@pulumi/scm
Version:
A Pulumi package for managing resources on Strata Cloud Manager.. Based on terraform-provider-scm: version v0.2.1
1,468 lines (1,467 loc) • 441 kB
TypeScript
import * as outputs from "../types/output";
export interface AddressGroupDynamicValue {
/**
* Tag based filter defining group membership e.g. `tag1 AND tag2 OR tag3`. String length must not exceed 2047 characters.
*/
filter: string;
}
export interface AntiSpywareProfileMicaEngineSpywareEnabledList {
/**
* The InlinePolicyAction param. String must be one of these: `"alert"`, `"allow"`, `"drop"`, `"reset-both"`, `"reset-client"`, `"reset-server"`. Default: `"alert"`.
*/
inlinePolicyAction: string;
/**
* The Name param.
*/
name?: string;
}
export interface AntiSpywareProfileRule {
/**
* The Action param.
*/
action?: outputs.AntiSpywareProfileRuleAction;
/**
* The Category param. String must be one of these: `"dns-proxy"`, `"backdoor"`, `"data-theft"`, `"autogen"`, `"spyware"`, `"dns-security"`, `"downloader"`, `"dns-phishing"`, `"phishing-kit"`, `"cryptominer"`, `"hacktool"`, `"dns-benign"`, `"dns-wildfire"`, `"botnet"`, `"dns-grayware"`, `"inline-cloud-c2"`, `"keylogger"`, `"p2p-communication"`, `"domain-edl"`, `"webshell"`, `"command-and-control"`, `"dns-ddns"`, `"net-worm"`, `"any"`, `"tls-fingerprint"`, `"dns-new-domain"`, `"dns"`, `"fraud"`, `"dns-c2"`, `"adware"`, `"post-exploitation"`, `"dns-malware"`, `"browser-hijack"`, `"dns-parked"`.
*/
category?: string;
/**
* The Name param.
*/
name?: string;
/**
* The PacketCapture param. String must be one of these: `"disable"`, `"single-packet"`, `"extended-capture"`.
*/
packetCapture?: string;
/**
* The Severities param.
*/
severities?: string[];
/**
* The ThreatName param. String length must exceed 4 characters.
*/
threatName?: string;
}
export interface AntiSpywareProfileRuleAction {
/**
* The Alert param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
alert?: boolean;
/**
* The Allow param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
allow?: boolean;
/**
* The BlockIp param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
blockIp?: outputs.AntiSpywareProfileRuleActionBlockIp;
/**
* The Drop param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
drop?: boolean;
/**
* The ResetBoth param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetBoth?: boolean;
/**
* The ResetClient param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetClient?: boolean;
/**
* The ResetServer param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetServer?: boolean;
}
export interface AntiSpywareProfileRuleActionBlockIp {
/**
* The Duration param. Value must be between 1 and 3600.
*/
duration?: number;
/**
* The TrackBy param. String must be one of these: `"source-and-destination"`, `"source"`.
*/
trackBy?: string;
}
export interface AntiSpywareProfileThreatException {
/**
* The Action param.
*/
action?: outputs.AntiSpywareProfileThreatExceptionAction;
/**
* The ExemptIps param.
*/
exemptIps?: outputs.AntiSpywareProfileThreatExceptionExemptIp[];
/**
* The Name param.
*/
name?: string;
/**
* The Notes param.
*/
notes?: string;
/**
* The PacketCapture param. String must be one of these: `"disable"`, `"single-packet"`, `"extended-capture"`.
*/
packetCapture?: string;
}
export interface AntiSpywareProfileThreatExceptionAction {
/**
* The Alert param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `default`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
alert?: boolean;
/**
* The Allow param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `default`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
allow?: boolean;
/**
* The BlockIp param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `default`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
blockIp?: outputs.AntiSpywareProfileThreatExceptionActionBlockIp;
/**
* The Default param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `default`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
default?: boolean;
/**
* The Drop param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `default`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
drop?: boolean;
/**
* The ResetBoth param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `default`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetBoth?: boolean;
/**
* The ResetClient param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `default`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetClient?: boolean;
/**
* The ResetServer param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `default`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetServer?: boolean;
}
export interface AntiSpywareProfileThreatExceptionActionBlockIp {
/**
* The Duration param. Value must be between 1 and 3600.
*/
duration?: number;
/**
* The TrackBy param. String must be one of these: `"source-and-destination"`, `"source"`.
*/
trackBy?: string;
}
export interface AntiSpywareProfileThreatExceptionExemptIp {
/**
* The Name param.
*/
name: string;
}
export interface AntiSpywareSignatureDefaultAction {
/**
* The Alert param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
alert?: boolean;
/**
* The Allow param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
allow?: boolean;
/**
* The BlockIp param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
blockIp?: outputs.AntiSpywareSignatureDefaultActionBlockIp;
/**
* The Drop param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
drop?: boolean;
/**
* The ResetBoth param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetBoth?: boolean;
/**
* The ResetClient param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetClient?: boolean;
/**
* The ResetServer param. Ensure that only one of the following is specified: `alert`, `allow`, `blockIp`, `drop`, `resetBoth`, `resetClient`, `resetServer`
*/
resetServer?: boolean;
}
export interface AntiSpywareSignatureDefaultActionBlockIp {
/**
* The Duration param. Value must be between 1 and 3600.
