@pulumiverse/fortios/firewall/getPolicy6.d.ts

A Pulumi package for creating and managing Fortios resources. Based on terraform-provider-fortios: version v1.16.0

import * as pulumi from "@pulumi/pulumi";
import * as outputs from "../types/output";
/**
 * Use this data source to get information on an fortios firewall policy6
 */
export declare function getPolicy6(args: GetPolicy6Args, opts?: pulumi.InvokeOptions): Promise<GetPolicy6Result>;
/**
 * A collection of arguments for invoking getPolicy6.
 */
export interface GetPolicy6Args {
    /**
     * Specify the policyid of the desired firewall policy6.
     */
    policyid: number;
    /**
     * Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
     */
    vdomparam?: string;
}
/**
 * A collection of values returned by getPolicy6.
 */
export interface GetPolicy6Result {
    /**
     * Policy action (allow/deny/ipsec).
     */
    readonly action: string;
    /**
     * Enable/disable anti-replay check.
     */
    readonly antiReplay: string;
    /**
     * Application category ID list. The structure of `appCategory` block is documented below.
     */
    readonly appCategories: outputs.firewall.GetPolicy6AppCategory[];
    /**
     * Application group names. The structure of `appGroup` block is documented below.
     */
    readonly appGroups: outputs.firewall.GetPolicy6AppGroup[];
    /**
     * Name of an existing Application list.
     */
    readonly applicationList: string;
    /**
     * Application ID list. The structure of `application` block is documented below.
     */
    readonly applications: outputs.firewall.GetPolicy6Application[];
    /**
     * Enable/disable policy traffic ASIC offloading.
     */
    readonly autoAsicOffload: string;
    /**
     * Name of an existing Antivirus profile.
     */
    readonly avProfile: string;
    /**
     * Name of an existing CIFS profile.
     */
    readonly cifsProfile: string;
    /**
     * Comment.
     */
    readonly comments: string;
    /**
     * Log field index numbers to append custom log fields to log messages for this policy. The structure of `customLogFields` block is documented below.
     */
    readonly customLogFields: outputs.firewall.GetPolicy6CustomLogField[];
    /**
     * Decrypted traffic mirror.
     */
    readonly decryptedTrafficMirror: string;
    /**
     * Names of devices or device groups that can be matched by the policy. The structure of `devices` block is documented below.
     */
    readonly devices: outputs.firewall.GetPolicy6Device[];
    /**
     * Enable to change packet's DiffServ values to the specified diffservcode-forward value.
     */
    readonly diffservForward: string;
    /**
     * Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value.
     */
    readonly diffservReverse: string;
    /**
     * Change packet's DiffServ to this value.
     */
    readonly diffservcodeForward: string;
    /**
     * Change packet's reverse (reply) DiffServ to this value.
     */
    readonly diffservcodeRev: string;
    /**
     * Name of an existing DLP sensor.
     */
    readonly dlpSensor: string;
    /**
     * Name of an existing DNS filter profile.
     */
    readonly dnsfilterProfile: string;
    /**
     * Enable DSRI to ignore HTTP server responses.
     */
    readonly dsri: string;
    /**
     * When enabled dstaddr specifies what the destination address must NOT be.
     */
    readonly dstaddrNegate: string;
    /**
     * Destination address and address group names. The structure of `dstaddr` block is documented below.
     */
    readonly dstaddrs: outputs.firewall.GetPolicy6Dstaddr[];
    /**
     * Outgoing (egress) interface. The structure of `dstintf` block is documented below.
     */
    readonly dstintfs: outputs.firewall.GetPolicy6Dstintf[];
    /**
     * Name of an existing email filter profile.
     */
    readonly emailfilterProfile: string;
    /**
     * How to handle sessions if the configuration of this firewall policy changes.
     */
    readonly firewallSessionDirty: string;
    /**
     * Enable to prevent source NAT from changing a session's source port.
     */
    readonly fixedport: string;
    /**
     * Names of FSSO groups. The structure of `fssoGroups` block is documented below.
     */
    readonly fssoGroups: outputs.firewall.GetPolicy6FssoGroup[];
    /**
     * Label for the policy that appears when the GUI is in Global View mode.
     */
    readonly globalLabel: string;
    /**
     * Names of user groups that can authenticate with this policy. The structure of `groups` block is documented below.
     */
    readonly groups: outputs.firewall.GetPolicy6Group[];
    /**
     * Redirect HTTP(S) traffic to matching transparent web proxy policy.
     */
    readonly httpPolicyRedirect: string;
    /**
     * Name of an existing ICAP profile.
     */
    readonly icapProfile: string;
    /**
     * The provider-assigned unique ID for this managed resource.
     */
    readonly id: string;
    /**
     * Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN.
     */
    readonly inbound: string;
    /**
     * Policy inspection mode (Flow/proxy). Default is Flow mode.
     */
    readonly inspectionMode: string;
    /**
     * Enable to use IP Pools for source NAT.
     */
    readonly ippool: string;
    /**
     * Name of an existing IPS sensor.
     */
    readonly ipsSensor: string;
    /**
     * Label for the policy that appears when the GUI is in Section View mode.
     */
    readonly label: string;
    /**
     * Enable or disable logging. Log all sessions or security profile sessions.
     */
    readonly logtraffic: string;
    /**
     * Record logs when a session starts.
     */
    readonly logtrafficStart: string;
    /**
     * Names of FSSO groups.
     */
    readonly name: string;
    /**
     * Enable/disable source NAT.
     */
    readonly nat: string;
    /**
     * Policy-based IPsec VPN: apply destination NAT to inbound traffic.
