_client_ip: Optional[str] = None,
               vdomparam: Optional[str] = None,
               log_policy_pending: Optional[str] = None)
    func NewGlobal(ctx *Context, name string, args GlobalArgs, opts ...ResourceOption) (*Global, error)
    public Global(string name, GlobalArgs args, CustomResourceOptions? opts = null)
    public Global(String name, GlobalArgs args)
    public Global(String name, GlobalArgs args, CustomResourceOptions options)
    
    type: fortios:webproxy:Global
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args GlobalArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args GlobalArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args GlobalArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args GlobalArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args GlobalArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var exampleglobalResourceResourceFromWebproxyglobal = new Fortios.Webproxy.Global("exampleglobalResourceResourceFromWebproxyglobal", new()
    {
        ProxyFqdn = "string",
        MaxMessageLength = 0,
        UnknownHttpVersion = "string",
        ForwardProxyAuth = "string",
        ForwardServerAffinityTimeout = 0,
        GetAllTables = "string",
        LdapUserCache = "string",
        LearnClientIp = "string",
        LearnClientIpFromHeader = "string",
        LearnClientIpSrcaddr6s = new[]
        {
            new Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr6Args
            {
                Name = "string",
            },
        },
        LearnClientIpSrcaddrs = new[]
        {
            new Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddrArgs
            {
                Name = "string",
            },
        },
        LogAppId = "string",
        LogForwardServer = "string",
        WebproxyProfile = "string",
        FastPolicyMatch = "string",
        ProxyTransparentCertInspection = "string",
        MaxWafBodyCacheLength = 0,
        PolicyCategoryDeepInspect = "string",
        DynamicSortSubtable = "string",
        MaxRequestLength = 0,
        SrcAffinityExemptAddr = "string",
        SrcAffinityExemptAddr6 = "string",
        SslCaCert = "string",
        SslCert = "string",
        StrictWebCheck = "string",
        TunnelNonHttp = "string",
        AlwaysLearnClientIp = "string",
        Vdomparam = "string",
        LogPolicyPending = "string",
    });
    
    example, err := webproxy.NewGlobal(ctx, "exampleglobalResourceResourceFromWebproxyglobal", &webproxy.GlobalArgs{
    	ProxyFqdn:                    pulumi.String("string"),
    	MaxMessageLength:             pulumi.Int(0),
    	UnknownHttpVersion:           pulumi.String("string"),
    	ForwardProxyAuth:             pulumi.String("string"),
    	ForwardServerAffinityTimeout: pulumi.Int(0),
    	GetAllTables:                 pulumi.String("string"),
    	LdapUserCache:                pulumi.String("string"),
    	LearnClientIp:                pulumi.String("string"),
    	LearnClientIpFromHeader:      pulumi.String("string"),
    	LearnClientIpSrcaddr6s: webproxy.GlobalLearnClientIpSrcaddr6Array{
    		&webproxy.GlobalLearnClientIpSrcaddr6Args{
    			Name: pulumi.String("string"),
    		},
    	},
    	LearnClientIpSrcaddrs: webproxy.GlobalLearnClientIpSrcaddrArray{
    		&webproxy.GlobalLearnClientIpSrcaddrArgs{
    			Name: pulumi.String("string"),
    		},
    	},
    	LogAppId:                       pulumi.String("string"),
    	LogForwardServer:               pulumi.String("string"),
    	WebproxyProfile:                pulumi.String("string"),
    	FastPolicyMatch:                pulumi.String("string"),
    	ProxyTransparentCertInspection: pulumi.String("string"),
    	MaxWafBodyCacheLength:          pulumi.Int(0),
    	PolicyCategoryDeepInspect:      pulumi.String("string"),
    	DynamicSortSubtable:            pulumi.String("string"),
    	MaxRequestLength:               pulumi.Int(0),
    	SrcAffinityExemptAddr:          pulumi.String("string"),
    	SrcAffinityExemptAddr6:         pulumi.String("string"),
    	SslCaCert:                      pulumi.String("string"),
    	SslCert:                        pulumi.String("string"),
    	StrictWebCheck:                 pulumi.String("string"),
    	TunnelNonHttp:                  pulumi.String("string"),
    	AlwaysLearnClientIp:            pulumi.String("string"),
    	Vdomparam:                      pulumi.String("string"),
    	LogPolicyPending:               pulumi.String("string"),
    })
    
