1. Packages
  2. Fortimanager Provider
  3. API Docs
  4. PackagesFirewallProxypolicy
fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortimanager.PackagesFirewallProxypolicy

Explore with Pulumi AI

Configure proxy policies.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortimanager from "@pulumi/fortimanager";

const labelname = new fortimanager.PackagesFirewallProxypolicy("labelname", {
    action: "deny",
    disclaimer: "disable",
    dstaddrs: ["all"],
    dstaddrNegate: "disable",
    dstintfs: ["any"],
    httpTunnelAuth: "disable",
    internetService: "disable",
    logtraffic: "all",
    logtrafficStart: "disable",
    pkg: "default",
    policyid: 1,
    profileType: "single",
    proxy: "explicit-web",
    schedule: "always",
    services: ["webproxy"],
    serviceNegate: "disable",
    sessionTtl: 0,
    srcaddrs: ["all"],
    srcaddrNegate: "disable",
    sshPolicyRedirect: "disable",
    status: "enable",
    webcache: "disable",
    webcacheHttps: "disable",
});
Copy
import pulumi
import pulumi_fortimanager as fortimanager

labelname = fortimanager.PackagesFirewallProxypolicy("labelname",
    action="deny",
    disclaimer="disable",
    dstaddrs=["all"],
    dstaddr_negate="disable",
    dstintfs=["any"],
    http_tunnel_auth="disable",
    internet_service="disable",
    logtraffic="all",
    logtraffic_start="disable",
    pkg="default",
    policyid=1,
    profile_type="single",
    proxy="explicit-web",
    schedule="always",
    services=["webproxy"],
    service_negate="disable",
    session_ttl=0,
    srcaddrs=["all"],
    srcaddr_negate="disable",
    ssh_policy_redirect="disable",
    status="enable",
    webcache="disable",
    webcache_https="disable")
Copy
package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/fortimanager/fortimanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fortimanager.NewPackagesFirewallProxypolicy(ctx, "labelname", &fortimanager.PackagesFirewallProxypolicyArgs{
			Action:     pulumi.String("deny"),
			Disclaimer: pulumi.String("disable"),
			Dstaddrs: pulumi.StringArray{
				pulumi.String("all"),
			},
			DstaddrNegate: pulumi.String("disable"),
			Dstintfs: pulumi.StringArray{
				pulumi.String("any"),
			},
			HttpTunnelAuth:  pulumi.String("disable"),
			InternetService: pulumi.String("disable"),
			Logtraffic:      pulumi.String("all"),
			LogtrafficStart: pulumi.String("disable"),
			Pkg:             pulumi.String("default"),
			Policyid:        pulumi.Float64(1),
			ProfileType:     pulumi.String("single"),
			Proxy:           pulumi.String("explicit-web"),
			Schedule:        pulumi.String("always"),
			Services: pulumi.StringArray{
				pulumi.String("webproxy"),
			},
			ServiceNegate: pulumi.String("disable"),
			SessionTtl:    pulumi.Float64(0),
			Srcaddrs: pulumi.StringArray{
				pulumi.String("all"),
			},
			SrcaddrNegate:     pulumi.String("disable"),
			SshPolicyRedirect: pulumi.String("disable"),
			Status:            pulumi.String("enable"),
			Webcache:          pulumi.String("disable"),
			WebcacheHttps:     pulumi.String("disable"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortimanager = Pulumi.Fortimanager;

return await Deployment.RunAsync(() => 
{
    var labelname = new Fortimanager.PackagesFirewallProxypolicy("labelname", new()
    {
        Action = "deny",
        Disclaimer = "disable",
        Dstaddrs = new[]
        {
            "all",
        },
        DstaddrNegate = "disable",
        Dstintfs = new[]
        {
            "any",
        },
        HttpTunnelAuth = "disable",
        InternetService = "disable",
        Logtraffic = "all",
        LogtrafficStart = "disable",
        Pkg = "default",
        Policyid = 1,
        ProfileType = "single",
        Proxy = "explicit-web",
        Schedule = "always",
        Services = new[]
        {
            "webproxy",
        },
        ServiceNegate = "disable",
        SessionTtl = 0,
        Srcaddrs = new[]
        {
            "all",
        },
        SrcaddrNegate = "disable",
        SshPolicyRedirect = "disable",
        Status = "enable",
        Webcache = "disable",
        WebcacheHttps = "disable",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortimanager.PackagesFirewallProxypolicy;
import com.pulumi.fortimanager.PackagesFirewallProxypolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var labelname = new PackagesFirewallProxypolicy("labelname", PackagesFirewallProxypolicyArgs.builder()
            .action("deny")
            .disclaimer("disable")
            .dstaddrs("all")
            .dstaddrNegate("disable")
            .dstintfs("any")
            .httpTunnelAuth("disable")
            .internetService("disable")
            .logtraffic("all")
            .logtrafficStart("disable")
            .pkg("default")
            .policyid(1)
            .profileType("single")
            .proxy("explicit-web")
            .schedule("always")
            .services("webproxy")
            .serviceNegate("disable")
            .sessionTtl(0)
            .srcaddrs("all")
            .srcaddrNegate("disable")
            .sshPolicyRedirect("disable")
            .status("enable")
            .webcache("disable")
            .webcacheHttps("disable")
            .build());

    }
}
Copy
resources:
  labelname:
    type: fortimanager:PackagesFirewallProxypolicy
    properties:
      action: deny
      disclaimer: disable
      dstaddrs:
        - all
      dstaddrNegate: disable
      dstintfs:
        - any
      httpTunnelAuth: disable
      internetService: disable
      logtraffic: all
      logtrafficStart: disable
      pkg: default
      policyid: 1
      profileType: single
      proxy: explicit-web
      schedule: always
      services:
        - webproxy
      serviceNegate: disable
      sessionTtl: 0
      srcaddrs:
        - all
      srcaddrNegate: disable
      sshPolicyRedirect: disable
      status: enable
      webcache: disable
      webcacheHttps: disable
Copy

Create PackagesFirewallProxypolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PackagesFirewallProxypolicy(name: string, args: PackagesFirewallProxypolicyArgs, opts?: CustomResourceOptions);
@overload
def PackagesFirewallProxypolicy(resource_name: str,
                                args: PackagesFirewallProxypolicyArgs,
                                opts: Optional[ResourceOptions] = None)