     */
    readonly natinbound: string;
    /**
     * Policy-based IPsec VPN: apply source NAT to outbound traffic.
     */
    readonly natoutbound: string;
    /**
     * Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN.
     */
    readonly outbound: string;
    /**
     * Per-IP traffic shaper.
     */
    readonly perIpShaper: string;
    /**
     * Policy ID.
     */
    readonly policyid: number;
    /**
     * IP Pool names. The structure of `poolname` block is documented below.
     */
    readonly poolnames: outputs.firewall.GetPolicy6Poolname[];
    /**
     * Name of profile group.
     */
    readonly profileGroup: string;
    /**
     * Name of an existing Protocol options profile.
     */
    readonly profileProtocolOptions: string;
    /**
     * Determine whether the firewall policy allows security profile groups or single profiles only.
     */
    readonly profileType: string;
    /**
     * Override the default replacement message group for this policy.
     */
    readonly replacemsgOverrideGroup: string;
    /**
     * Enable/disable RADIUS single sign-on (RSSO).
     */
    readonly rsso: string;
    /**
     * Schedule name.
     */
    readonly schedule: string;
    /**
     * Enable/disable return of deny-packet.
     */
    readonly sendDenyPacket: string;
    /**
     * When enabled service specifies what the service must NOT be.
     */
    readonly serviceNegate: string;
    /**
     * Service and service group names. The structure of `service` block is documented below.
     */
    readonly services: outputs.firewall.GetPolicy6Service[];
    /**
     * Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
     */
    readonly sessionTtl: number;
    /**
     * Name of an existing Spam filter profile.
     */
    readonly spamfilterProfile: string;
    /**
     * When enabled srcaddr specifies what the source address must NOT be.
     */
    readonly srcaddrNegate: string;
    /**
     * Source address and address group names. The structure of `srcaddr` block is documented below.
     */
    readonly srcaddrs: outputs.firewall.GetPolicy6Srcaddr[];
    /**
     * Incoming (ingress) interface. The structure of `srcintf` block is documented below.
     */
    readonly srcintfs: outputs.firewall.GetPolicy6Srcintf[];
    /**
     * Name of an existing SSH filter profile.
     */
    readonly sshFilterProfile: string;
    /**
     * Redirect SSH traffic to matching transparent proxy policy.
     */
    readonly sshPolicyRedirect: string;
    /**
     * Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring).
     */
    readonly sslMirror: string;
    /**
     * SSL mirror interface name. The structure of `sslMirrorIntf` block is documented below.
     */
    readonly sslMirrorIntfs: outputs.firewall.GetPolicy6SslMirrorIntf[];
    /**
     * Name of an existing SSL SSH profile.
     */
    readonly sslSshProfile: string;
    /**
     * Enable or disable this policy.
     */
    readonly status: string;
    /**
     * Receiver TCP maximum segment size (MSS).
     */
    readonly tcpMssReceiver: number;
    /**
     * Sender TCP maximum segment size (MSS).
     */
    readonly tcpMssSender: number;
    /**
     * Enable/disable creation of TCP session without SYN flag.
     */
    readonly tcpSessionWithoutSyn: string;
    /**
     * Enable/disable sending RST packets when TCP sessions expire.
     */
    readonly timeoutSendRst: string;
    /**
     * ToS (Type of Service) value used for comparison.
     */
    readonly tos: string;
    /**
     * Non-zero bit positions are used for comparison while zero bit positions are ignored.
     */
    readonly tosMask: string;
    /**
     * Enable negated TOS match.
     */
    readonly tosNegate: string;
    /**
     * Reverse traffic shaper.
     */
    readonly trafficShaper: string;
    /**
     * Reverse traffic shaper.
     */
    readonly trafficShaperReverse: string;
    /**
     * URL category ID list. The structure of `urlCategory` block is documented below.
     */
    readonly urlCategories: outputs.firewall.GetPolicy6UrlCategory[];
    /**
     * Names of individual users that can authenticate with this policy. The structure of `users` block is documented below.
     */
    readonly users: outputs.firewall.GetPolicy6User[];
    /**
     * Enable AV/web/ips protection profile.
     */
    readonly utmStatus: string;
    /**
     * Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
     */
    readonly uuid: string;
    readonly vdomparam?: string;
    /**
     * VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
     */
    readonly vlanCosFwd: number;
    /**
     * VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
     */
    readonly vlanCosRev: number;
    /**
     * Set VLAN filters.
     */
    readonly vlanFilter: string;
    /**
     * Name of an existing VoIP profile.
     */
    readonly voipProfile: string;
    /**
     * Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
     */
    readonly vpntunnel: string;
    /**
     * Name of an existing Web application firewall profile.
     */
    readonly wafProfile: string;
    /**
     * Enable/disable web cache.
     */
    readonly webcache: string;
    /**
     * Enable/disable web cache for HTTPS.
     */
    readonly webcacheHttps: string;
    /**
     * Name of an existing Web filter profile.
     */
    readonly webfilterProfile: string;
    /**
     * Web proxy forward server name.
     */
    readonly webproxyForwardServer: string;
    /**
     * Webproxy profile name.
     */
    readonly webproxyProfile: string;
}
/**
 * Use this data source to get information on an fortios firewall policy6
 */
export declare function getPolicy6Output(args: GetPolicy6OutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output<GetPolicy6Result>;
/**
 * A collection of arguments for invoking getPolicy6.
 */
export interface GetPolicy6OutputArgs {
    /**
     * Specify the policyid of the desired firewall policy6.
     */
    policyid: pulumi.Input<number>;
    /**
     * Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
     */
    vdomparam?: pulumi.Input<string>;
}