    var exampleglobalResourceResourceFromWebproxyglobal = new Global("exampleglobalResourceResourceFromWebproxyglobal", GlobalArgs.builder()
        .proxyFqdn("string")
        .maxMessageLength(0)
        .unknownHttpVersion("string")
        .forwardProxyAuth("string")
        .forwardServerAffinityTimeout(0)
        .getAllTables("string")
        .ldapUserCache("string")
        .learnClientIp("string")
        .learnClientIpFromHeader("string")
        .learnClientIpSrcaddr6s(GlobalLearnClientIpSrcaddr6Args.builder()
            .name("string")
            .build())
        .learnClientIpSrcaddrs(GlobalLearnClientIpSrcaddrArgs.builder()
            .name("string")
            .build())
        .logAppId("string")
        .logForwardServer("string")
        .webproxyProfile("string")
        .fastPolicyMatch("string")
        .proxyTransparentCertInspection("string")
        .maxWafBodyCacheLength(0)
        .policyCategoryDeepInspect("string")
        .dynamicSortSubtable("string")
        .maxRequestLength(0)
        .srcAffinityExemptAddr("string")
        .srcAffinityExemptAddr6("string")
        .sslCaCert("string")
        .sslCert("string")
        .strictWebCheck("string")
        .tunnelNonHttp("string")
        .alwaysLearnClientIp("string")
        .vdomparam("string")
        .logPolicyPending("string")
        .build());
    
    exampleglobal_resource_resource_from_webproxyglobal = fortios.webproxy.Global("exampleglobalResourceResourceFromWebproxyglobal",
        proxy_fqdn="string",
        max_message_length=0,
        unknown_http_version="string",
        forward_proxy_auth="string",
        forward_server_affinity_timeout=0,
        get_all_tables="string",
        ldap_user_cache="string",
        learn_client_ip="string",
        learn_client_ip_from_header="string",
        learn_client_ip_srcaddr6s=[{
            "name": "string",
        }],
        learn_client_ip_srcaddrs=[{
            "name": "string",
        }],
        log_app_id="string",
        log_forward_server="string",
        webproxy_profile="string",
        fast_policy_match="string",
        proxy_transparent_cert_inspection="string",
        max_waf_body_cache_length=0,
        policy_category_deep_inspect="string",
        dynamic_sort_subtable="string",
        max_request_length=0,
        src_affinity_exempt_addr="string",
        src_affinity_exempt_addr6="string",
        ssl_ca_cert="string",
        ssl_cert="string",
        strict_web_check="string",
        tunnel_non_http="string",
        always_learn_client_ip="string",
        vdomparam="string",
        log_policy_pending="string")
    
    const exampleglobalResourceResourceFromWebproxyglobal = new fortios.webproxy.Global("exampleglobalResourceResourceFromWebproxyglobal", {
        proxyFqdn: "string",
        maxMessageLength: 0,
        unknownHttpVersion: "string",
        forwardProxyAuth: "string",
        forwardServerAffinityTimeout: 0,
        getAllTables: "string",
        ldapUserCache: "string",
        learnClientIp: "string",
        learnClientIpFromHeader: "string",
        learnClientIpSrcaddr6s: [{
            name: "string",
        }],
        learnClientIpSrcaddrs: [{
            name: "string",
        }],
        logAppId: "string",
        logForwardServer: "string",
        webproxyProfile: "string",
        fastPolicyMatch: "string",
        proxyTransparentCertInspection: "string",
        maxWafBodyCacheLength: 0,
        policyCategoryDeepInspect: "string",
        dynamicSortSubtable: "string",
        maxRequestLength: 0,
        srcAffinityExemptAddr: "string",
        srcAffinityExemptAddr6: "string",
        sslCaCert: "string",
        sslCert: "string",
        strictWebCheck: "string",
        tunnelNonHttp: "string",
        alwaysLearnClientIp: "string",
        vdomparam: "string",
        logPolicyPending: "string",
    });
    
    type: fortios:webproxy:Global
    properties:
        alwaysLearnClientIp: string
        dynamicSortSubtable: string
        fastPolicyMatch: string
        forwardProxyAuth: string
        forwardServerAffinityTimeout: 0
        getAllTables: string
        ldapUserCache: string
        learnClientIp: string
        learnClientIpFromHeader: string
        learnClientIpSrcaddr6s:
            - name: string
        learnClientIpSrcaddrs:
            - name: string
        logAppId: string
        logForwardServer: string
        logPolicyPending: string
        maxMessageLength: 0
        maxRequestLength: 0
        maxWafBodyCacheLength: 0
        policyCategoryDeepInspect: string
        proxyFqdn: string
        proxyTransparentCertInspection: string
        srcAffinityExemptAddr: string
        srcAffinityExemptAddr6: string
        sslCaCert: string
        sslCert: string
        strictWebCheck: string
        tunnelNonHttp: string
        unknownHttpVersion: string
        vdomparam: string
        webproxyProfile: string
    