*/
duration?: number;
/**
* The TrackBy param. String must be one of these: `"source-and-destination"`, `"source"`.
*/
trackBy?: string;
}
export interface AntiSpywareSignatureSignature {
/**
* The Combination param. Ensure that only one of the following is specified: `combination`, `standard`
*/
combination?: outputs.AntiSpywareSignatureSignatureCombination;
/**
* The Standards param. Ensure that only one of the following is specified: `combination`, `standard`
*/
standards?: outputs.AntiSpywareSignatureSignatureStandard[];
}
export interface AntiSpywareSignatureSignatureCombination {
/**
* The AndConditions param.
*/
andConditions?: outputs.AntiSpywareSignatureSignatureCombinationAndCondition[];
/**
* The OrderFree param. Default: `false`.
*/
orderFree: boolean;
/**
* The TimeAttribute param.
*/
timeAttribute?: outputs.AntiSpywareSignatureSignatureCombinationTimeAttribute;
}
export interface AntiSpywareSignatureSignatureCombinationAndCondition {
/**
* The Name param.
*/
name?: string;
/**
* The OrConditions param.
*/
orConditions?: outputs.AntiSpywareSignatureSignatureCombinationAndConditionOrCondition[];
}
export interface AntiSpywareSignatureSignatureCombinationAndConditionOrCondition {
/**
* The Name param.
*/
name?: string;
/**
* The ThreatId param.
*/
threatId?: string;
}
export interface AntiSpywareSignatureSignatureCombinationTimeAttribute {
/**
* The Interval param. Value must be between 1 and 3600.
*/
interval?: number;
/**
* The Threshold param. Value must be between 1 and 255.
*/
threshold?: number;
/**
* The TrackBy param. String must be one of these: `"source-and-destination"`, `"source"`, `"destination"`.
*/
trackBy?: string;
}
export interface AntiSpywareSignatureSignatureStandard {
/**
* The AndConditions param.
*/
andConditions?: outputs.AntiSpywareSignatureSignatureStandardAndCondition[];
/**
* The Comment param. String length must not exceed 256 characters.
*/
comment?: string;
/**
* The Name param.
*/
name: string;
/**
* The OrderFree param. Default: `false`.
*/
orderFree: boolean;
/**
* The Scope param. String must be one of these: `"protocol-data-unit"`, `"session"`.
*/
scope?: string;
}
export interface AntiSpywareSignatureSignatureStandardAndCondition {
/**
* The Name param.
*/
name?: string;
/**
* The OrConditions param.
*/
orConditions?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrCondition[];
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrCondition {
/**
* The Name param.
*/
name?: string;
/**
* The Operator param.
*/
operator?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperator;
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperator {
/**
* The EqualTo param.
*/
equalTo?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorEqualTo;
/**
* The GreaterThan param.
*/
greaterThan?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorGreaterThan;
/**
* The LessThan param.
*/
lessThan?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorLessThan;
/**
* The PatternMatch param.
*/
patternMatch?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorPatternMatch;
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorEqualTo {
/**
* The Context param.
*/
context?: string;
/**
* The Negate param. Default: `false`.
*/
negate: boolean;
/**
* The Qualifiers param.
*/
qualifiers?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorEqualToQualifier[];
/**
* The Value param. Value must be between 0 and 4294967295.
*/
value?: number;
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorEqualToQualifier {
/**
* The Name param.
*/
name?: string;
/**
* The Value param.
*/
value?: string;
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorGreaterThan {
/**
* The Context param.
*/
context?: string;
/**
* The Qualifiers param.
*/
qualifiers?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorGreaterThanQualifier[];
/**
* The Value param. Value must be between 0 and 4294967295.
*/
value?: number;
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorGreaterThanQualifier {
/**
* The Name param.
*/
name?: string;
/**
* The Value param.
*/
value?: string;
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorLessThan {
/**
* The Context param.
*/
context?: string;
/**
* The Qualifiers param.
*/
qualifiers?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorLessThanQualifier[];
/**
* The Value param. Value must be between 0 and 4294967295.
*/
value?: number;
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorLessThanQualifier {
/**
* The Name param.
*/
name?: string;
/**
* The Value param.
*/
value?: string;
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorPatternMatch {
/**
* The Context param.
*/
context?: string;
/**
* The Negate param. Default: `false`.
*/
negate: boolean;
/**
* The Pattern param.
*/
pattern?: string;
/**
* The Qualifiers param.
*/
qualifiers?: outputs.AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorPatternMatchQualifier[];
}
export interface AntiSpywareSignatureSignatureStandardAndConditionOrConditionOperatorPatternMatchQualifier {
/**
* The Name param.
*/
name?: string;
/**
* The Value param.