@overload
def PackagesFirewallProxypolicy(resource_name: str,
                                opts: Optional[ResourceOptions] = None,
                                pkg: Optional[str] = None,
                                _policy_block: Optional[float] = None,
                                access_proxies: Optional[Sequence[str]] = None,
                                access_proxy6: Optional[str] = None,
                                action: Optional[str] = None,
                                adom: Optional[str] = None,
                                application_list: Optional[str] = None,
                                av_profile: Optional[str] = None,
                                block_notification: Optional[str] = None,
                                casb_profile: Optional[str] = None,
                                cifs_profile: Optional[str] = None,
                                comments: Optional[str] = None,
                                decrypted_traffic_mirror: Optional[str] = None,
                                detect_https_in_http_request: Optional[str] = None,
                                device_ownership: Optional[str] = None,
                                diameter_filter_profile: Optional[str] = None,
                                disclaimer: Optional[str] = None,
                                dlp_profile: Optional[str] = None,
                                dlp_sensor: Optional[str] = None,
                                dnsfilter_profiles: Optional[Sequence[str]] = None,
                                dstaddr6s: Optional[Sequence[str]] = None,
                                dstaddr_negate: Optional[str] = None,
                                dstaddrs: Optional[Sequence[str]] = None,
                                dstintfs: Optional[Sequence[str]] = None,
                                emailfilter_profile: Optional[str] = None,
                                file_filter_profile: Optional[str] = None,
                                global_label: Optional[str] = None,
                                groups: Optional[Sequence[str]] = None,
                                http_tunnel_auth: Optional[str] = None,
                                icap_profile: Optional[str] = None,
                                internet_service: Optional[str] = None,
                                internet_service6: Optional[str] = None,
                                internet_service6_custom_groups: Optional[Sequence[str]] = None,
                                internet_service6_customs: Optional[Sequence[str]] = None,
                                internet_service6_groups: Optional[Sequence[str]] = None,
                                internet_service6_names: Optional[Sequence[str]] = None,
                                internet_service6_negate: Optional[str] = None,
                                internet_service_custom: Optional[str] = None,
                                internet_service_custom_group: Optional[str] = None,
                                internet_service_group: Optional[str] = None,
                                internet_service_id: Optional[str] = None,
                                internet_service_name: Optional[str] = None,
                                internet_service_negate: Optional[str] = None,
                                ips_sensor: Optional[str] = None,
                                ips_voip_filter: Optional[str] = None,
                                label: Optional[str] = None,
                                log_http_transaction: Optional[str] = None,
                                logtraffic: Optional[str] = None,
                                logtraffic_start: Optional[str] = None,
                                mms_profile: Optional[str] = None,
                                name: Optional[str] = None,
                                packages_firewall_proxypolicy_id: Optional[str] = None,
                                pkg_folder_path: Optional[str] = None,
                                policyid: Optional[float] = None,
                                poolnames: Optional[Sequence[str]] = None,
                                profile_group: Optional[str] = None,
                                profile_protocol_options: Optional[str] = None,
                                profile_type: Optional[str] = None,
                                proxy: Optional[str] = None,
                                redirect_url: Optional[str] = None,
                                replacemsg_override_group: Optional[str] = None,
                                scan_botnet_connections: Optional[str] = None,
                                schedule: Optional[str] = None,
                                scopetype: Optional[str] = None,
                                sctp_filter_profile: Optional[str] = None,
                                service_negate: Optional[str] = None,
                                services: Optional[Sequence[str]] = None,
                                session_ttl: Optional[float] = None,
                                spamfilter_profile: Optional[str] = None,
                                srcaddr6s: Optional[Sequence[str]] = None,
                                srcaddr_negate: Optional[str] = None,
                                srcaddrs: Optional[Sequence[str]] = None,
                                srcintf: Optional[str] = None,
                                ssh_filter_profile: Optional[str] = None,
                                ssh_policy_redirect: Optional[str] = None,
                                ssl_ssh_profile: Optional[str] = None,
                                status: Optional[str] = None,
                                transparent: Optional[str] = None,
                                users: Optional[Sequence[str]] = None,
                                utm_status: Optional[str] = None,
                                uuid: Optional[str] = None,
                                videofilter_profile: Optional[str] = None,
                                virtual_patch_profile: Optional[str] = None,
                                voip_profile: Optional[str] = None,
                                waf_profile: Optional[str] = None,
                                webcache: Optional[str] = None,
                                webcache_https: Optional[str] = None,
                                webfilter_profile: Optional[str] = None,
                                webproxy_forward_server: Optional[str] = None,
                                webproxy_profile: Optional[str] = None,
                                ztna_ems_tags: Optional[Sequence[str]] = None,
                                ztna_proxies: Optional[Sequence[str]] = None,
                                ztna_tags_match_logic: Optional[str] = None)
func NewPackagesFirewallProxypolicy(ctx *Context, name string, args PackagesFirewallProxypolicyArgs, opts ...ResourceOption) (*PackagesFirewallProxypolicy, error)
public PackagesFirewallProxypolicy(string name, PackagesFirewallProxypolicyArgs args, CustomResourceOptions? opts = null)
public PackagesFirewallProxypolicy(String name, PackagesFirewallProxypolicyArgs args)
public PackagesFirewallProxypolicy(String name, PackagesFirewallProxypolicyArgs args, CustomResourceOptions options)
type: fortimanager:PackagesFirewallProxypolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. PackagesFirewallProxypolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. PackagesFirewallProxypolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. PackagesFirewallProxypolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. PackagesFirewallProxypolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. PackagesFirewallProxypolicyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var packagesFirewallProxypolicyResource = new Fortimanager.PackagesFirewallProxypolicy("packagesFirewallProxypolicyResource", new()
{
    Pkg = "string",
    _policyBlock = 0,
    AccessProxies = new[]
    {
        "string",
    },
    AccessProxy6 = "string",
    Action = "string",
    Adom = "string",
    ApplicationList = "string",
    AvProfile = "string",
    BlockNotification = "string",
    CasbProfile = "string",
    CifsProfile = "string",
    Comments = "string",
    DecryptedTrafficMirror = "string",
    DetectHttpsInHttpRequest = "string",
    DeviceOwnership = "string",
    DiameterFilterProfile = "string",
    Disclaimer = "string",
    DlpProfile = "string",
    DlpSensor = "string",
    DnsfilterProfiles = new[]
    {
        "string",
    },
    Dstaddr6s = new[]
    {
        "string",
    },
    DstaddrNegate = "string",
    Dstaddrs = new[]
    {
        "string",
    },
    Dstintfs = new[]
    {
        "string",
    },
    EmailfilterProfile = "string",
    FileFilterProfile = "string",
    GlobalLabel = "string",
    Groups = new[]
    {
        "string",
    },
    HttpTunnelAuth = "string",
    IcapProfile = "string",
    InternetService = "string",
    InternetService6 = "string",
    InternetService6CustomGroups = new[]
    {
        "string",
    },
    InternetService6Customs = new[]
    {
        "string",
    },
    InternetService6Groups = new[]
    {
        "string",
    },
    InternetService6Names = new[]
    {
        "string",
    },
    InternetService6Negate = "string",
    InternetServiceCustom = "string",
    InternetServiceCustomGroup = "string",
    InternetServiceGroup = "string",
    InternetServiceId = "string",
    InternetServiceName = "string",
    InternetServiceNegate = "string",
    IpsSensor = "string",
    IpsVoipFilter = "string",
    Label = "string",
    LogHttpTransaction = "string",
    Logtraffic = "string",
    LogtrafficStart = "string",
    MmsProfile = "string",
    Name = "string",
    PackagesFirewallProxypolicyId = "string",
    PkgFolderPath = "string",
    Policyid = 0,
    Poolnames = new[]
    {
        "string",
    },
    ProfileGroup = "string",
    ProfileProtocolOptions = "string",
    ProfileType = "string",
    Proxy = "string",
    RedirectUrl = "string",
    ReplacemsgOverrideGroup = "string",
    ScanBotnetConnections = "string",
    Schedule = "string",
    Scopetype = "string",
    SctpFilterProfile = "string",
    ServiceNegate = "string",
    Services = new[]
    {
        "string",
    },
    SessionTtl = 0,
    SpamfilterProfile = "string",
    Srcaddr6s = new[]
    {
        "string",
    },
    SrcaddrNegate = "string",
    Srcaddrs = new[]
    {
        "string",
    },
    Srcintf = "string",
    SshFilterProfile = "string",
    SshPolicyRedirect = "string",
    SslSshProfile = "string",
    Status = "string",
    Transparent = "string",
    Users = new[]
    {
        "string",
    },
    UtmStatus = "string",
    Uuid = "string",
    VideofilterProfile = "string",
    VirtualPatchProfile = "string",
    VoipProfile = "string",
    WafProfile = "string",
    Webcache = "string",
    WebcacheHttps = "string",
    WebfilterProfile = "string",
    WebproxyForwardServer = "string",
    WebproxyProfile = "string",
    ZtnaEmsTags = new[]
    {
        "string",
    },
    ZtnaProxies = new[]
    {
        "string",
    },
    ZtnaTagsMatchLogic = "string",
});
Copy
example, err := fortimanager.NewPackagesFirewallProxypolicy(ctx, "packagesFirewallProxypolicyResource", &fortimanager.PackagesFirewallProxypolicyArgs{
Pkg: pulumi.String("string"),
_policyBlock: pulumi.Float64(0),
AccessProxies: pulumi.StringArray{
pulumi.String("string"),
},
AccessProxy6: pulumi.String("string"),
Action: pulumi.String("string"),
Adom: pulumi.String("string"),
ApplicationList: pulumi.String("string"),
AvProfile: pulumi.String("string"),
BlockNotification: pulumi.String("string"),
CasbProfile: pulumi.String("string"),
CifsProfile: pulumi.String("string"),
Comments: pulumi.String("string"),
DecryptedTrafficMirror: pulumi.String("string"),
DetectHttpsInHttpRequest: pulumi.String("string"),
DeviceOwnership: pulumi.String("string"),
DiameterFilterProfile: pulumi.String("string"),
Disclaimer: pulumi.String("string"),
DlpProfile: pulumi.String("string"),
DlpSensor: pulumi.String("string"),
DnsfilterProfiles: pulumi.StringArray{
pulumi.String("string"),
},
Dstaddr6s: pulumi.StringArray{
pulumi.String("string"),
},
DstaddrNegate: pulumi.String("string"),
Dstaddrs: pulumi.StringArray{
pulumi.String("string"),
},
Dstintfs: pulumi.StringArray{
pulumi.String("string"),
},
EmailfilterProfile: pulumi.String("string"),
FileFilterProfile: pulumi.String("string"),
GlobalLabel: pulumi.String("string"),
Groups: pulumi.StringArray{
pulumi.String("string"),
},
HttpTunnelAuth: pulumi.String("string"),
IcapProfile: pulumi.String("string"),
InternetService: pulumi.String("string"),
InternetService6: pulumi.String("string"),
InternetService6CustomGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Customs: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Groups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Names: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Negate: pulumi.String("string"),
InternetServiceCustom: pulumi.String("string"),
InternetServiceCustomGroup: pulumi.String("string"),
InternetServiceGroup: pulumi.String("string"),
InternetServiceId: pulumi.String("string"),
InternetServiceName: pulumi.String("string"),
InternetServiceNegate: pulumi.String("string"),
IpsSensor: pulumi.String("string"),