    Global Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Global resource accepts the following input properties:

    ProxyFqdn string
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    AlwaysLearnClientIp string
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    FastPolicyMatch string
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    ForwardProxyAuth string
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    ForwardServerAffinityTimeout int
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    LdapUserCache string
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    LearnClientIp string
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    LearnClientIpFromHeader string
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    LearnClientIpSrcaddr6s List<Pulumiverse.Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr6>
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    LearnClientIpSrcaddrs List<Pulumiverse.Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr>
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    LogAppId string
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    LogForwardServer string
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    LogPolicyPending string
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    MaxMessageLength int
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    MaxRequestLength int
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    MaxWafBodyCacheLength int
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    PolicyCategoryDeepInspect string
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    ProxyTransparentCertInspection string
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    SrcAffinityExemptAddr string
    IPv4 source addresses to exempt proxy affinity.
    SrcAffinityExemptAddr6 string
    IPv6 source addresses to exempt proxy affinity.
    SslCaCert string
    SSL CA certificate for SSL interception.
    SslCert string
    SSL certificate for SSL interception.
    StrictWebCheck string
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    TunnelNonHttp string
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    UnknownHttpVersion string
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    WebproxyProfile string
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    ProxyFqdn string
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    AlwaysLearnClientIp string
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    FastPolicyMatch string
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    ForwardProxyAuth string
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    ForwardServerAffinityTimeout int
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    LdapUserCache string
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    LearnClientIp string
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    LearnClientIpFromHeader string
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    LearnClientIpSrcaddr6s []GlobalLearnClientIpSrcaddr6Args
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    LearnClientIpSrcaddrs []GlobalLearnClientIpSrcaddrArgs
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    LogAppId string
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    LogForwardServer string
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    LogPolicyPending string
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    MaxMessageLength int
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    MaxRequestLength int
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    MaxWafBodyCacheLength int
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    PolicyCategoryDeepInspect string
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    ProxyTransparentCertInspection string
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    SrcAffinityExemptAddr string
    IPv4 source addresses to exempt proxy affinity.
    SrcAffinityExemptAddr6 string
    IPv6 source addresses to exempt proxy affinity.
    SslCaCert string
    SSL CA certificate for SSL interception.
    SslCert string
    SSL certificate for SSL interception.
    StrictWebCheck string
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    TunnelNonHttp string
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    UnknownHttpVersion string
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    WebproxyProfile string
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    proxyFqdn String
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    alwaysLearnClientIp String
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    fastPolicyMatch String
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    forwardProxyAuth String
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    forwardServerAffinityTimeout Integer
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ldapUserCache String
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    learnClientIp String
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    learnClientIpFromHeader String
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    learnClientIpSrcaddr6s List<GlobalLearnClientIpSrcaddr6>
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    learnClientIpSrcaddrs List<GlobalLearnClientIpSrcaddr>
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    logAppId String
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    logForwardServer String
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    logPolicyPending String
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    maxMessageLength Integer
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    maxRequestLength Integer
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    maxWafBodyCacheLength Integer
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    policyCategoryDeepInspect String
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    proxyTransparentCertInspection String
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    srcAffinityExemptAddr String
    IPv4 source addresses to exempt proxy affinity.
    srcAffinityExemptAddr6 String
    IPv6 source addresses to exempt proxy affinity.
    sslCaCert String
    SSL CA certificate for SSL interception.
    sslCert String
    SSL certificate for SSL interception.
    strictWebCheck String
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    tunnelNonHttp String
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    unknownHttpVersion String
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    webproxyProfile String
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    proxyFqdn string
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    alwaysLearnClientIp string