*/
value?: string;
}
export interface ApplicationDefault {
/**
* The IdentByIcmp6Type param. Ensure that only one of the following is specified: `identByIcmp6Type`, `identByIcmpType`, `identByIpProtocol`, `port`
*/
identByIcmp6Type?: outputs.ApplicationDefaultIdentByIcmp6Type;
/**
* The IdentByIcmpType param. Ensure that only one of the following is specified: `identByIcmp6Type`, `identByIcmpType`, `identByIpProtocol`, `port`
*/
identByIcmpType?: outputs.ApplicationDefaultIdentByIcmpType;
/**
* The IdentByIpProtocol param. Ensure that only one of the following is specified: `identByIcmp6Type`, `identByIcmpType`, `identByIpProtocol`, `port`
*/
identByIpProtocol?: string;
/**
* The Ports param. Individual elements in this list are subject to additional validation. String length must not exceed 63 characters. Ensure that only one of the following is specified: `identByIcmp6Type`, `identByIcmpType`, `identByIpProtocol`, `port`
*/
ports?: string[];
}
export interface ApplicationDefaultIdentByIcmp6Type {
/**
* The Code param.
*/
code?: string;
/**
* The Type param.
*/
type: string;
}
export interface ApplicationDefaultIdentByIcmpType {
/**
* The Code param.
*/
code?: string;
/**
* The Type param.
*/
type: string;
}
export interface ApplicationFilterTagging {
/**
* The NoTag param. Ensure that only one of the following is specified: `noTag`, `tag`
*/
noTag?: boolean;
/**
* The Tags param. Individual elements in this list are subject to additional validation. String length must not exceed 127 characters. Ensure that only one of the following is specified: `noTag`, `tag`
*/
tags?: string[];
}
export interface ApplicationSignature {
/**
* The AndConditions param.
*/
andConditions?: outputs.ApplicationSignatureAndCondition[];
/**
* The Comment param. String length must not exceed 256 characters.
*/
comment?: string;
/**
* Alphanumeric string [ 0-9a-zA-Z._-]. String length must not exceed 31 characters.
*/
name: string;
/**
* The OrderFree param. Default: `false`.
*/
orderFree: boolean;
/**
* The Scope param. String must be one of these: `"protocol-data-unit"`, `"session"`. Default: `"protocol-data-unit"`.
*/
scope: string;
}
export interface ApplicationSignatureAndCondition {
/**
* Alphanumeric string [ 0-9a-zA-Z._-]. String length must not exceed 31 characters.
*/
name: string;
/**
* The OrConditions param.
*/
orConditions?: outputs.ApplicationSignatureAndConditionOrCondition[];
}
export interface ApplicationSignatureAndConditionOrCondition {
/**
* Alphanumeric string [ 0-9a-zA-Z._-]. String length must not exceed 31 characters.
*/
name: string;
/**
* The Operator param.
*/
operator: outputs.ApplicationSignatureAndConditionOrConditionOperator;
}
export interface ApplicationSignatureAndConditionOrConditionOperator {
/**
* The EqualTo param. Ensure that only one of the following is specified: `equalTo`, `greaterThan`, `lessThan`, `patternMatch`
*/
equalTo?: outputs.ApplicationSignatureAndConditionOrConditionOperatorEqualTo;
/**
* The GreaterThan param. Ensure that only one of the following is specified: `equalTo`, `greaterThan`, `lessThan`, `patternMatch`
*/
greaterThan?: outputs.ApplicationSignatureAndConditionOrConditionOperatorGreaterThan;
/**
* The LessThan param. Ensure that only one of the following is specified: `equalTo`, `greaterThan`, `lessThan`, `patternMatch`
*/
lessThan?: outputs.ApplicationSignatureAndConditionOrConditionOperatorLessThan;
/**
* The PatternMatch param. Ensure that only one of the following is specified: `equalTo`, `greaterThan`, `lessThan`, `patternMatch`
*/
patternMatch?: outputs.ApplicationSignatureAndConditionOrConditionOperatorPatternMatch;
}
export interface ApplicationSignatureAndConditionOrConditionOperatorEqualTo {
/**
* The Context param.
*/
context: string;
/**
* 4-byte hex value. String length must not exceed 10 characters. String validation regex: `^[0][xX][0-9A-Fa-f]{8}$`.
*/
mask?: string;
/**
* The Position param. String length must not exceed 127 characters.
*/
position?: string;
/**
* The Value param. String length must not exceed 10 characters.
*/
value: string;
}
export interface ApplicationSignatureAndConditionOrConditionOperatorGreaterThan {
/**
* The Context param. String length must not exceed 127 characters.
*/
context: string;
/**
* The Qualifiers param.
*/
qualifiers?: outputs.ApplicationSignatureAndConditionOrConditionOperatorGreaterThanQualifier[];
/**
* The Value param. Value must be between 0 and 4294967295.
*/
value: number;
}
export interface ApplicationSignatureAndConditionOrConditionOperatorGreaterThanQualifier {
/**
* Alphanumeric string [ 0-9a-zA-Z._-]. String length must not exceed 31 characters.
*/
name: string;
/**
* The Value param.
*/
value: string;
}
export interface ApplicationSignatureAndConditionOrConditionOperatorLessThan {
/**
* The Context param. String length must not exceed 127 characters.
*/
context: string;
/**
* The Qualifiers param.