IpsVoipFilter: pulumi.String("string"),
Label: pulumi.String("string"),
LogHttpTransaction: pulumi.String("string"),
Logtraffic: pulumi.String("string"),
LogtrafficStart: pulumi.String("string"),
MmsProfile: pulumi.String("string"),
Name: pulumi.String("string"),
PackagesFirewallProxypolicyId: pulumi.String("string"),
PkgFolderPath: pulumi.String("string"),
Policyid: pulumi.Float64(0),
Poolnames: pulumi.StringArray{
pulumi.String("string"),
},
ProfileGroup: pulumi.String("string"),
ProfileProtocolOptions: pulumi.String("string"),
ProfileType: pulumi.String("string"),
Proxy: pulumi.String("string"),
RedirectUrl: pulumi.String("string"),
ReplacemsgOverrideGroup: pulumi.String("string"),
ScanBotnetConnections: pulumi.String("string"),
Schedule: pulumi.String("string"),
Scopetype: pulumi.String("string"),
SctpFilterProfile: pulumi.String("string"),
ServiceNegate: pulumi.String("string"),
Services: pulumi.StringArray{
pulumi.String("string"),
},
SessionTtl: pulumi.Float64(0),
SpamfilterProfile: pulumi.String("string"),
Srcaddr6s: pulumi.StringArray{
pulumi.String("string"),
},
SrcaddrNegate: pulumi.String("string"),
Srcaddrs: pulumi.StringArray{
pulumi.String("string"),
},
Srcintf: pulumi.String("string"),
SshFilterProfile: pulumi.String("string"),
SshPolicyRedirect: pulumi.String("string"),
SslSshProfile: pulumi.String("string"),
Status: pulumi.String("string"),
Transparent: pulumi.String("string"),
Users: pulumi.StringArray{
pulumi.String("string"),
},
UtmStatus: pulumi.String("string"),
Uuid: pulumi.String("string"),
VideofilterProfile: pulumi.String("string"),
VirtualPatchProfile: pulumi.String("string"),
VoipProfile: pulumi.String("string"),
WafProfile: pulumi.String("string"),
Webcache: pulumi.String("string"),
WebcacheHttps: pulumi.String("string"),
WebfilterProfile: pulumi.String("string"),
WebproxyForwardServer: pulumi.String("string"),
WebproxyProfile: pulumi.String("string"),
ZtnaEmsTags: pulumi.StringArray{
pulumi.String("string"),
},
ZtnaProxies: pulumi.StringArray{
pulumi.String("string"),
},
ZtnaTagsMatchLogic: pulumi.String("string"),
})
Copy
var packagesFirewallProxypolicyResource = new PackagesFirewallProxypolicy("packagesFirewallProxypolicyResource", PackagesFirewallProxypolicyArgs.builder()
    .pkg("string")
    ._policyBlock(0)
    .accessProxies("string")
    .accessProxy6("string")
    .action("string")
    .adom("string")
    .applicationList("string")
    .avProfile("string")
    .blockNotification("string")
    .casbProfile("string")
    .cifsProfile("string")
    .comments("string")
    .decryptedTrafficMirror("string")
    .detectHttpsInHttpRequest("string")
    .deviceOwnership("string")
    .diameterFilterProfile("string")
    .disclaimer("string")
    .dlpProfile("string")
    .dlpSensor("string")
    .dnsfilterProfiles("string")
    .dstaddr6s("string")
    .dstaddrNegate("string")
    .dstaddrs("string")
    .dstintfs("string")
    .emailfilterProfile("string")
    .fileFilterProfile("string")
    .globalLabel("string")
    .groups("string")
    .httpTunnelAuth("string")
    .icapProfile("string")
    .internetService("string")
    .internetService6("string")
    .internetService6CustomGroups("string")
    .internetService6Customs("string")
    .internetService6Groups("string")
    .internetService6Names("string")
    .internetService6Negate("string")
    .internetServiceCustom("string")
    .internetServiceCustomGroup("string")
    .internetServiceGroup("string")
    .internetServiceId("string")
    .internetServiceName("string")
    .internetServiceNegate("string")
    .ipsSensor("string")
    .ipsVoipFilter("string")
    .label("string")
    .logHttpTransaction("string")
    .logtraffic("string")
    .logtrafficStart("string")
    .mmsProfile("string")
    .name("string")
    .packagesFirewallProxypolicyId("string")
    .pkgFolderPath("string")
    .policyid(0)
    .poolnames("string")
    .profileGroup("string")
    .profileProtocolOptions("string")
    .profileType("string")
    .proxy("string")
    .redirectUrl("string")
    .replacemsgOverrideGroup("string")
    .scanBotnetConnections("string")
    .schedule("string")
    .scopetype("string")
    .sctpFilterProfile("string")
    .serviceNegate("string")
    .services("string")
    .sessionTtl(0)
    .spamfilterProfile("string")
    .srcaddr6s("string")
    .srcaddrNegate("string")
    .srcaddrs("string")
    .srcintf("string")
    .sshFilterProfile("string")
    .sshPolicyRedirect("string")
    .sslSshProfile("string")
    .status("string")
    .transparent("string")
    .users("string")
    .utmStatus("string")
    .uuid("string")
    .videofilterProfile("string")
    .virtualPatchProfile("string")
    .voipProfile("string")
    .wafProfile("string")
    .webcache("string")
    .webcacheHttps("string")
    .webfilterProfile("string")
    .webproxyForwardServer("string")
    .webproxyProfile("string")
    .ztnaEmsTags("string")
    .ztnaProxies("string")
    .ztnaTagsMatchLogic("string")
    .build());
Copy
packages_firewall_proxypolicy_resource = fortimanager.PackagesFirewallProxypolicy("packagesFirewallProxypolicyResource",
    pkg="string",
    _policy_block=0,
    access_proxies=["string"],
    access_proxy6="string",
    action="string",
    adom="string",
    application_list="string",
    av_profile="string",
    block_notification="string",
    casb_profile="string",
    cifs_profile="string",
    comments="string",
    decrypted_traffic_mirror="string",
    detect_https_in_http_request="string",
    device_ownership="string",
    diameter_filter_profile="string",
    disclaimer="string",
    dlp_profile="string",
    dlp_sensor="string",
    dnsfilter_profiles=["string"],
    dstaddr6s=["string"],
    dstaddr_negate="string",
    dstaddrs=["string"],
    dstintfs=["string"],
    emailfilter_profile="string",
    file_filter_profile="string",
    global_label="string",
    groups=["string"],
    http_tunnel_auth="string",
    icap_profile="string",
    internet_service="string",
    internet_service6="string",
    internet_service6_custom_groups=["string"],
    internet_service6_customs=["string"],
    internet_service6_groups=["string"],
    internet_service6_names=["string"],
    internet_service6_negate="string",
    internet_service_custom="string",
    internet_service_custom_group="string",
    internet_service_group="string",
    internet_service_id="string",
    internet_service_name="string",
    internet_service_negate="string",
    ips_sensor="string",
    ips_voip_filter="string",
    label="string",
    log_http_transaction="string",
    logtraffic="string",
    logtraffic_start="string",
    mms_profile="string",
    name="string",
    packages_firewall_proxypolicy_id="string",
    pkg_folder_path="string",
    policyid=0,
    poolnames=["string"],
    profile_group="string",
    profile_protocol_options="string",
    profile_type="string",
    proxy="string",
    redirect_url="string",
    replacemsg_override_group="string",
    scan_botnet_connections="string",
    schedule="string",
    scopetype="string",
    sctp_filter_profile="string",
    service_negate="string",
    services=["string"],
    session_ttl=0,
    spamfilter_profile="string",
    srcaddr6s=["string"],
    srcaddr_negate="string",
    srcaddrs=["string"],
    srcintf="string",
    ssh_filter_profile="string",
    ssh_policy_redirect="string",
    ssl_ssh_profile="string",
    status="string",
    transparent="string",
    users=["string"],
    utm_status="string",
    uuid="string",
    videofilter_profile="string",
    virtual_patch_profile="string",
    voip_profile="string",
    waf_profile="string",
    webcache="string",
    webcache_https="string",
    webfilter_profile="string",
    webproxy_forward_server="string",
    webproxy_profile="string",
    ztna_ems_tags=["string"],
    ztna_proxies=["string"],
    ztna_tags_match_logic="string")
Copy
const packagesFirewallProxypolicyResource = new fortimanager.PackagesFirewallProxypolicy("packagesFirewallProxypolicyResource", {
    pkg: "string",
    _policyBlock: 0,
    accessProxies: ["string"],
    accessProxy6: "string",
    action: "string",
    adom: "string",
    applicationList: "string",
    avProfile: "string",
    blockNotification: "string",
    casbProfile: "string",
    cifsProfile: "string",
    comments: "string",
    decryptedTrafficMirror: "string",
    detectHttpsInHttpRequest: "string",
    deviceOwnership: "string",
    diameterFilterProfile: "string",
    disclaimer: "string",
    dlpProfile: "string",
    dlpSensor: "string",
    dnsfilterProfiles: ["string"],
    dstaddr6s: ["string"],
    dstaddrNegate: "string",
    dstaddrs: ["string"],
    dstintfs: ["string"],
    emailfilterProfile: "string",
    fileFilterProfile: "string",
    globalLabel: "string",
    groups: ["string"],
    httpTunnelAuth: "string",
    icapProfile: "string",
    internetService: "string",
    internetService6: "string",
    internetService6CustomGroups: ["string"],
    internetService6Customs: ["string"],
    internetService6Groups: ["string"],
    internetService6Names: ["string"],
    internetService6Negate: "string",
    internetServiceCustom: "string",
    internetServiceCustomGroup: "string",
    internetServiceGroup: "string",
    internetServiceId: "string",
    internetServiceName: "string",
    internetServiceNegate: "string",
    ipsSensor: "string",
    ipsVoipFilter: "string",
    label: "string",
    logHttpTransaction: "string",
    logtraffic: "string",
    logtrafficStart: "string",
    mmsProfile: "string",
    name: "string",
    packagesFirewallProxypolicyId: "string",
    pkgFolderPath: "string",
    policyid: 0,
    poolnames: ["string"],
    profileGroup: "string",
    profileProtocolOptions: "string",
    profileType: "string",
    proxy: "string",
    redirectUrl: "string",
    replacemsgOverrideGroup: "string",
    scanBotnetConnections: "string",
    schedule: "string",
    scopetype: "string",
    sctpFilterProfile: "string",
    serviceNegate: "string",
    services: ["string"],
    sessionTtl: 0,
    spamfilterProfile: "string",
    srcaddr6s: ["string"],
    srcaddrNegate: "string",
    srcaddrs: ["string"],
    srcintf: "string",
    sshFilterProfile: "string",
    sshPolicyRedirect: "string",
    sslSshProfile: "string",
    status: "string",
    transparent: "string",
    users: ["string"],
    utmStatus: "string",
    uuid: "string",
    videofilterProfile: "string",
    virtualPatchProfile: "string",
    voipProfile: "string",
    wafProfile: "string",
    webcache: "string",
    webcacheHttps: "string",
    webfilterProfile: "string",
    webproxyForwardServer: "string",
    webproxyProfile: "string",
    ztnaEmsTags: ["string"],
    ztnaProxies: ["string"],
    ztnaTagsMatchLogic: "string",
});
Copy
type: fortimanager:PackagesFirewallProxypolicy
properties:
    _policyBlock: 0
    accessProxies:
        - string
    accessProxy6: string
    action: string
    adom: string
    applicationList: string
    avProfile: string
    blockNotification: string
    casbProfile: string
    cifsProfile: string
    comments: string
    decryptedTrafficMirror: string
    detectHttpsInHttpRequest: string
    deviceOwnership: string
    diameterFilterProfile: string
    disclaimer: string
    dlpProfile: string
    dlpSensor: string
    dnsfilterProfiles:
        - string
    dstaddr6s:
        - string
    dstaddrNegate: string
    dstaddrs:
        - string
    dstintfs:
        - string
    emailfilterProfile: string
    fileFilterProfile: string
    globalLabel: string
    groups:
        - string
    httpTunnelAuth: string
    icapProfile: string
    internetService: string
    internetService6: string
    internetService6CustomGroups:
        - string
    internetService6Customs:
        - string
    internetService6Groups:
        - string
    internetService6Names:
        - string
    internetService6Negate: string
    internetServiceCustom: string
    internetServiceCustomGroup: string
    internetServiceGroup: string
    internetServiceId: string
    internetServiceName: string
    internetServiceNegate: string
    ipsSensor: string
    ipsVoipFilter: string
    label: string
    logHttpTransaction: string
    logtraffic: string
    logtrafficStart: string
    mmsProfile: string
    name: string
    packagesFirewallProxypolicyId: string
    pkg: string
    pkgFolderPath: string
    policyid: 0
    poolnames:
        - string
    profileGroup: string
    profileProtocolOptions: string
    profileType: string
    proxy: string
    redirectUrl: string
    replacemsgOverrideGroup: string
    scanBotnetConnections: string
    schedule: string
    scopetype: string
    sctpFilterProfile: string
    serviceNegate: string
    services:
        - string
    sessionTtl: 0
    spamfilterProfile: string
    srcaddr6s:
        - string
    srcaddrNegate: string
    srcaddrs:
        - string
    srcintf: string
    sshFilterProfile: string
    sshPolicyRedirect: string
    sslSshProfile: string
    status: string
    transparent: string
    users:
        - string
    utmStatus: string
    uuid: string
    videofilterProfile: string
    virtualPatchProfile: string
    voipProfile: string
    wafProfile: string
    webcache: string
    webcacheHttps: string
    webfilterProfile: string
    webproxyForwardServer: string
    webproxyProfile: string
    ztnaEmsTags:
        - string
    ztnaProxies:
        - string
    ztnaTagsMatchLogic: string
Copy

PackagesFirewallProxypolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PackagesFirewallProxypolicy resource accepts the following input properties:

Pkg This property is required. string
Package.
AccessProxies List<string>
Access Proxy.
AccessProxy6 string
IPv6 access proxy.
Action string
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
Adom string
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
ApplicationList string
Name of an existing Application list.
AvProfile string
Name of an existing Antivirus profile.
BlockNotification string
Enable/disable block notification. Valid values: disable, enable.
CasbProfile string
Name of an existing CASB profile.
CifsProfile string
Name of an existing CIFS profile.
Comments string
Optional comments.
DecryptedTrafficMirror string
Decrypted traffic mirror.
DetectHttpsInHttpRequest string
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
DeviceOwnership string
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
DiameterFilterProfile string
Name of an existing Diameter filter profile.
Disclaimer string
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
DlpProfile string
Name of an existing DLP profile.
DlpSensor string
Name of an existing DLP sensor.
DnsfilterProfiles List<string>
Name of an existing DNS filter profile.
Dstaddr6s List<string>
IPv6 destination address objects.
DstaddrNegate string
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
Dstaddrs List<string>
Destination address objects.
Dstintfs List<string>
Destination interface names.
EmailfilterProfile string
Name of an existing email filter profile.
FileFilterProfile string
Name of an existing file-filter profile.
GlobalLabel string
Global web-based manager visible label.
Groups List<string>
Names of group objects.
HttpTunnelAuth string
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
IcapProfile string
Name of an existing ICAP profile.
InternetService string
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetService6 string
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
InternetService6CustomGroups List<string>
Custom Internet Service IPv6 group name.
InternetService6Customs List<string>
Custom Internet Service IPv6 name.
InternetService6Groups List<string>
Internet Service IPv6 group name.
InternetService6Names List<string>
Internet Service IPv6 name.
InternetService6Negate string
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
InternetServiceCustom string
Custom Internet Service name.
InternetServiceCustomGroup string
Custom Internet Service group name.
InternetServiceGroup string
Internet Service group name.
InternetServiceId string
Internet Service ID.
InternetServiceName string
Internet Service name.
InternetServiceNegate string
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
IpsSensor string
Name of an existing IPS sensor.
IpsVoipFilter string
Name of an existing VoIP (ips) profile.
Label string
VDOM-specific GUI visible label.
LogHttpTransaction string
Enable/disable HTTP transaction log. Valid values: disable, enable.
Logtraffic string
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
LogtrafficStart string
Enable/disable policy log traffic start. Valid values: disable, enable.
MmsProfile string
Name of an existing MMS profile.
Name string
Policy name.
PackagesFirewallProxypolicyId string
an identifier for the resource with format {{policyid}}.
PkgFolderPath string
Pkg Folder Path.
Policyid double
Policy ID.
Poolnames List<string>
Name of IP pool object.
ProfileGroup string
Name of profile group.
ProfileProtocolOptions string
Name of an existing Protocol options profile.
ProfileType string
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Proxy string
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
RedirectUrl string
Redirect URL for further explicit web proxy processing.
ReplacemsgOverrideGroup string
Authentication replacement message override group.
ScanBotnetConnections string
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
Schedule string
Name of schedule object.
Scopetype string
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SctpFilterProfile string
Name of an existing SCTP filter profile.
ServiceNegate string
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
Services List<string>
Name of service objects.
SessionTtl double
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
SpamfilterProfile string
Name of an existing Spam filter profile.
Srcaddr6s List<string>
IPv6 source address objects.
SrcaddrNegate string
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
Srcaddrs List<string>
Source address objects.
Srcintf string
Source interface names.
SshFilterProfile string
Name of an existing SSH filter profile.
SshPolicyRedirect string
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslSshProfile string
Name of an existing SSL SSH profile.
Status string
Enable/disable the active status of the policy. Valid values: disable, enable.
Transparent string
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
Users List<string>
Names of user objects.
UtmStatus string
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
Uuid string
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VideofilterProfile string
Name of an existing VideoFilter profile.
VirtualPatchProfile string
Virtual-Patch-Profile.
VoipProfile string
Name of an existing VoIP profile.
WafProfile string
Name of an existing Web application firewall profile.
Webcache string
Enable/disable web caching. Valid values: disable, enable.
WebcacheHttps string
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
WebfilterProfile string
Name of an existing Web filter profile.
WebproxyForwardServer string
Web proxy forward server name.
WebproxyProfile string
Name of web proxy profile.
ZtnaEmsTags List<string>
ZTNA EMS Tag names.
ZtnaProxies List<string>
IPv4 ZTNA traffic forward proxy.
ZtnaTagsMatchLogic string
ZTNA tag matching logic. Valid values: or, and.
_policyBlock double
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
Pkg This property is required. string
Package.
AccessProxies []string
Access Proxy.
AccessProxy6 string
IPv6 access proxy.
Action string
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
Adom string
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
ApplicationList string
Name of an existing Application list.
AvProfile string
Name of an existing Antivirus profile.
BlockNotification string
Enable/disable block notification. Valid values: disable, enable.
CasbProfile string
Name of an existing CASB profile.
CifsProfile string
Name of an existing CIFS profile.
Comments string
Optional comments.
DecryptedTrafficMirror string
Decrypted traffic mirror.
DetectHttpsInHttpRequest string
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
DeviceOwnership string
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
DiameterFilterProfile string
Name of an existing Diameter filter profile.
Disclaimer string
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
DlpProfile string
Name of an existing DLP profile.
DlpSensor string
Name of an existing DLP sensor.
DnsfilterProfiles []string
Name of an existing DNS filter profile.
Dstaddr6s []string
IPv6 destination address objects.
DstaddrNegate string
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
Dstaddrs []string
Destination address objects.
Dstintfs []string
Destination interface names.
EmailfilterProfile string
Name of an existing email filter profile.
FileFilterProfile string
Name of an existing file-filter profile.
GlobalLabel string
Global web-based manager visible label.
Groups []string
Names of group objects.
HttpTunnelAuth string
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
IcapProfile string
Name of an existing ICAP profile.
InternetService string
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetService6 string
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
InternetService6CustomGroups []string
Custom Internet Service IPv6 group name.
InternetService6Customs []string
Custom Internet Service IPv6 name.
InternetService6Groups []string
Internet Service IPv6 group name.
InternetService6Names []string
Internet Service IPv6 name.
InternetService6Negate string
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
InternetServiceCustom string
Custom Internet Service name.
InternetServiceCustomGroup string
Custom Internet Service group name.
InternetServiceGroup string
Internet Service group name.
InternetServiceId string
Internet Service ID.
InternetServiceName string
Internet Service name.
InternetServiceNegate string
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
IpsSensor string
Name of an existing IPS sensor.
IpsVoipFilter string
Name of an existing VoIP (ips) profile.
Label string
VDOM-specific GUI visible label.
LogHttpTransaction string
Enable/disable HTTP transaction log. Valid values: disable, enable.
Logtraffic string
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
LogtrafficStart string
Enable/disable policy log traffic start. Valid values: disable, enable.
MmsProfile string
Name of an existing MMS profile.
Name string
Policy name.
PackagesFirewallProxypolicyId string
an identifier for the resource with format {{policyid}}.
PkgFolderPath string
Pkg Folder Path.
Policyid float64
Policy ID.
Poolnames []string
Name of IP pool object.
ProfileGroup string
Name of profile group.
ProfileProtocolOptions string
Name of an existing Protocol options profile.
ProfileType string
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Proxy string
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
RedirectUrl string
Redirect URL for further explicit web proxy processing.
ReplacemsgOverrideGroup string
Authentication replacement message override group.
ScanBotnetConnections string
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
Schedule string
Name of schedule object.
Scopetype string
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SctpFilterProfile string
Name of an existing SCTP filter profile.
ServiceNegate string
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
Services []string
Name of service objects.
SessionTtl float64
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
SpamfilterProfile string
Name of an existing Spam filter profile.
Srcaddr6s []string
IPv6 source address objects.
SrcaddrNegate string
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
Srcaddrs []string
Source address objects.
Srcintf string
Source interface names.
SshFilterProfile string
Name of an existing SSH filter profile.
SshPolicyRedirect string
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslSshProfile string
Name of an existing SSL SSH profile.
Status string
Enable/disable the active status of the policy. Valid values: disable, enable.
Transparent string
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
Users []string
Names of user objects.
UtmStatus string
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
Uuid string
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VideofilterProfile string
Name of an existing VideoFilter profile.
VirtualPatchProfile string
Virtual-Patch-Profile.
VoipProfile string
Name of an existing VoIP profile.
WafProfile string
Name of an existing Web application firewall profile.
Webcache string
Enable/disable web caching. Valid values: disable, enable.
WebcacheHttps string
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
WebfilterProfile string
Name of an existing Web filter profile.
WebproxyForwardServer string
Web proxy forward server name.
WebproxyProfile string
Name of web proxy profile.
ZtnaEmsTags []string
ZTNA EMS Tag names.
ZtnaProxies []string
IPv4 ZTNA traffic forward proxy.
ZtnaTagsMatchLogic string
ZTNA tag matching logic. Valid values: or, and.
_policyBlock float64
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
pkg This property is required. String
Package.
_policyBlock Double
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
accessProxies List<String>
Access Proxy.
accessProxy6 String
IPv6 access proxy.
action String
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
adom String
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
applicationList String
Name of an existing Application list.
avProfile String
Name of an existing Antivirus profile.
blockNotification String
Enable/disable block notification. Valid values: disable, enable.
casbProfile String
Name of an existing CASB profile.
cifsProfile String
Name of an existing CIFS profile.
comments String
Optional comments.
decryptedTrafficMirror String
Decrypted traffic mirror.
detectHttpsInHttpRequest String
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
deviceOwnership String
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
diameterFilterProfile String
Name of an existing Diameter filter profile.
disclaimer String
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
dlpProfile String
Name of an existing DLP profile.
dlpSensor String
Name of an existing DLP sensor.
dnsfilterProfiles List<String>
Name of an existing DNS filter profile.
dstaddr6s List<String>
IPv6 destination address objects.
dstaddrNegate String
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
dstaddrs List<String>
Destination address objects.
dstintfs List<String>
Destination interface names.
emailfilterProfile String
Name of an existing email filter profile.
fileFilterProfile String
Name of an existing file-filter profile.
globalLabel String
Global web-based manager visible label.
groups List<String>
Names of group objects.
httpTunnelAuth String
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
icapProfile String
Name of an existing ICAP profile.
internetService String
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 String
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
internetService6CustomGroups List<String>
Custom Internet Service IPv6 group name.
internetService6Customs List<String>
Custom Internet Service IPv6 name.
internetService6Groups List<String>
Internet Service IPv6 group name.
internetService6Names List<String>
Internet Service IPv6 name.
internetService6Negate String
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
internetServiceCustom String
Custom Internet Service name.
internetServiceCustomGroup String
Custom Internet Service group name.
internetServiceGroup String
Internet Service group name.
internetServiceId String
Internet Service ID.
internetServiceName String
Internet Service name.
internetServiceNegate String
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
ipsSensor String
Name of an existing IPS sensor.
ipsVoipFilter String
Name of an existing VoIP (ips) profile.
label String
VDOM-specific GUI visible label.
logHttpTransaction String
Enable/disable HTTP transaction log. Valid values: disable, enable.
logtraffic String
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
logtrafficStart String
Enable/disable policy log traffic start. Valid values: disable, enable.
mmsProfile String
Name of an existing MMS profile.
name String
Policy name.
packagesFirewallProxypolicyId String
an identifier for the resource with format {{policyid}}.
pkgFolderPath String
Pkg Folder Path.
policyid Double
Policy ID.
poolnames List<String>
Name of IP pool object.
profileGroup String
Name of profile group.
profileProtocolOptions String
Name of an existing Protocol options profile.
profileType String
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
proxy String
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
redirectUrl String
Redirect URL for further explicit web proxy processing.
replacemsgOverrideGroup String
Authentication replacement message override group.
scanBotnetConnections String
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
schedule String
Name of schedule object.
scopetype String
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile String
Name of an existing SCTP filter profile.
serviceNegate String
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
services List<String>
Name of service objects.
sessionTtl Double
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
spamfilterProfile String
Name of an existing Spam filter profile.
srcaddr6s List<String>
IPv6 source address objects.
srcaddrNegate String
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
srcaddrs List<String>
Source address objects.
srcintf String
Source interface names.
sshFilterProfile String
Name of an existing SSH filter profile.
sshPolicyRedirect String
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile String
Name of an existing SSL SSH profile.
status String
Enable/disable the active status of the policy. Valid values: disable, enable.
transparent String
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
users List<String>
Names of user objects.
utmStatus String
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
uuid String
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile String
Name of an existing VideoFilter profile.
virtualPatchProfile String
Virtual-Patch-Profile.
voipProfile String
Name of an existing VoIP profile.
wafProfile String
Name of an existing Web application firewall profile.
webcache String
Enable/disable web caching. Valid values: disable, enable.
webcacheHttps String
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
webfilterProfile String
Name of an existing Web filter profile.
webproxyForwardServer String
Web proxy forward server name.
webproxyProfile String
Name of web proxy profile.
ztnaEmsTags List<String>