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    dynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    fastPolicyMatch string
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    forwardProxyAuth string
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    forwardServerAffinityTimeout number
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    getAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ldapUserCache string
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    learnClientIp string
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    learnClientIpFromHeader string
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    learnClientIpSrcaddr6s GlobalLearnClientIpSrcaddr6[]
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    learnClientIpSrcaddrs GlobalLearnClientIpSrcaddr[]
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    logAppId string
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    logForwardServer string
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    logPolicyPending string
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    maxMessageLength number
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    maxRequestLength number
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    maxWafBodyCacheLength number
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    policyCategoryDeepInspect string
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    proxyTransparentCertInspection string
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    srcAffinityExemptAddr string
    IPv4 source addresses to exempt proxy affinity.
    srcAffinityExemptAddr6 string
    IPv6 source addresses to exempt proxy affinity.
    sslCaCert string
    SSL CA certificate for SSL interception.
    sslCert string
    SSL certificate for SSL interception.
    strictWebCheck string
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    tunnelNonHttp string
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    unknownHttpVersion string
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    webproxyProfile string
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    proxy_fqdn str
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    always_learn_client_ip str
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    dynamic_sort_subtable str
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    fast_policy_match str
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    forward_proxy_auth str
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    forward_server_affinity_timeout int
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    get_all_tables str
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ldap_user_cache str
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    learn_client_ip str
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    learn_client_ip_from_header str
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    learn_client_ip_srcaddr6s Sequence[GlobalLearnClientIpSrcaddr6Args]
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    learn_client_ip_srcaddrs Sequence[GlobalLearnClientIpSrcaddrArgs]
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    log_app_id str
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    log_forward_server str
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    log_policy_pending str
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    max_message_length int
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    max_request_length int
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    max_waf_body_cache_length int
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    policy_category_deep_inspect str
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    proxy_transparent_cert_inspection str
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    src_affinity_exempt_addr str
    IPv4 source addresses to exempt proxy affinity.
    src_affinity_exempt_addr6 str
    IPv6 source addresses to exempt proxy affinity.
    ssl_ca_cert str
    SSL CA certificate for SSL interception.
    ssl_cert str
    SSL certificate for SSL interception.
    strict_web_check str
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    tunnel_non_http str
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    unknown_http_version str
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    webproxy_profile str
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    proxyFqdn String
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    alwaysLearnClientIp String
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    fastPolicyMatch String
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    forwardProxyAuth String
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    forwardServerAffinityTimeout Number
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ldapUserCache String
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    learnClientIp String
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    learnClientIpFromHeader String
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    learnClientIpSrcaddr6s List<Property Map>
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    learnClientIpSrcaddrs List<Property Map>
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    logAppId String
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    logForwardServer String
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    logPolicyPending String
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    maxMessageLength Number
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    maxRequestLength Number
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    maxWafBodyCacheLength Number
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    policyCategoryDeepInspect String
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    proxyTransparentCertInspection String
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    srcAffinityExemptAddr String
    IPv4 source addresses to exempt proxy affinity.
    srcAffinityExemptAddr6 String
    IPv6 source addresses to exempt proxy affinity.
    sslCaCert String
    SSL CA certificate for SSL interception.
    sslCert String
    SSL certificate for SSL interception.
    strictWebCheck String
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    tunnelNonHttp String
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    unknownHttpVersion String
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    webproxyProfile String
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Global resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Global Resource