*/
qualifiers?: outputs.ApplicationSignatureAndConditionOrConditionOperatorLessThanQualifier[];
/**
* The Value param. Value must be between 0 and 4294967295.
*/
value: number;
}
export interface ApplicationSignatureAndConditionOrConditionOperatorLessThanQualifier {
/**
* Alphanumeric string [ 0-9a-zA-Z._-]. String length must not exceed 31 characters.
*/
name: string;
/**
* The Value param.
*/
value: string;
}
export interface ApplicationSignatureAndConditionOrConditionOperatorPatternMatch {
/**
* The Context param. String length must not exceed 127 characters.
*/
context: string;
/**
* The Pattern param. String length must not exceed 127 characters.
*/
pattern: string;
/**
* The Qualifiers param.
*/
qualifiers?: outputs.ApplicationSignatureAndConditionOrConditionOperatorPatternMatchQualifier[];
}
export interface ApplicationSignatureAndConditionOrConditionOperatorPatternMatchQualifier {
/**
* Alphanumeric string [ 0-9a-zA-Z._-]. String length must not exceed 31 characters.
*/
name: string;
/**
* The Value param.
*/
value: string;
}
export interface AuthenticationProfileLockout {
/**
* The FailedAttempts param. Value must be between 0 and 10.
*/
failedAttempts?: number;
/**
* The LockoutTime param. Value must be between 0 and 60.
*/
lockoutTime?: number;
}
export interface AuthenticationProfileMethod {
/**
* The Cloud param. Ensure that only one of the following is specified: `cloud`, `kerberos`, `ldap`, `localDatabase`, `radius`, `samlIdp`, `tacplus`
*/
cloud?: outputs.AuthenticationProfileMethodCloud;
/**
* The Kerberos param. Ensure that only one of the following is specified: `cloud`, `kerberos`, `ldap`, `localDatabase`, `radius`, `samlIdp`, `tacplus`
*/
kerberos?: outputs.AuthenticationProfileMethodKerberos;
/**
* The Ldap param. Ensure that only one of the following is specified: `cloud`, `kerberos`, `ldap`, `localDatabase`, `radius`, `samlIdp`, `tacplus`
*/
ldap?: outputs.AuthenticationProfileMethodLdap;
/**
* The LocalDatabase param. Ensure that only one of the following is specified: `cloud`, `kerberos`, `ldap`, `localDatabase`, `radius`, `samlIdp`, `tacplus`
*/
localDatabase?: boolean;
/**
* The Radius param. Ensure that only one of the following is specified: `cloud`, `kerberos`, `ldap`, `localDatabase`, `radius`, `samlIdp`, `tacplus`
*/
radius?: outputs.AuthenticationProfileMethodRadius;
/**
* The SamlIdp param. Ensure that only one of the following is specified: `cloud`, `kerberos`, `ldap`, `localDatabase`, `radius`, `samlIdp`, `tacplus`
*/
samlIdp?: outputs.AuthenticationProfileMethodSamlIdp;
/**
* The Tacplus param. Ensure that only one of the following is specified: `cloud`, `kerberos`, `ldap`, `localDatabase`, `radius`, `samlIdp`, `tacplus`
*/
tacplus?: outputs.AuthenticationProfileMethodTacplus;
}
export interface AuthenticationProfileMethodCloud {
/**
* The tenant profile name.
*/
profileName?: string;
}
export interface AuthenticationProfileMethodKerberos {
/**
* The Realm param.
*/
realm?: string;
/**
* The ServerProfile param.
*/
serverProfile?: string;
}
export interface AuthenticationProfileMethodLdap {
/**
* The LoginAttribute param.
*/
loginAttribute?: string;
/**
* The PasswdExpDays param.
*/
passwdExpDays?: number;
/**
* The ServerProfile param.
*/
serverProfile?: string;
}
export interface AuthenticationProfileMethodRadius {
/**
* The Checkgroup param.
*/
checkgroup?: boolean;
/**
* The ServerProfile param.
*/
serverProfile?: string;
}
export interface AuthenticationProfileMethodSamlIdp {
/**
* The AttributeNameUsergroup param. String length must be between 1 and 63 characters.
*/
attributeNameUsergroup?: string;
/**
* The AttributeNameUsername param. String length must be between 1 and 63 characters.
*/
attributeNameUsername?: string;
/**
* The CertificateProfile param. String length must not exceed 31 characters.
*/
certificateProfile?: string;
/**
* The EnableSingleLogout param.
*/
enableSingleLogout?: boolean;
/**
* The RequestSigningCertificate param. String length must not exceed 64 characters.
*/
requestSigningCertificate?: string;
/**
* The ServerProfile param. String length must not exceed 63 characters.
*/
serverProfile?: string;
}
export interface AuthenticationProfileMethodTacplus {
/**
* The Checkgroup param.
*/
checkgroup?: boolean;
/**
* The ServerProfile param.
*/
serverProfile?: string;
}
export interface AuthenticationProfileMultiFactorAuth {
/**
* The Factors param.
*/
factors?: string[];
/**
* The MfaEnable param.
*/
mfaEnable?: boolean;
}
export interface AuthenticationProfileSingleSignOn {
/**
* The KerberosKeytab param. String length must not exceed 8192 characters.
*/
kerberosKeytab?: string;
/**
* The Realm param. String length must not exceed 127 characters.
*/
realm?: string;
}
export interface CertificateProfileCaCertificate {
/**
* The DefaultOcspUrl param.
*/
defaultOcspUrl?: string;
/**
* The Name param.
*/
name?: string;
/**
* The OcspVerifyCert param.
*/
ocspVerifyCert?: string;
/**
* The TemplateName param.
*/
templateName?: string;
}
export interface CertificateProfileUsernameField {
/**
* The Subject param. String must be one of these: `"common-name"`.
*/
subject?: string;
/**
* The SubjectAlt param. String must be one of these: `"email"`.
*/
subjectAlt?: string;
}
export interface DecryptionProfileSslForwardProxy {
/**
* The AutoIncludeAltname param. Default: `false`.
*/
autoIncludeAltname: boolean;
/**
* The BlockClientCert param. Default: `false`.
*/
blockClientCert: boolean;
/**
* The BlockExpiredCertificate param. Default: `false`.
*/
blockExpiredCertificate: boolean;
/**
* The BlockTimeoutCert param. Default: `false`.
*/
blockTimeoutCert: boolean;
/**
* The BlockTls13DowngradeNoResource param. Default: `false`.
*/
blockTls13DowngradeNoResource: boolean;
/**
* The BlockUnknownCert param. Default: `false`.
*/
blockUnknownCert: boolean;
/**
* The BlockUnsupportedCipher param. Default: `false`.
*/
blockUnsupportedCipher: boolean;
/**
* The BlockUnsupportedVersion param. Default: `false`.
*/
blockUnsupportedVersion: boolean;
/**
* The BlockUntrustedIssuer param. Default: `false`.
*/
blockUntrustedIssuer: boolean;
/**
* The RestrictCertExts param. Default: `false`.
*/
restrictCertExts: boolean;
/**
* The StripAlpn param. Default: `false`.
*/
stripAlpn: boolean;
}
export interface DecryptionProfileSslInboundProxy {
/**
* The BlockIfHsmUnavailable param. Default: `false`.
*/
blockIfHsmUnavailable: boolean;
/**
* The BlockIfNoResource param. Default: `false`.
*/
blockIfNoResource: boolean;
/**
* The BlockUnsupportedCipher param. Default: `false`.
*/
blockUnsupportedCipher: boolean;
/**
* The BlockUnsupportedVersion param. Default: `false`.
*/
blockUnsupportedVersion: boolean;
}
export interface DecryptionProfileSslNoProxy {
/**
* The BlockExpiredCertificate param. Default: `false`.
*/
blockExpiredCertificate: boolean;
/**
* The BlockUntrustedIssuer param. Default: `false`.
*/
blockUntrustedIssuer: boolean;
}
export interface DecryptionProfileSslProtocolSettings {
/**
* The AuthAlgoMd5 param. Default: `true`.
*/
authAlgoMd5: boolean;
/**
* The AuthAlgoSha1 param. Default: `true`.
*/
authAlgoSha1: boolean;
/**
* The AuthAlgoSha256 param. Default: `true`.
*/
authAlgoSha256: boolean;
/**
* The AuthAlgoSha384 param. Default: `true`.
*/
authAlgoSha384: boolean;
/**
* The EncAlgo3des param. Default: `true`.
*/
encAlgo3des: boolean;
/**
* The EncAlgoAes128Cbc param. Default: `true`.
*/
encAlgoAes128Cbc: boolean;
/**
* The EncAlgoAes128Gcm param. Default: `true`.
*/
encAlgoAes128Gcm: boolean;
/**
* The EncAlgoAes256Cbc param. Default: `true`.
*/
encAlgoAes256Cbc: boolean;
/**
* The EncAlgoAes256Gcm param. Default: `true`.
*/
encAlgoAes256Gcm: boolean;
/**
* The EncAlgoChacha20Poly1305 param. Default: `true`.
*/
encAlgoChacha20Poly1305: boolean;
/**
* The EncAlgoRc4 param. Default: `true`.
*/
encAlgoRc4: boolean;
/**
* The KeyxchgAlgoDhe param. Default: `true`.
*/
keyxchgAlgoDhe: boolean;
/**
* The KeyxchgAlgoEcdhe param. Default: `true`.
*/
keyxchgAlgoEcdhe: boolean;
/**
* The KeyxchgAlgoRsa param. Default: `true`.
*/
keyxchgAlgoRsa: boolean;
/**
* The MaxVersion param. String must be one of these: `"sslv3"`, `"tls1-0"`, `"tls1-1"`, `"tls1-2"`, `"tls1-3"`, `"max"`. Default: `"tls1-2"`.
*/
maxVersion: string;
/**
* The MinVersion param. String must be one of these: `"sslv3"`, `"tls1-0"`, `"tls1-1"`, `"tls1-2"`, `"tls1-3"`. Default: `"tls1-0"`.
*/
minVersion: string;
}
export interface DecryptionRuleType {
/**
* The SslForwardProxy param. Ensure that only one of the following is specified: `sslForwardProxy`, `sslInboundInspection`
*/
sslForwardProxy?: boolean;
/**
* add the certificate name for SSL inbound inspection. Ensure that only one of the following is specified: `sslForwardProxy`, `sslInboundInspection`
*/
sslInboundInspection?: string;
}
export interface DnsSecurityProfileBotnetDomains {
/**
* The DnsSecurityCategories param.
*/
dnsSecurityCategories?: outputs.DnsSecurityProfileBotnetDomainsDnsSecurityCategory[];
/**
* The Lists param.
*/
lists?: outputs.DnsSecurityProfileBotnetDomainsList[];
/**
* The Sinkhole param.
*/
sinkhole?: outputs.DnsSecurityProfileBotnetDomainsSinkhole;
/**
* The Whitelists param.
*/
whitelists?: outputs.DnsSecurityProfileBotnetDomainsWhitelist[];
}
export interface DnsSecurityProfileBotnetDomainsDnsSecurityCategory {
/**
* The Action param. String must be one of these: `"default"`, `"allow"`, `"block"`, `"sinkhole"`. Default: `"default"`.
*/
action: string;
/**
* The LogLevel param. String must be one of these: `"default"`, `"none"`, `"low"`, `"informational"`, `"medium"`, `"high"`, `"critical"`. Default: `"default"`.
*/
logLevel: string;
/**
* The Name param.
*/
name?: string;
/**
* The PacketCapture param. String must be one of these: `"disable"`, `"single-packet"`, `"extended-capture"`.
*/
packetCapture?: string;
}
export interface DnsSecurityProfileBotnetDomainsList {
/**
* The Action param.
*/
action?: outputs.DnsSecurityProfileBotnetDomainsListAction;
/**
* The Name param.
*/
name: string;
/**
* The PacketCapture param. String must be one of these: `"disable"`, `"single-packet"`, `"extended-capture"`.
*/
packetCapture?: string;
}
export interface DnsSecurityProfileBotnetDomainsListAction {
/**
* The Alert param. Ensure that only one of the following is specified: `alert`, `allow`, `block`, `sinkhole`
*/
alert?: boolean;
/**
* The Allow param. Ensure that only one of the following is specified: `alert`, `allow`, `block`, `sinkhole`
*/
allow?: boolean;
/**
* The Block param. Ensure that only one of the following is specified: `alert`, `allow`, `block`, `sinkhole`
*/
block?: boolean;
/**
* The Sinkhole param. Ensure that only one of the following is specified: `alert`, `allow`, `block`, `sinkhole`
*/
sinkhole?: boolean;
}
export interface DnsSecurityProfileBotnetDomainsSinkhole {
/**
* The Ipv4Address param. String must be one of these: `"127.0.0.1"`, `"pan-sinkhole-default-ip"`.
*/
ipv4Address?: string;
/**
* The Ipv6Address param. String must be one of these: `"::1"`.
*/
ipv6Address?: string;
}
export interface DnsSecurityProfileBotnetDomainsWhitelist {
/**
* The Description param.
*/
description?: string;
/**
* The Name param.
*/
name: string;
}
export interface ExternalDynamicListType {
/**
* The Domain param. Ensure that only one of the following is specified: `domain`, `imei`, `imsi`, `ip`, `predefinedIp`, `predefinedUrl`, `url`
*/
domain?: outputs.ExternalDynamicListTypeDomain;
/**
* The Imei param. Ensure that only one of the following is specified: `domain`, `imei`, `imsi`, `ip`, `predefinedIp`, `predefinedUrl`, `url`
*/
imei?: outputs.ExternalDynamicListTypeImei;
/**
* The Imsi param. Ensure that only one of the following is specified: `domain`, `imei`, `imsi`, `ip`, `predefinedIp`, `predefinedUrl`, `url`
*/
imsi?: outputs.ExternalDynamicListTypeImsi;
/**
* The Ip param. Ensure that only one of the following is specified: `domain`, `imei`, `imsi`, `ip`, `predefinedIp`, `predefinedUrl`, `url`
*/
ip?: outputs.ExternalDynamicListTypeIp;
/**
* The PredefinedIp param. Ensure that only one of the following is specified: `domain`, `imei`, `imsi`, `ip`, `predefinedIp`, `predefinedUrl`, `url`
*/
predefinedIp?: outputs.ExternalDynamicListTypePredefinedIp;
/**
* The PredefinedUrl param. Ensure that only one of the following is specified: `domain`, `imei`, `imsi`, `ip`, `predefinedIp`, `predefinedUrl`, `url`
*/
predefinedUrl?: outputs.ExternalDynamicListTypePredefinedUrl;
/**
* The Url param. Ensure that only one of the following is specified: `domain`, `imei`, `imsi`, `ip`, `predefinedIp`, `predefinedUrl`, `url`
*/
url?: outputs.ExternalDynamicListTypeUrl;
}
export interface ExternalDynamicListTypeDomain {
/**
* Profile for authenticating client certificates. Default: `"None"`.
*/
certificateProfile: string;
/**
* The Description param. String length must not exceed 255 characters.
*/
description?: string;
/**
* The DomainAuth param.
*/
domainAuth?: outputs.ExternalDynamicListTypeDomainDomainAuth;
/**
* The ExceptionList param. Individual elements in this list are subject to additional validation. String length must not exceed 255 characters.
*/
exceptionLists?: string[];
/**
* Enable/Disable expand domain. Default: `false`.
*/
expandDomain: boolean;
/**
* The Recurring param.
*/
recurring: outputs.ExternalDynamicListTypeDomainRecurring;
/**
* The Url param. String length must not exceed 255 characters. Default: `"http://"`.
*/
url: string;
}
export interface ExternalDynamicListTypeDomainDomainAuth {
/**
* The Password param. String length must not exceed 255 characters.
*/
password: string;
/**
* The Username param. String length must be between 1 and 255 characters.
*/
username: string;
}
export interface ExternalDynamicListTypeDomainRecurring {
/**
* The Daily param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
daily?: outputs.ExternalDynamicListTypeDomainRecurringDaily;
/**
* The FiveMinute param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
fiveMinute?: boolean;
/**
* The Hourly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
hourly?: boolean;
/**
* The Monthly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
monthly?: outputs.ExternalDynamicListTypeDomainRecurringMonthly;
/**
* The Weekly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
weekly?: outputs.ExternalDynamicListTypeDomainRecurringWeekly;
}
export interface ExternalDynamicListTypeDomainRecurringDaily {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
}
export interface ExternalDynamicListTypeDomainRecurringMonthly {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
/**
* The DayOfMonth param. Value must be between 1 and 31.
*/
dayOfMonth: number;
}
export interface ExternalDynamicListTypeDomainRecurringWeekly {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
/**
* The DayOfWeek param. String must be one of these: `"sunday"`, `"monday"`, `"tuesday"`, `"wednesday"`, `"thursday"`, `"friday"`, `"saturday"`.
*/
dayOfWeek: string;
}
export interface ExternalDynamicListTypeImei {
/**
* Profile for authenticating client certificates. Default: `"None"`.
*/
certificateProfile: string;
/**
* The Description param. String length must not exceed 255 characters.
*/
description?: string;
/**
* The ExceptionList param. Individual elements in this list are subject to additional validation. String length must not exceed 32 characters.
*/
exceptionLists?: string[];
/**
* The ImeiAuth param.
*/
imeiAuth?: outputs.ExternalDynamicListTypeImeiImeiAuth;
/**
* The Recurring param.
*/
recurring: outputs.ExternalDynamicListTypeImeiRecurring;
/**
* The Url param. String length must not exceed 255 characters. Default: `"http://"`.
*/
url: string;
}
export interface ExternalDynamicListTypeImeiImeiAuth {
/**
* The Password param. String length must not exceed 255 characters.
*/
password: string;
/**
* The Username param. String length must be between 1 and 255 characters.
*/
username: string;
}
export interface ExternalDynamicListTypeImeiRecurring {
/**
* The Daily param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
daily?: outputs.ExternalDynamicListTypeImeiRecurringDaily;
/**
* The FiveMinute param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
fiveMinute?: boolean;
/**
* The Hourly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
hourly?: boolean;
/**
* The Monthly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
monthly?: outputs.ExternalDynamicListTypeImeiRecurringMonthly;
/**
* The Weekly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
weekly?: outputs.ExternalDynamicListTypeImeiRecurringWeekly;
}
export interface ExternalDynamicListTypeImeiRecurringDaily {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
}
export interface ExternalDynamicListTypeImeiRecurringMonthly {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
/**
* The DayOfMonth param. Value must be between 1 and 31.
*/
dayOfMonth: number;
}
export interface ExternalDynamicListTypeImeiRecurringWeekly {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
/**
* The DayOfWeek param. String must be one of these: `"sunday"`, `"monday"`, `"tuesday"`, `"wednesday"`, `"thursday"`, `"friday"`, `"saturday"`.
*/
dayOfWeek: string;
}
export interface ExternalDynamicListTypeImsi {
/**
* Profile for authenticating client certificates. Default: `"None"`.
*/
certificateProfile: string;
/**
* The Description param. String length must not exceed 255 characters.
*/
description?: string;
/**
* The ExceptionList param. Individual elements in this list are subject to additional validation. String length must not exceed 34 characters.
*/
exceptionLists?: string[];
/**
* The ImsiAuth param.
*/
imsiAuth?: outputs.ExternalDynamicListTypeImsiImsiAuth;
/**
* The Recurring param.
*/
recurring: outputs.ExternalDynamicListTypeImsiRecurring;
/**
* The Url param. String length must not exceed 255 characters. Default: `"http://"`.
*/
url: string;
}
export interface ExternalDynamicListTypeImsiImsiAuth {
/**
* The Password param. String length must not exceed 255 characters.
*/
password: string;
/**
* The Username param. String length must be between 1 and 255 characters.