ZTNA EMS Tag names.
ztnaProxies List<String>
IPv4 ZTNA traffic forward proxy.
ztnaTagsMatchLogic String
ZTNA tag matching logic. Valid values: or, and.
pkg This property is required. string
Package.
_policyBlock number
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
accessProxies string[]
Access Proxy.
accessProxy6 string
IPv6 access proxy.
action string
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
adom string
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
applicationList string
Name of an existing Application list.
avProfile string
Name of an existing Antivirus profile.
blockNotification string
Enable/disable block notification. Valid values: disable, enable.
casbProfile string
Name of an existing CASB profile.
cifsProfile string
Name of an existing CIFS profile.
comments string
Optional comments.
decryptedTrafficMirror string
Decrypted traffic mirror.
detectHttpsInHttpRequest string
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
deviceOwnership string
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
diameterFilterProfile string
Name of an existing Diameter filter profile.
disclaimer string
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
dlpProfile string
Name of an existing DLP profile.
dlpSensor string
Name of an existing DLP sensor.
dnsfilterProfiles string[]
Name of an existing DNS filter profile.
dstaddr6s string[]
IPv6 destination address objects.
dstaddrNegate string
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
dstaddrs string[]
Destination address objects.
dstintfs string[]
Destination interface names.
emailfilterProfile string
Name of an existing email filter profile.
fileFilterProfile string
Name of an existing file-filter profile.
globalLabel string
Global web-based manager visible label.
groups string[]
Names of group objects.
httpTunnelAuth string
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
icapProfile string
Name of an existing ICAP profile.
internetService string
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 string
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
internetService6CustomGroups string[]
Custom Internet Service IPv6 group name.
internetService6Customs string[]
Custom Internet Service IPv6 name.
internetService6Groups string[]
Internet Service IPv6 group name.
internetService6Names string[]
Internet Service IPv6 name.
internetService6Negate string
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
internetServiceCustom string
Custom Internet Service name.
internetServiceCustomGroup string
Custom Internet Service group name.
internetServiceGroup string
Internet Service group name.
internetServiceId string
Internet Service ID.
internetServiceName string
Internet Service name.
internetServiceNegate string
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
ipsSensor string
Name of an existing IPS sensor.
ipsVoipFilter string
Name of an existing VoIP (ips) profile.
label string
VDOM-specific GUI visible label.
logHttpTransaction string
Enable/disable HTTP transaction log. Valid values: disable, enable.
logtraffic string
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
logtrafficStart string
Enable/disable policy log traffic start. Valid values: disable, enable.
mmsProfile string
Name of an existing MMS profile.
name string
Policy name.
packagesFirewallProxypolicyId string
an identifier for the resource with format {{policyid}}.
pkgFolderPath string
Pkg Folder Path.
policyid number
Policy ID.
poolnames string[]
Name of IP pool object.
profileGroup string
Name of profile group.
profileProtocolOptions string
Name of an existing Protocol options profile.
profileType string
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
proxy string
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
redirectUrl string
Redirect URL for further explicit web proxy processing.
replacemsgOverrideGroup string
Authentication replacement message override group.
scanBotnetConnections string
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
schedule string
Name of schedule object.
scopetype string
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile string
Name of an existing SCTP filter profile.
serviceNegate string
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
services string[]
Name of service objects.
sessionTtl number
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
spamfilterProfile string
Name of an existing Spam filter profile.
srcaddr6s string[]
IPv6 source address objects.
srcaddrNegate string
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
srcaddrs string[]
Source address objects.
srcintf string
Source interface names.
sshFilterProfile string
Name of an existing SSH filter profile.
sshPolicyRedirect string
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile string
Name of an existing SSL SSH profile.
status string
Enable/disable the active status of the policy. Valid values: disable, enable.
transparent string
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
users string[]
Names of user objects.
utmStatus string
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
uuid string
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile string
Name of an existing VideoFilter profile.
virtualPatchProfile string
Virtual-Patch-Profile.
voipProfile string
Name of an existing VoIP profile.
wafProfile string
Name of an existing Web application firewall profile.
webcache string
Enable/disable web caching. Valid values: disable, enable.
webcacheHttps string
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
webfilterProfile string
Name of an existing Web filter profile.
webproxyForwardServer string
Web proxy forward server name.
webproxyProfile string
Name of web proxy profile.
ztnaEmsTags string[]
ZTNA EMS Tag names.
ztnaProxies string[]
IPv4 ZTNA traffic forward proxy.
ztnaTagsMatchLogic string
ZTNA tag matching logic. Valid values: or, and.
pkg This property is required. str
Package.
_policy_block float
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
access_proxies Sequence[str]
Access Proxy.
access_proxy6 str
IPv6 access proxy.
action str
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
adom str
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
application_list str
Name of an existing Application list.
av_profile str
Name of an existing Antivirus profile.
block_notification str
Enable/disable block notification. Valid values: disable, enable.
casb_profile str
Name of an existing CASB profile.
cifs_profile str
Name of an existing CIFS profile.
comments str
Optional comments.
decrypted_traffic_mirror str
Decrypted traffic mirror.
detect_https_in_http_request str
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
device_ownership str
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
diameter_filter_profile str
Name of an existing Diameter filter profile.
disclaimer str
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
dlp_profile str
Name of an existing DLP profile.
dlp_sensor str
Name of an existing DLP sensor.
dnsfilter_profiles Sequence[str]
Name of an existing DNS filter profile.
dstaddr6s Sequence[str]
IPv6 destination address objects.
dstaddr_negate str
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
dstaddrs Sequence[str]
Destination address objects.
dstintfs Sequence[str]
Destination interface names.
emailfilter_profile str
Name of an existing email filter profile.
file_filter_profile str
Name of an existing file-filter profile.
global_label str
Global web-based manager visible label.
groups Sequence[str]
Names of group objects.
http_tunnel_auth str
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
icap_profile str
Name of an existing ICAP profile.
internet_service str
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internet_service6 str
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
internet_service6_custom_groups Sequence[str]
Custom Internet Service IPv6 group name.
internet_service6_customs Sequence[str]
Custom Internet Service IPv6 name.
internet_service6_groups Sequence[str]
Internet Service IPv6 group name.
internet_service6_names Sequence[str]
Internet Service IPv6 name.
internet_service6_negate str
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
internet_service_custom str
Custom Internet Service name.
internet_service_custom_group str
Custom Internet Service group name.
internet_service_group str
Internet Service group name.
internet_service_id str
Internet Service ID.
internet_service_name str
Internet Service name.
internet_service_negate str
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
ips_sensor str
Name of an existing IPS sensor.
ips_voip_filter str
Name of an existing VoIP (ips) profile.
label str
VDOM-specific GUI visible label.
log_http_transaction str
Enable/disable HTTP transaction log. Valid values: disable, enable.
logtraffic str
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
logtraffic_start str
Enable/disable policy log traffic start. Valid values: disable, enable.
mms_profile str
Name of an existing MMS profile.
name str
Policy name.
packages_firewall_proxypolicy_id str
an identifier for the resource with format {{policyid}}.
pkg_folder_path str
Pkg Folder Path.
policyid float
Policy ID.
poolnames Sequence[str]
Name of IP pool object.
profile_group str
Name of profile group.
profile_protocol_options str
Name of an existing Protocol options profile.
profile_type str
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
proxy str
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
redirect_url str
Redirect URL for further explicit web proxy processing.
replacemsg_override_group str
Authentication replacement message override group.
scan_botnet_connections str
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
schedule str
Name of schedule object.
scopetype str
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctp_filter_profile str
Name of an existing SCTP filter profile.
service_negate str
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
services Sequence[str]
Name of service objects.
session_ttl float
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
spamfilter_profile str
Name of an existing Spam filter profile.
srcaddr6s Sequence[str]
IPv6 source address objects.
srcaddr_negate str
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
srcaddrs Sequence[str]
Source address objects.
srcintf str
Source interface names.
ssh_filter_profile str
Name of an existing SSH filter profile.
ssh_policy_redirect str
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
ssl_ssh_profile str
Name of an existing SSL SSH profile.
status str
Enable/disable the active status of the policy. Valid values: disable, enable.
transparent str
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
users Sequence[str]
Names of user objects.
utm_status str
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
uuid str
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilter_profile str
Name of an existing VideoFilter profile.
virtual_patch_profile str
Virtual-Patch-Profile.
voip_profile str
Name of an existing VoIP profile.
waf_profile str
Name of an existing Web application firewall profile.
webcache str
Enable/disable web caching. Valid values: disable, enable.
webcache_https str
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
webfilter_profile str
Name of an existing Web filter profile.
webproxy_forward_server str
Web proxy forward server name.
webproxy_profile str
Name of web proxy profile.
ztna_ems_tags Sequence[str]
ZTNA EMS Tag names.
ztna_proxies Sequence[str]
IPv4 ZTNA traffic forward proxy.
ztna_tags_match_logic str
ZTNA tag matching logic. Valid values: or, and.
pkg This property is required. String
Package.
_policyBlock Number
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
accessProxies List<String>
Access Proxy.
accessProxy6 String
IPv6 access proxy.
action String
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
adom String
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
applicationList String
Name of an existing Application list.
avProfile String
Name of an existing Antivirus profile.
blockNotification String
Enable/disable block notification. Valid values: disable, enable.
casbProfile String
Name of an existing CASB profile.
cifsProfile String
Name of an existing CIFS profile.
comments String
Optional comments.
decryptedTrafficMirror String
Decrypted traffic mirror.
detectHttpsInHttpRequest String
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
deviceOwnership String
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
diameterFilterProfile String
Name of an existing Diameter filter profile.
disclaimer String
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
dlpProfile String
Name of an existing DLP profile.
dlpSensor String
Name of an existing DLP sensor.
dnsfilterProfiles List<String>
Name of an existing DNS filter profile.
dstaddr6s List<String>
IPv6 destination address objects.
dstaddrNegate String
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
dstaddrs List<String>
Destination address objects.
dstintfs List<String>
Destination interface names.
emailfilterProfile String
Name of an existing email filter profile.
fileFilterProfile String
Name of an existing file-filter profile.
globalLabel String
Global web-based manager visible label.
groups List<String>
Names of group objects.
httpTunnelAuth String
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
icapProfile String
Name of an existing ICAP profile.
internetService String
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 String
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
internetService6CustomGroups List<String>
Custom Internet Service IPv6 group name.
internetService6Customs List<String>
Custom Internet Service IPv6 name.
internetService6Groups List<String>
Internet Service IPv6 group name.
internetService6Names List<String>
Internet Service IPv6 name.
internetService6Negate String
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
internetServiceCustom String
Custom Internet Service name.
internetServiceCustomGroup String
Custom Internet Service group name.
internetServiceGroup String
Internet Service group name.
internetServiceId String
Internet Service ID.
internetServiceName String
Internet Service name.
internetServiceNegate String
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
ipsSensor String
Name of an existing IPS sensor.
ipsVoipFilter String
Name of an existing VoIP (ips) profile.
label String
VDOM-specific GUI visible label.
logHttpTransaction String
Enable/disable HTTP transaction log. Valid values: disable, enable.
logtraffic String
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
logtrafficStart String
Enable/disable policy log traffic start. Valid values: disable, enable.
mmsProfile String
Name of an existing MMS profile.
name String
Policy name.
packagesFirewallProxypolicyId String
an identifier for the resource with format {{policyid}}.
pkgFolderPath String
Pkg Folder Path.
policyid Number
Policy ID.
poolnames List<String>
Name of IP pool object.
profileGroup String
Name of profile group.
profileProtocolOptions String
Name of an existing Protocol options profile.
profileType String
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
proxy String
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
redirectUrl String
Redirect URL for further explicit web proxy processing.
replacemsgOverrideGroup String
Authentication replacement message override group.
scanBotnetConnections String
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
schedule String
Name of schedule object.
scopetype String
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile String
Name of an existing SCTP filter profile.
serviceNegate String
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
services List<String>
Name of service objects.
sessionTtl Number
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
spamfilterProfile String
Name of an existing Spam filter profile.
srcaddr6s List<String>
IPv6 source address objects.
srcaddrNegate String
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
srcaddrs List<String>
Source address objects.
srcintf String
Source interface names.
sshFilterProfile String
Name of an existing SSH filter profile.
sshPolicyRedirect String
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile String
Name of an existing SSL SSH profile.
status String
Enable/disable the active status of the policy. Valid values: disable, enable.
transparent String
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
users List<String>
Names of user objects.
utmStatus String
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
uuid String
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile String
Name of an existing VideoFilter profile.
virtualPatchProfile String
Virtual-Patch-Profile.
voipProfile String
Name of an existing VoIP profile.
wafProfile String
Name of an existing Web application firewall profile.
webcache String
Enable/disable web caching. Valid values: disable, enable.
webcacheHttps String
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
webfilterProfile String
Name of an existing Web filter profile.
webproxyForwardServer String
Web proxy forward server name.
webproxyProfile String
Name of web proxy profile.
ztnaEmsTags List<String>
ZTNA EMS Tag names.
ztnaProxies List<String>
IPv4 ZTNA traffic forward proxy.
ztnaTagsMatchLogic String
ZTNA tag matching logic. Valid values: or, and.