    Get an existing Global resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: GlobalState, opts?: CustomResourceOptions): Global
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            always_learn_client_ip: Optional[str] = None,
            dynamic_sort_subtable: Optional[str] = None,
            fast_policy_match: Optional[str] = None,
            forward_proxy_auth: Optional[str] = None,
            forward_server_affinity_timeout: Optional[int] = None,
            get_all_tables: Optional[str] = None,
            ldap_user_cache: Optional[str] = None,
            learn_client_ip: Optional[str] = None,
            learn_client_ip_from_header: Optional[str] = None,
            learn_client_ip_srcaddr6s: Optional[Sequence[GlobalLearnClientIpSrcaddr6Args]] = None,
            learn_client_ip_srcaddrs: Optional[Sequence[GlobalLearnClientIpSrcaddrArgs]] = None,
            log_app_id: Optional[str] = None,
            log_forward_server: Optional[str] = None,
            log_policy_pending: Optional[str] = None,
            max_message_length: Optional[int] = None,
            max_request_length: Optional[int] = None,
            max_waf_body_cache_length: Optional[int] = None,
            policy_category_deep_inspect: Optional[str] = None,
            proxy_fqdn: Optional[str] = None,
            proxy_transparent_cert_inspection: Optional[str] = None,
            src_affinity_exempt_addr: Optional[str] = None,
            src_affinity_exempt_addr6: Optional[str] = None,
            ssl_ca_cert: Optional[str] = None,
            ssl_cert: Optional[str] = None,
            strict_web_check: Optional[str] = None,
            tunnel_non_http: Optional[str] = None,
            unknown_http_version: Optional[str] = None,
            vdomparam: Optional[str] = None,
            webproxy_profile: Optional[str] = None) -> Global
    func GetGlobal(ctx *Context, name string, id IDInput, state *GlobalState, opts ...ResourceOption) (*Global, error)
    public static Global Get(string name, Input<string> id, GlobalState? state, CustomResourceOptions? opts = null)
    public static Global get(String name, Output<String> id, GlobalState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AlwaysLearnClientIp string
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    FastPolicyMatch string
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    ForwardProxyAuth string
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    ForwardServerAffinityTimeout int
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    LdapUserCache string
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    LearnClientIp string
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    LearnClientIpFromHeader string
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    LearnClientIpSrcaddr6s List<Pulumiverse.Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr6>
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    LearnClientIpSrcaddrs List<Pulumiverse.Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr>
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    LogAppId string
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    LogForwardServer string
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    LogPolicyPending string
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    MaxMessageLength int
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    MaxRequestLength int
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    MaxWafBodyCacheLength int
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    PolicyCategoryDeepInspect string
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    ProxyFqdn string
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    ProxyTransparentCertInspection string
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    SrcAffinityExemptAddr string
    IPv4 source addresses to exempt proxy affinity.
    SrcAffinityExemptAddr6 string
    IPv6 source addresses to exempt proxy affinity.
    SslCaCert string
    SSL CA certificate for SSL interception.
    SslCert string
    SSL certificate for SSL interception.
    StrictWebCheck string
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    TunnelNonHttp string
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    UnknownHttpVersion string
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    WebproxyProfile string
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    AlwaysLearnClientIp string
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    FastPolicyMatch string
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    ForwardProxyAuth string
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    ForwardServerAffinityTimeout int
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    LdapUserCache string
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    LearnClientIp string
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    LearnClientIpFromHeader string
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    LearnClientIpSrcaddr6s []GlobalLearnClientIpSrcaddr6Args
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    LearnClientIpSrcaddrs []GlobalLearnClientIpSrcaddrArgs
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    LogAppId string
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    LogForwardServer string
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    LogPolicyPending string
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    MaxMessageLength int
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    MaxRequestLength int
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    MaxWafBodyCacheLength int
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    PolicyCategoryDeepInspect string
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    ProxyFqdn string
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    ProxyTransparentCertInspection string
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    SrcAffinityExemptAddr string
    IPv4 source addresses to exempt proxy affinity.
    SrcAffinityExemptAddr6 string
    IPv6 source addresses to exempt proxy affinity.
    SslCaCert string
    SSL CA certificate for SSL interception.
    SslCert string
    SSL certificate for SSL interception.
    StrictWebCheck string
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    TunnelNonHttp string
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    UnknownHttpVersion string
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    WebproxyProfile string
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    alwaysLearnClientIp String
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    fastPolicyMatch String
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    forwardProxyAuth String
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    forwardServerAffinityTimeout Integer
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ldapUserCache String
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    learnClientIp String
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    learnClientIpFromHeader String
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    learnClientIpSrcaddr6s List<GlobalLearnClientIpSrcaddr6>
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    learnClientIpSrcaddrs List<GlobalLearnClientIpSrcaddr>
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    logAppId String
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    logForwardServer String
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    logPolicyPending String
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    maxMessageLength Integer
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    maxRequestLength Integer
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    maxWafBodyCacheLength Integer
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    policyCategoryDeepInspect String
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    proxyFqdn String
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    proxyTransparentCertInspection String
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    srcAffinityExemptAddr String
    IPv4 source addresses to exempt proxy affinity.
    srcAffinityExemptAddr6 String
    IPv6 source addresses to exempt proxy affinity.
    sslCaCert String