*/
username: string;
}
export interface ExternalDynamicListTypeImsiRecurring {
/**
* The Daily param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
daily?: outputs.ExternalDynamicListTypeImsiRecurringDaily;
/**
* The FiveMinute param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
fiveMinute?: boolean;
/**
* The Hourly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
hourly?: boolean;
/**
* The Monthly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
monthly?: outputs.ExternalDynamicListTypeImsiRecurringMonthly;
/**
* The Weekly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
weekly?: outputs.ExternalDynamicListTypeImsiRecurringWeekly;
}
export interface ExternalDynamicListTypeImsiRecurringDaily {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
}
export interface ExternalDynamicListTypeImsiRecurringMonthly {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
/**
* The DayOfMonth param. Value must be between 1 and 31.
*/
dayOfMonth: number;
}
export interface ExternalDynamicListTypeImsiRecurringWeekly {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
/**
* The DayOfWeek param. String must be one of these: `"sunday"`, `"monday"`, `"tuesday"`, `"wednesday"`, `"thursday"`, `"friday"`, `"saturday"`.
*/
dayOfWeek: string;
}
export interface ExternalDynamicListTypeIp {
/**
* Profile for authenticating client certificates. Default: `"None"`.
*/
certificateProfile: string;
/**
* The Description param. String length must not exceed 255 characters.
*/
description?: string;
/**
* The ExceptionList param. Individual elements in this list are subject to additional validation. String length must not exceed 255 characters.
*/
exceptionLists?: string[];
/**
* The IpAuth param.
*/
ipAuth?: outputs.ExternalDynamicListTypeIpIpAuth;
/**
* The Recurring param.
*/
recurring: outputs.ExternalDynamicListTypeIpRecurring;
/**
* The Url param. String length must not exceed 255 characters. Default: `"http://"`.
*/
url: string;
}
export interface ExternalDynamicListTypeIpIpAuth {
/**
* The Password param. String length must not exceed 255 characters.
*/
password: string;
/**
* The Username param. String length must be between 1 and 255 characters.
*/
username: string;
}
export interface ExternalDynamicListTypeIpRecurring {
/**
* The Daily param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
daily?: outputs.ExternalDynamicListTypeIpRecurringDaily;
/**
* The FiveMinute param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
fiveMinute?: boolean;
/**
* The Hourly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
hourly?: boolean;
/**
* The Monthly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
monthly?: outputs.ExternalDynamicListTypeIpRecurringMonthly;
/**
* The Weekly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
weekly?: outputs.ExternalDynamicListTypeIpRecurringWeekly;
}
export interface ExternalDynamicListTypeIpRecurringDaily {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
}
export interface ExternalDynamicListTypeIpRecurringMonthly {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
/**
* The DayOfMonth param. Value must be between 1 and 31.
*/
dayOfMonth: number;
}
export interface ExternalDynamicListTypeIpRecurringWeekly {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/
at: string;
/**
* The DayOfWeek param. String must be one of these: `"sunday"`, `"monday"`, `"tuesday"`, `"wednesday"`, `"thursday"`, `"friday"`, `"saturday"`.
*/
dayOfWeek: string;
}
export interface ExternalDynamicListTypePredefinedIp {
/**
* The Description param. String length must not exceed 255 characters.
*/
description?: string;
/**
* The ExceptionList param. Individual elements in this list are subject to additional validation. String length must not exceed 255 characters.
*/
exceptionLists?: string[];
/**
* The Url param.
*/
url: string;
}
export interface ExternalDynamicListTypePredefinedUrl {
/**
* The Description param. String length must not exceed 255 characters.
*/
description?: string;
/**
* The ExceptionList param. Individual elements in this list are subject to additional validation. String length must not exceed 255 characters.
*/
exceptionLists?: string[];
/**
* The Url param.
*/
url: string;
}
export interface ExternalDynamicListTypeUrl {
/**
* Profile for authenticating client certificates. Default: `"None"`.
*/
certificateProfile: string;
/**
* The Description param. String length must not exceed 255 characters.
*/
description?: string;
/**
* The ExceptionList param. Individual elements in this list are subject to additional validation. String length must not exceed 255 characters.
*/
exceptionLists?: string[];
/**
* The Recurring param.
*/
recurring: outputs.ExternalDynamicListTypeUrlRecurring;
/**
* The Url param. String length must not exceed 255 characters. Default: `"http://"`.
*/
url: string;
/**
* The UrlAuth param.
*/
urlAuth?: outputs.ExternalDynamicListTypeUrlUrlAuth;
}
export interface ExternalDynamicListTypeUrlRecurring {
/**
* The Daily param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
daily?: outputs.ExternalDynamicListTypeUrlRecurringDaily;
/**
* The FiveMinute param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
fiveMinute?: boolean;
/**
* The Hourly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
hourly?: boolean;
/**
* The Monthly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
monthly?: outputs.ExternalDynamicListTypeUrlRecurringMonthly;
/**
* The Weekly param. Ensure that only one of the following is specified: `daily`, `fiveMinute`, `hourly`, `monthly`, `weekly`
*/
weekly?: outputs.ExternalDynamicListTypeUrlRecurringWeekly;
}
export interface ExternalDynamicListTypeUrlRecurringDaily {
/**
* Time specification hh (e.g. 20). String length must be between 2 and 2 characters. String validation regex: `([01][0-9]|[2][0-3])`. Default: `"00"`.
*/