Outputs

All input properties are implicitly available as output properties. Additionally, the PackagesFirewallProxypolicy resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing PackagesFirewallProxypolicy Resource

Get an existing PackagesFirewallProxypolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PackagesFirewallProxypolicyState, opts?: CustomResourceOptions): PackagesFirewallProxypolicy
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _policy_block: Optional[float] = None,
        access_proxies: Optional[Sequence[str]] = None,
        access_proxy6: Optional[str] = None,
        action: Optional[str] = None,
        adom: Optional[str] = None,
        application_list: Optional[str] = None,
        av_profile: Optional[str] = None,
        block_notification: Optional[str] = None,
        casb_profile: Optional[str] = None,
        cifs_profile: Optional[str] = None,
        comments: Optional[str] = None,
        decrypted_traffic_mirror: Optional[str] = None,
        detect_https_in_http_request: Optional[str] = None,
        device_ownership: Optional[str] = None,
        diameter_filter_profile: Optional[str] = None,
        disclaimer: Optional[str] = None,
        dlp_profile: Optional[str] = None,
        dlp_sensor: Optional[str] = None,
        dnsfilter_profiles: Optional[Sequence[str]] = None,
        dstaddr6s: Optional[Sequence[str]] = None,
        dstaddr_negate: Optional[str] = None,
        dstaddrs: Optional[Sequence[str]] = None,
        dstintfs: Optional[Sequence[str]] = None,
        emailfilter_profile: Optional[str] = None,
        file_filter_profile: Optional[str] = None,
        global_label: Optional[str] = None,
        groups: Optional[Sequence[str]] = None,
        http_tunnel_auth: Optional[str] = None,
        icap_profile: Optional[str] = None,
        internet_service: Optional[str] = None,
        internet_service6: Optional[str] = None,
        internet_service6_custom_groups: Optional[Sequence[str]] = None,
        internet_service6_customs: Optional[Sequence[str]] = None,
        internet_service6_groups: Optional[Sequence[str]] = None,
        internet_service6_names: Optional[Sequence[str]] = None,
        internet_service6_negate: Optional[str] = None,
        internet_service_custom: Optional[str] = None,
        internet_service_custom_group: Optional[str] = None,
        internet_service_group: Optional[str] = None,
        internet_service_id: Optional[str] = None,
        internet_service_name: Optional[str] = None,
        internet_service_negate: Optional[str] = None,
        ips_sensor: Optional[str] = None,
        ips_voip_filter: Optional[str] = None,
        label: Optional[str] = None,
        log_http_transaction: Optional[str] = None,
        logtraffic: Optional[str] = None,
        logtraffic_start: Optional[str] = None,
        mms_profile: Optional[str] = None,
        name: Optional[str] = None,
        packages_firewall_proxypolicy_id: Optional[str] = None,
        pkg: Optional[str] = None,
        pkg_folder_path: Optional[str] = None,
        policyid: Optional[float] = None,
        poolnames: Optional[Sequence[str]] = None,
        profile_group: Optional[str] = None,
        profile_protocol_options: Optional[str] = None,
        profile_type: Optional[str] = None,
        proxy: Optional[str] = None,
        redirect_url: Optional[str] = None,
        replacemsg_override_group: Optional[str] = None,
        scan_botnet_connections: Optional[str] = None,
        schedule: Optional[str] = None,
        scopetype: Optional[str] = None,
        sctp_filter_profile: Optional[str] = None,
        service_negate: Optional[str] = None,
        services: Optional[Sequence[str]] = None,
        session_ttl: Optional[float] = None,
        spamfilter_profile: Optional[str] = None,
        srcaddr6s: Optional[Sequence[str]] = None,
        srcaddr_negate: Optional[str] = None,
        srcaddrs: Optional[Sequence[str]] = None,
        srcintf: Optional[str] = None,
        ssh_filter_profile: Optional[str] = None,
        ssh_policy_redirect: Optional[str] = None,
        ssl_ssh_profile: Optional[str] = None,
        status: Optional[str] = None,
        transparent: Optional[str] = None,
        users: Optional[Sequence[str]] = None,
        utm_status: Optional[str] = None,
        uuid: Optional[str] = None,
        videofilter_profile: Optional[str] = None,
        virtual_patch_profile: Optional[str] = None,
        voip_profile: Optional[str] = None,
        waf_profile: Optional[str] = None,
        webcache: Optional[str] = None,
        webcache_https: Optional[str] = None,
        webfilter_profile: Optional[str] = None,
        webproxy_forward_server: Optional[str] = None,
        webproxy_profile: Optional[str] = None,
        ztna_ems_tags: Optional[Sequence[str]] = None,
        ztna_proxies: Optional[Sequence[str]] = None,
        ztna_tags_match_logic: Optional[str] = None) -> PackagesFirewallProxypolicy
func GetPackagesFirewallProxypolicy(ctx *Context, name string, id IDInput, state *PackagesFirewallProxypolicyState, opts ...ResourceOption) (*PackagesFirewallProxypolicy, error)
public static PackagesFirewallProxypolicy Get(string name, Input<string> id, PackagesFirewallProxypolicyState? state, CustomResourceOptions? opts = null)
public static PackagesFirewallProxypolicy get(String name, Output<String> id, PackagesFirewallProxypolicyState state, CustomResourceOptions options)
resources:  _:    type: fortimanager:PackagesFirewallProxypolicy    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccessProxies List<string>
Access Proxy.
AccessProxy6 string
IPv6 access proxy.
Action string
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
Adom string
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
ApplicationList string
Name of an existing Application list.
AvProfile string
Name of an existing Antivirus profile.
BlockNotification string
Enable/disable block notification. Valid values: disable, enable.
CasbProfile string
Name of an existing CASB profile.
CifsProfile string
Name of an existing CIFS profile.
Comments string
Optional comments.
DecryptedTrafficMirror string
Decrypted traffic mirror.
DetectHttpsInHttpRequest string
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
DeviceOwnership string
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
DiameterFilterProfile string
Name of an existing Diameter filter profile.
Disclaimer string
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
DlpProfile string
Name of an existing DLP profile.
DlpSensor string
Name of an existing DLP sensor.
DnsfilterProfiles List<string>
Name of an existing DNS filter profile.
Dstaddr6s List<string>
IPv6 destination address objects.
DstaddrNegate string
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
Dstaddrs List<string>
Destination address objects.
Dstintfs List<string>
Destination interface names.
EmailfilterProfile string
Name of an existing email filter profile.
FileFilterProfile string
Name of an existing file-filter profile.
GlobalLabel string
Global web-based manager visible label.
Groups List<string>
Names of group objects.
HttpTunnelAuth string
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
IcapProfile string
Name of an existing ICAP profile.
InternetService string
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetService6 string
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
InternetService6CustomGroups List<string>
Custom Internet Service IPv6 group name.
InternetService6Customs List<string>
Custom Internet Service IPv6 name.
InternetService6Groups List<string>
Internet Service IPv6 group name.
InternetService6Names List<string>
Internet Service IPv6 name.
InternetService6Negate string
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
InternetServiceCustom string
Custom Internet Service name.
InternetServiceCustomGroup string
Custom Internet Service group name.
InternetServiceGroup string
Internet Service group name.
InternetServiceId string
Internet Service ID.
InternetServiceName string
Internet Service name.
InternetServiceNegate string
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
IpsSensor string
Name of an existing IPS sensor.
IpsVoipFilter string
Name of an existing VoIP (ips) profile.
Label string
VDOM-specific GUI visible label.
LogHttpTransaction string
Enable/disable HTTP transaction log. Valid values: disable, enable.
Logtraffic string
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
LogtrafficStart string
Enable/disable policy log traffic start. Valid values: disable, enable.
MmsProfile string
Name of an existing MMS profile.
Name string
Policy name.
PackagesFirewallProxypolicyId string
an identifier for the resource with format {{policyid}}.
Pkg string
Package.
PkgFolderPath string
Pkg Folder Path.
Policyid double
Policy ID.
Poolnames List<string>
Name of IP pool object.
ProfileGroup string
Name of profile group.
ProfileProtocolOptions string
Name of an existing Protocol options profile.
ProfileType string
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Proxy string
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
RedirectUrl string
Redirect URL for further explicit web proxy processing.
ReplacemsgOverrideGroup string
Authentication replacement message override group.
ScanBotnetConnections string
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
Schedule string
Name of schedule object.
Scopetype string
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SctpFilterProfile string
Name of an existing SCTP filter profile.
ServiceNegate string
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
Services List<string>
Name of service objects.
SessionTtl double
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
SpamfilterProfile string
Name of an existing Spam filter profile.
Srcaddr6s List<string>
IPv6 source address objects.
SrcaddrNegate string
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
Srcaddrs List<string>
Source address objects.
Srcintf string
Source interface names.
SshFilterProfile string
Name of an existing SSH filter profile.
SshPolicyRedirect string
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslSshProfile string
Name of an existing SSL SSH profile.
Status string
Enable/disable the active status of the policy. Valid values: disable, enable.
Transparent string
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
Users List<string>
Names of user objects.
UtmStatus string
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
Uuid string
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VideofilterProfile string
Name of an existing VideoFilter profile.
VirtualPatchProfile string
Virtual-Patch-Profile.
VoipProfile string
Name of an existing VoIP profile.
WafProfile string
Name of an existing Web application firewall profile.
Webcache string
Enable/disable web caching. Valid values: disable, enable.
WebcacheHttps string
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
WebfilterProfile string
Name of an existing Web filter profile.
WebproxyForwardServer string
Web proxy forward server name.
WebproxyProfile string
Name of web proxy profile.
ZtnaEmsTags List<string>
ZTNA EMS Tag names.
ZtnaProxies List<string>
IPv4 ZTNA traffic forward proxy.
ZtnaTagsMatchLogic string
ZTNA tag matching logic. Valid values: or, and.
_policyBlock double
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
AccessProxies []string
Access Proxy.
AccessProxy6 string
IPv6 access proxy.
Action string
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
Adom string
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
ApplicationList string
Name of an existing Application list.
AvProfile string
Name of an existing Antivirus profile.
BlockNotification string
Enable/disable block notification. Valid values: disable, enable.
CasbProfile string
Name of an existing CASB profile.
CifsProfile string
Name of an existing CIFS profile.
Comments string
Optional comments.
DecryptedTrafficMirror string
Decrypted traffic mirror.
DetectHttpsInHttpRequest string
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
DeviceOwnership string
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
DiameterFilterProfile string
Name of an existing Diameter filter profile.
Disclaimer string
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
DlpProfile string
Name of an existing DLP profile.
DlpSensor string
Name of an existing DLP sensor.
DnsfilterProfiles []string
Name of an existing DNS filter profile.
Dstaddr6s []string
IPv6 destination address objects.
DstaddrNegate string
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
Dstaddrs []string
Destination address objects.
Dstintfs []string
Destination interface names.
EmailfilterProfile string
Name of an existing email filter profile.
FileFilterProfile string
Name of an existing file-filter profile.
GlobalLabel string
Global web-based manager visible label.
Groups []string
Names of group objects.
HttpTunnelAuth string
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
IcapProfile string
Name of an existing ICAP profile.
InternetService string
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetService6 string
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
InternetService6CustomGroups []string
Custom Internet Service IPv6 group name.
InternetService6Customs []string
Custom Internet Service IPv6 name.
InternetService6Groups []string
Internet Service IPv6 group name.
InternetService6Names []string
Internet Service IPv6 name.
InternetService6Negate string
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
InternetServiceCustom string
Custom Internet Service name.
InternetServiceCustomGroup string
Custom Internet Service group name.
InternetServiceGroup string
Internet Service group name.
InternetServiceId string
Internet Service ID.
InternetServiceName string
Internet Service name.
InternetServiceNegate string
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
IpsSensor string
Name of an existing IPS sensor.
IpsVoipFilter string
Name of an existing VoIP (ips) profile.
Label string
VDOM-specific GUI visible label.
LogHttpTransaction string
Enable/disable HTTP transaction log. Valid values: disable, enable.
Logtraffic string
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
LogtrafficStart string
Enable/disable policy log traffic start. Valid values: disable, enable.
MmsProfile string
Name of an existing MMS profile.
Name string
Policy name.
PackagesFirewallProxypolicyId string
an identifier for the resource with format {{policyid}}.
Pkg string
Package.
PkgFolderPath string
Pkg Folder Path.
Policyid float64
Policy ID.
Poolnames []string
Name of IP pool object.
ProfileGroup string
Name of profile group.
ProfileProtocolOptions string
Name of an existing Protocol options profile.
ProfileType string
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Proxy string
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
RedirectUrl string
Redirect URL for further explicit web proxy processing.
ReplacemsgOverrideGroup string
Authentication replacement message override group.
ScanBotnetConnections string
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
Schedule string
Name of schedule object.
Scopetype string
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SctpFilterProfile string
Name of an existing SCTP filter profile.
ServiceNegate string
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
Services []string
Name of service objects.
SessionTtl float64
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
SpamfilterProfile string
Name of an existing Spam filter profile.
Srcaddr6s []string
IPv6 source address objects.
SrcaddrNegate string
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
Srcaddrs []string
Source address objects.
Srcintf string
Source interface names.
SshFilterProfile string
Name of an existing SSH filter profile.
SshPolicyRedirect string
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslSshProfile string
Name of an existing SSL SSH profile.
Status string
Enable/disable the active status of the policy. Valid values: disable, enable.
Transparent string
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
Users []string
Names of user objects.
UtmStatus string
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
Uuid string
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VideofilterProfile string
Name of an existing VideoFilter profile.
VirtualPatchProfile string
Virtual-Patch-Profile.
VoipProfile string
Name of an existing VoIP profile.
WafProfile string
Name of an existing Web application firewall profile.
Webcache string
Enable/disable web caching. Valid values: disable, enable.
WebcacheHttps string
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
WebfilterProfile string
Name of an existing Web filter profile.
WebproxyForwardServer string
Web proxy forward server name.
WebproxyProfile string
Name of web proxy profile.
ZtnaEmsTags []string
ZTNA EMS Tag names.
ZtnaProxies []string
IPv4 ZTNA traffic forward proxy.
ZtnaTagsMatchLogic string
ZTNA tag matching logic. Valid values: or, and.
_policyBlock float64
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
_policyBlock Double
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
accessProxies List<String>
Access Proxy.
accessProxy6 String
IPv6 access proxy.
action String
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
adom String
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
applicationList String
Name of an existing Application list.
avProfile String
Name of an existing Antivirus profile.
blockNotification String
Enable/disable block notification. Valid values: disable, enable.
casbProfile String
Name of an existing CASB profile.
cifsProfile String
Name of an existing CIFS profile.
comments String
Optional comments.
decryptedTrafficMirror String
Decrypted traffic mirror.
detectHttpsInHttpRequest String
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
deviceOwnership String
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
diameterFilterProfile String
Name of an existing Diameter filter profile.
disclaimer String
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
dlpProfile String
Name of an existing DLP profile.
dlpSensor String
Name of an existing DLP sensor.
dnsfilterProfiles List<String>
Name of an existing DNS filter profile.
dstaddr6s List<String>
IPv6 destination address objects.
dstaddrNegate String
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
dstaddrs List<String>
Destination address objects.
dstintfs List<String>
Destination interface names.
emailfilterProfile String
Name of an existing email filter profile.
fileFilterProfile String
Name of an existing file-filter profile.
globalLabel String
Global web-based manager visible label.
groups List<String>
Names of group objects.
httpTunnelAuth String
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
icapProfile String
Name of an existing ICAP profile.
internetService String
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 String
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
internetService6CustomGroups List<String>
Custom Internet Service IPv6 group name.
internetService6Customs List<String>
Custom Internet Service IPv6 name.
internetService6Groups List<String>
Internet Service IPv6 group name.
internetService6Names List<String>
Internet Service IPv6 name.
internetService6Negate String
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
internetServiceCustom String
Custom Internet Service name.
internetServiceCustomGroup String
Custom Internet Service group name.
internetServiceGroup String
Internet Service group name.
internetServiceId String
Internet Service ID.
internetServiceName String
Internet Service name.
internetServiceNegate String
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
ipsSensor String
Name of an existing IPS sensor.
ipsVoipFilter String
Name of an existing VoIP (ips) profile.
label String
VDOM-specific GUI visible label.
logHttpTransaction String
Enable/disable HTTP transaction log. Valid values: disable, enable.
logtraffic String
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
logtrafficStart String
Enable/disable policy log traffic start. Valid values: disable, enable.
mmsProfile String
Name of an existing MMS profile.
name String
Policy name.
packagesFirewallProxypolicyId String
an identifier for the resource with format {{policyid}}.
pkg String
Package.
pkgFolderPath String
Pkg Folder Path.
policyid Double
Policy ID.
poolnames List<String>
Name of IP pool object.
profileGroup String
Name of profile group.
profileProtocolOptions String
Name of an existing Protocol options profile.
profileType String
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
proxy String
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
redirectUrl String
Redirect URL for further explicit web proxy processing.
replacemsgOverrideGroup String
Authentication replacement message override group.
scanBotnetConnections String
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
schedule String
Name of schedule object.
scopetype String
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile String
Name of an existing SCTP filter profile.
serviceNegate String
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
services List<String>
Name of service objects.
sessionTtl Double
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
spamfilterProfile String
Name of an existing Spam filter profile.
srcaddr6s List<String>
IPv6 source address objects.
srcaddrNegate String
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
srcaddrs List<String>
Source address objects.
srcintf String
Source interface names.
sshFilterProfile String
Name of an existing SSH filter profile.
sshPolicyRedirect String
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile String
Name of an existing SSL SSH profile.
status String
Enable/disable the active status of the policy. Valid values: disable, enable.
transparent String
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
users List<String>
Names of user objects.
utmStatus String
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
uuid String
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile String
Name of an existing VideoFilter profile.
virtualPatchProfile String
Virtual-Patch-Profile.
voipProfile String
Name of an existing VoIP profile.
wafProfile String
Name of an existing Web application firewall profile.
webcache String
Enable/disable web caching. Valid values: disable, enable.
webcacheHttps String
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
webfilterProfile String
Name of an existing Web filter profile.
webproxyForwardServer String
Web proxy forward server name.
webproxyProfile String
Name of web proxy profile.
ztnaEmsTags List<String>
ZTNA EMS Tag names.
ztnaProxies List<String>
IPv4 ZTNA traffic forward proxy.
ztnaTagsMatchLogic String
ZTNA tag matching logic. Valid values: or, and.
_policyBlock number
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
accessProxies string[]
Access Proxy.
accessProxy6 string
IPv6 access proxy.
action string
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
adom string
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
applicationList string
Name of an existing Application list.
avProfile string
Name of an existing Antivirus profile.
blockNotification string
Enable/disable block notification. Valid values: disable, enable.
casbProfile string
Name of an existing CASB profile.
cifsProfile string
Name of an existing CIFS profile.
comments string
Optional comments.
decryptedTrafficMirror string
Decrypted traffic mirror.
detectHttpsInHttpRequest string
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
deviceOwnership string
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
diameterFilterProfile string
Name of an existing Diameter filter profile.
disclaimer string
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
dlpProfile string
Name of an existing DLP profile.
dlpSensor string
Name of an existing DLP sensor.
dnsfilterProfiles string[]
Name of an existing DNS filter profile.
dstaddr6s string[]
IPv6 destination address objects.
dstaddrNegate string
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
dstaddrs string[]
Destination address objects.
dstintfs string[]
Destination interface names.
emailfilterProfile string
Name of an existing email filter profile.
fileFilterProfile string
Name of an existing file-filter profile.
globalLabel string
Global web-based manager visible label.
groups string[]
Names of group objects.
httpTunnelAuth string
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
icapProfile string
Name of an existing ICAP profile.
internetService string
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 string
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
internetService6CustomGroups string[]
Custom Internet Service IPv6 group name.
internetService6Customs string[]
Custom Internet Service IPv6 name.
internetService6Groups string[]
Internet Service IPv6 group name.
internetService6Names string[]
Internet Service IPv6 name.
internetService6Negate string
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
internetServiceCustom string
Custom Internet Service name.
internetServiceCustomGroup string
Custom Internet Service group name.
internetServiceGroup string
Internet Service group name.
internetServiceId string
Internet Service ID.
internetServiceName string
Internet Service name.
internetServiceNegate string
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
ipsSensor string
Name of an existing IPS sensor.
ipsVoipFilter string
Name of an existing VoIP (ips) profile.
label string
VDOM-specific GUI visible label.
logHttpTransaction string
Enable/disable HTTP transaction log. Valid values: disable, enable.
logtraffic string
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
logtrafficStart string
Enable/disable policy log traffic start. Valid values: disable, enable.
mmsProfile string
Name of an existing MMS profile.
name string
Policy name.
packagesFirewallProxypolicyId string
an identifier for the resource with format {{policyid}}.
pkg string
Package.
pkgFolderPath string
Pkg Folder Path.
policyid number
Policy ID.
poolnames string[]
Name of IP pool object.
profileGroup string
Name of profile group.
profileProtocolOptions string
Name of an existing Protocol options profile.
profileType string
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
proxy string
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
redirectUrl string
Redirect URL for further explicit web proxy processing.
replacemsgOverrideGroup string
Authentication replacement message override group.
scanBotnetConnections string
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
schedule string
Name of schedule object.
scopetype string
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile string
Name of an existing SCTP filter profile.
serviceNegate string
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
services string[]
Name of service objects.
sessionTtl number
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
spamfilterProfile string
Name of an existing Spam filter profile.
srcaddr6s string[]
IPv6 source address objects.
srcaddrNegate string
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
srcaddrs string[]
Source address objects.
srcintf string
Source interface names.
sshFilterProfile string
Name of an existing SSH filter profile.
sshPolicyRedirect string
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile string
Name of an existing SSL SSH profile.
status string
Enable/disable the active status of the policy. Valid values: disable, enable.
transparent string
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
users string[]
Names of user objects.
utmStatus string
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
uuid string
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile string
Name of an existing VideoFilter profile.
virtualPatchProfile string
Virtual-Patch-Profile.
voipProfile string
Name of an existing VoIP profile.
wafProfile string
Name of an existing Web application firewall profile.
webcache string
Enable/disable web caching. Valid values: disable, enable.
webcacheHttps string
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
webfilterProfile string
Name of an existing Web filter profile.
webproxyForwardServer string
Web proxy forward server name.
webproxyProfile string
Name of web proxy profile.
ztnaEmsTags string[]
ZTNA EMS Tag names.
ztnaProxies string[]
IPv4 ZTNA traffic forward proxy.
ztnaTagsMatchLogic string
ZTNA tag matching logic. Valid values: or, and.
_policy_block float
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
access_proxies Sequence[str]
Access Proxy.
access_proxy6 str
IPv6 access proxy.
action str
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
adom str
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
application_list str
Name of an existing Application list.
av_profile str
Name of an existing Antivirus profile.
block_notification str
Enable/disable block notification. Valid values: disable, enable.
casb_profile str
Name of an existing CASB profile.
cifs_profile str
Name of an existing CIFS profile.
comments str
Optional comments.
decrypted_traffic_mirror str
Decrypted traffic mirror.
detect_https_in_http_request str
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
device_ownership str
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
diameter_filter_profile str
Name of an existing Diameter filter profile.
disclaimer str
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
dlp_profile str
Name of an existing DLP profile.
dlp_sensor str
Name of an existing DLP sensor.
dnsfilter_profiles Sequence[str]
Name of an existing DNS filter profile.
dstaddr6s Sequence[str]
IPv6 destination address objects.
dstaddr_negate str
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
dstaddrs Sequence[str]
Destination address objects.
dstintfs Sequence[str]
Destination interface names.
emailfilter_profile str
Name of an existing email filter profile.
file_filter_profile str
Name of an existing file-filter profile.
global_label str
Global web-based manager visible label.
groups Sequence[str]
Names of group objects.
http_tunnel_auth str
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
icap_profile str
Name of an existing ICAP profile.
internet_service str
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internet_service6 str
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
internet_service6_custom_groups Sequence[str]
Custom Internet Service IPv6 group name.
internet_service6_customs Sequence[str]
Custom Internet Service IPv6 name.
internet_service6_groups Sequence[str]
Internet Service IPv6 group name.
internet_service6_names Sequence[str]
Internet Service IPv6 name.
internet_service6_negate str
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
internet_service_custom str
Custom Internet Service name.
internet_service_custom_group str
Custom Internet Service group name.
internet_service_group str
Internet Service group name.
internet_service_id str
Internet Service ID.
internet_service_name str
Internet Service name.
internet_service_negate str
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
ips_sensor str
Name of an existing IPS sensor.
ips_voip_filter str
Name of an existing VoIP (ips) profile.
label str
VDOM-specific GUI visible label.
log_http_transaction str
Enable/disable HTTP transaction log. Valid values: disable, enable.
logtraffic str
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
logtraffic_start str
Enable/disable policy log traffic start. Valid values: disable, enable.
mms_profile str
Name of an existing MMS profile.
name str
Policy name.
packages_firewall_proxypolicy_id str
an identifier for the resource with format {{policyid}}.
pkg str
Package.
pkg_folder_path str
Pkg Folder Path.
policyid float
Policy ID.
poolnames Sequence[str]
Name of IP pool object.
profile_group str
Name of profile group.
profile_protocol_options str
Name of an existing Protocol options profile.
profile_type str
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
proxy str
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
redirect_url str
Redirect URL for further explicit web proxy processing.
replacemsg_override_group str
Authentication replacement message override group.
scan_botnet_connections str
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
schedule str
Name of schedule object.
scopetype str
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctp_filter_profile str
Name of an existing SCTP filter profile.
service_negate str
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
services Sequence[str]
Name of service objects.
session_ttl float
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
spamfilter_profile str
Name of an existing Spam filter profile.
srcaddr6s Sequence[str]
IPv6 source address objects.
srcaddr_negate str
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
srcaddrs Sequence[str]
Source address objects.
srcintf str
Source interface names.
ssh_filter_profile str
Name of an existing SSH filter profile.
ssh_policy_redirect str
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
ssl_ssh_profile str
Name of an existing SSL SSH profile.
status str
Enable/disable the active status of the policy. Valid values: disable, enable.
transparent str
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
users Sequence[str]
Names of user objects.
utm_status str
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
uuid str
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilter_profile str
Name of an existing VideoFilter profile.
virtual_patch_profile str
Virtual-Patch-Profile.
voip_profile str
Name of an existing VoIP profile.
waf_profile str
Name of an existing Web application firewall profile.
webcache str
Enable/disable web caching. Valid values: disable, enable.
webcache_https str
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
webfilter_profile str
Name of an existing Web filter profile.
webproxy_forward_server str
Web proxy forward server name.
webproxy_profile str
Name of web proxy profile.
ztna_ems_tags Sequence[str]
ZTNA EMS Tag names.
ztna_proxies Sequence[str]
IPv4 ZTNA traffic forward proxy.
ztna_tags_match_logic str
ZTNA tag matching logic. Valid values: or, and.
_policyBlock Number
Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
accessProxies List<String>
Access Proxy.
accessProxy6 String
IPv6 access proxy.
action String
Accept or deny traffic matching the policy parameters. Valid values: accept, deny, redirect.
adom String
Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
applicationList String
Name of an existing Application list.
avProfile String
Name of an existing Antivirus profile.
blockNotification String
Enable/disable block notification. Valid values: disable, enable.
casbProfile String
Name of an existing CASB profile.
cifsProfile String
Name of an existing CIFS profile.
comments String
Optional comments.
decryptedTrafficMirror String
Decrypted traffic mirror.
detectHttpsInHttpRequest String
Enable/disable detection of HTTPS in HTTP request. Valid values: disable, enable.
deviceOwnership String
When enabled, the ownership enforcement will be done at policy level. Valid values: disable, enable.
diameterFilterProfile String
Name of an existing Diameter filter profile.
disclaimer String
Web proxy disclaimer setting: by domain, policy, or user. Valid values: disable, domain, policy, user.
dlpProfile String
Name of an existing DLP profile.
dlpSensor String
Name of an existing DLP sensor.
dnsfilterProfiles List<String>
Name of an existing DNS filter profile.
dstaddr6s List<String>
IPv6 destination address objects.
dstaddrNegate String
When enabled, destination addresses match against any address EXCEPT the specified destination addresses. Valid values: disable, enable.
dstaddrs List<String>
Destination address objects.
dstintfs List<String>
Destination interface names.
emailfilterProfile String
Name of an existing email filter profile.
fileFilterProfile String
Name of an existing file-filter profile.
globalLabel String
Global web-based manager visible label.
groups List<String>
Names of group objects.
httpTunnelAuth String
Enable/disable HTTP tunnel authentication. Valid values: disable, enable.
icapProfile String
Name of an existing ICAP profile.
internetService String
Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 String
Enable/disable use of Internet Services IPv6 for this policy. If enabled, destination IPv6 address and service are not used. Valid values: disable, enable.
internetService6CustomGroups List<String>
Custom Internet Service IPv6 group name.
internetService6Customs List<String>
Custom Internet Service IPv6 name.
internetService6Groups List<String>
Internet Service IPv6 group name.
internetService6Names List<String>
Internet Service IPv6 name.
internetService6Negate String
When enabled, Internet Services match against any internet service IPv6 EXCEPT the selected Internet Service IPv6. Valid values: disable, enable.
internetServiceCustom String
Custom Internet Service name.
internetServiceCustomGroup String
Custom Internet Service group name.
internetServiceGroup String
Internet Service group name.
internetServiceId String
Internet Service ID.
internetServiceName String
Internet Service name.
internetServiceNegate String
When enabled, Internet Services match against any internet service EXCEPT the selected Internet Service. Valid values: disable, enable.
ipsSensor String
Name of an existing IPS sensor.
ipsVoipFilter String
Name of an existing VoIP (ips) profile.
label String
VDOM-specific GUI visible label.
logHttpTransaction String
Enable/disable HTTP transaction log. Valid values: disable, enable.
logtraffic String
Enable/disable logging traffic through the policy. Valid values: disable, all, utm.
logtrafficStart String
Enable/disable policy log traffic start. Valid values: disable, enable.
mmsProfile String
Name of an existing MMS profile.
name String
Policy name.
packagesFirewallProxypolicyId String
an identifier for the resource with format {{policyid}}.
pkg String
Package.
pkgFolderPath String
Pkg Folder Path.
policyid Number
Policy ID.
poolnames List<String>
Name of IP pool object.
profileGroup String
Name of profile group.
profileProtocolOptions String
Name of an existing Protocol options profile.
profileType String
Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
proxy String
Type of explicit proxy. Valid values: explicit-web, transparent-web, ftp, wanopt, ssh, ssh-tunnel.
redirectUrl String
Redirect URL for further explicit web proxy processing.
replacemsgOverrideGroup String
Authentication replacement message override group.
scanBotnetConnections String
Enable/disable scanning of connections to Botnet servers. Valid values: disable, block, monitor.
schedule String
Name of schedule object.
scopetype String
The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile String
Name of an existing SCTP filter profile.
serviceNegate String
When enabled, services match against any service EXCEPT the specified destination services. Valid values: disable, enable.
services List<String>
Name of service objects.
sessionTtl Number
TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
spamfilterProfile String
Name of an existing Spam filter profile.
srcaddr6s List<String>
IPv6 source address objects.
srcaddrNegate String
When enabled, source addresses match against any address EXCEPT the specified source addresses. Valid values: disable, enable.
srcaddrs List<String>
Source address objects.
srcintf String
Source interface names.
sshFilterProfile String
Name of an existing SSH filter profile.
sshPolicyRedirect String
Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile String
Name of an existing SSL SSH profile.
status String
Enable/disable the active status of the policy. Valid values: disable, enable.
transparent String
Enable to use the IP address of the client to connect to the server. Valid values: disable, enable.
users List<String>
Names of user objects.
utmStatus String
Enable the use of UTM profiles/sensors/lists. Valid values: disable, enable.
uuid String
Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile String
Name of an existing VideoFilter profile.
virtualPatchProfile String
Virtual-Patch-Profile.
voipProfile String
Name of an existing VoIP profile.
wafProfile String
Name of an existing Web application firewall profile.
webcache String
Enable/disable web caching. Valid values: disable, enable.
webcacheHttps String
Enable/disable web caching for HTTPS (Requires deep-inspection enabled in ssl-ssh-profile). Valid values: disable, enable.
webfilterProfile String
Name of an existing Web filter profile.
webproxyForwardServer String
Web proxy forward server name.
webproxyProfile String
Name of web proxy profile.
ztnaEmsTags List<String>
ZTNA EMS Tag names.
ztnaProxies List<String>
IPv4 ZTNA traffic forward proxy.
ztnaTagsMatchLogic String
ZTNA tag matching logic. Valid values: or, and.

Import

Packages FirewallProxyPolicy can be imported using any of these accepted formats:

Set import_options = [“pkg_folder_path=YOUR_VALUE”, “pkg=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/packagesFirewallProxypolicy:PackagesFirewallProxypolicy labelname {{policyid}}
Copy

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes
This Pulumi package is based on the fortimanager Terraform Provider.