    SSL CA certificate for SSL interception.
    sslCert String
    SSL certificate for SSL interception.
    strictWebCheck String
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    tunnelNonHttp String
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    unknownHttpVersion String
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    webproxyProfile String
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    alwaysLearnClientIp string
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    dynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    fastPolicyMatch string
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    forwardProxyAuth string
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    forwardServerAffinityTimeout number
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    getAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ldapUserCache string
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    learnClientIp string
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    learnClientIpFromHeader string
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    learnClientIpSrcaddr6s GlobalLearnClientIpSrcaddr6[]
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    learnClientIpSrcaddrs GlobalLearnClientIpSrcaddr[]
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    logAppId string
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    logForwardServer string
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    logPolicyPending string
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    maxMessageLength number
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    maxRequestLength number
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    maxWafBodyCacheLength number
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    policyCategoryDeepInspect string
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    proxyFqdn string
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    proxyTransparentCertInspection string
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    srcAffinityExemptAddr string
    IPv4 source addresses to exempt proxy affinity.
    srcAffinityExemptAddr6 string
    IPv6 source addresses to exempt proxy affinity.
    sslCaCert string
    SSL CA certificate for SSL interception.
    sslCert string
    SSL certificate for SSL interception.
    strictWebCheck string
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    tunnelNonHttp string
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    unknownHttpVersion string
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    webproxyProfile string
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    always_learn_client_ip str
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    dynamic_sort_subtable str
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    fast_policy_match str
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    forward_proxy_auth str
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    forward_server_affinity_timeout int
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    get_all_tables str
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ldap_user_cache str
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    learn_client_ip str
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    learn_client_ip_from_header str
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    learn_client_ip_srcaddr6s Sequence[GlobalLearnClientIpSrcaddr6Args]
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    learn_client_ip_srcaddrs Sequence[GlobalLearnClientIpSrcaddrArgs]
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    log_app_id str
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    log_forward_server str
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    log_policy_pending str
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    max_message_length int
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    max_request_length int
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    max_waf_body_cache_length int
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    policy_category_deep_inspect str
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    proxy_fqdn str
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    proxy_transparent_cert_inspection str
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    src_affinity_exempt_addr str
    IPv4 source addresses to exempt proxy affinity.
    src_affinity_exempt_addr6 str
    IPv6 source addresses to exempt proxy affinity.
    ssl_ca_cert str
    SSL CA certificate for SSL interception.
    ssl_cert str
    SSL certificate for SSL interception.
    strict_web_check str
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    tunnel_non_http str
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    unknown_http_version str
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    webproxy_profile str
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.
    alwaysLearnClientIp String
    Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    fastPolicyMatch String
    Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
    forwardProxyAuth String
    Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
    forwardServerAffinityTimeout Number
    Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    ldapUserCache String
    Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
    learnClientIp String
    Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
    learnClientIpFromHeader String
    Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
    learnClientIpSrcaddr6s List<Property Map>
    IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
    learnClientIpSrcaddrs List<Property Map>
    Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
    logAppId String
    Enable/disable always log application type in traffic log. Valid values: enable, disable.
    logForwardServer String
    Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
    logPolicyPending String
    Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
    maxMessageLength Number
    Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
    maxRequestLength Number
    Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
    maxWafBodyCacheLength Number
    Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
    policyCategoryDeepInspect String
    Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
    proxyFqdn String
    Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
    proxyTransparentCertInspection String
    Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
    srcAffinityExemptAddr String
    IPv4 source addresses to exempt proxy affinity.
    srcAffinityExemptAddr6 String
    IPv6 source addresses to exempt proxy affinity.
    sslCaCert String
    SSL CA certificate for SSL interception.
    sslCert String
    SSL certificate for SSL interception.
    strictWebCheck String
    Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
    tunnelNonHttp String
    Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
    unknownHttpVersion String
    Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    webproxyProfile String
    Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

    Supporting Types

    GlobalLearnClientIpSrcaddr, GlobalLearnClientIpSrcaddrArgs

    Name string
    Address name.
    Name string
    Address name.
    name String
    Address name.
    name string
    Address name.
    name str
    Address name.
    name String
    Address name.

    GlobalLearnClientIpSrcaddr6, GlobalLearnClientIpSrcaddr6Args

    Name string
    Name string
    name String
    name string
    name str
    name String

    Import

    WebProxy Global can be imported using any of these accepted formats:

    $ pulumi import fortios:webproxy/global:Global labelname WebProxyGlobal
    

    If you do not want to import arguments of block:

    $ export “FORTIOS_IMPORT_TABLE”=“false”

    $ pulumi import fortios:webproxy/global:Global labelname WebProxyGlobal
    

    $ unset “FORTIOS_IMPORT_TABLE”

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    fortios pulumiverse/pulumi-fortios
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the fortios Terraform Provider.
    fortios logo
    Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse