@pulumiverse/fortios
Version:
A Pulumi package for creating and managing Fortios resources. Based on terraform-provider-fortios: version v1.16.0
399 lines (398 loc) • 15.3 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* Configure IPv4 routing policies.
*
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as fortios from "@pulumiverse/fortios";
*
* const trname = new fortios.router.Policy("trname", {
* action: "permit",
* dstNegate: "disable",
* endPort: 25,
* endSourcePort: 65535,
* gateway: "0.0.0.0",
* inputDevices: [{
* name: "port1",
* }],
* outputDevice: "port2",
* protocol: 6,
* seqNum: 1,
* srcNegate: "disable",
* startPort: 25,
* startSourcePort: 0,
* status: "enable",
* tos: "0x00",
* tosMask: "0x00",
* });
* ```
*
* ## Import
*
* Router Policy can be imported using any of these accepted formats:
*
* ```sh
* $ pulumi import fortios:router/policy:Policy labelname {{seq_num}}
* ```
*
* If you do not want to import arguments of block:
*
* $ export "FORTIOS_IMPORT_TABLE"="false"
*
* ```sh
* $ pulumi import fortios:router/policy:Policy labelname {{seq_num}}
* ```
*
* $ unset "FORTIOS_IMPORT_TABLE"
*/
export declare class Policy extends pulumi.CustomResource {
/**
* Get an existing Policy resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PolicyState, opts?: pulumi.CustomResourceOptions): Policy;
/**
* Returns true if the given object is an instance of Policy. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Policy;
/**
* Action of the policy route. Valid values: `deny`, `permit`.
*/
readonly action: pulumi.Output<string>;
/**
* Optional comments.
*/
readonly comments: pulumi.Output<string | undefined>;
/**
* Enable/disable negating destination address match. Valid values: `enable`, `disable`.
*/
readonly dstNegate: pulumi.Output<string>;
/**
* Destination address name. The structure of `dstaddr` block is documented below.
*/
readonly dstaddrs: pulumi.Output<outputs.router.PolicyDstaddr[] | undefined>;
/**
* Destination IP and mask (x.x.x.x/x). The structure of `dst` block is documented below.
*/
readonly dsts: pulumi.Output<outputs.router.PolicyDst[] | undefined>;
/**
* Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
*/
readonly dynamicSortSubtable: pulumi.Output<string | undefined>;
/**
* End destination port number (0 - 65535).
*/
readonly endPort: pulumi.Output<number>;
/**
* End source port number (0 - 65535).
*/
readonly endSourcePort: pulumi.Output<number>;
/**
* IP address of the gateway.
*/
readonly gateway: pulumi.Output<string>;
/**
* Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
*/
readonly getAllTables: pulumi.Output<string | undefined>;
/**
* Enable/disable negation of input device match. Valid values: `enable`, `disable`.
*/
readonly inputDeviceNegate: pulumi.Output<string>;
/**
* Incoming interface name. The structure of `inputDevice` block is documented below.
*/
readonly inputDevices: pulumi.Output<outputs.router.PolicyInputDevice[] | undefined>;
/**
* Custom Destination Internet Service name. The structure of `internetServiceCustom` block is documented below.
*/
readonly internetServiceCustoms: pulumi.Output<outputs.router.PolicyInternetServiceCustom[] | undefined>;
/**
* Destination Internet Service ID. The structure of `internetServiceId` block is documented below.
*/
readonly internetServiceIds: pulumi.Output<outputs.router.PolicyInternetServiceId[] | undefined>;
/**
* Outgoing interface name.
*/
readonly outputDevice: pulumi.Output<string>;
/**
* Protocol number (0 - 255).
*/
readonly protocol: pulumi.Output<number>;
/**
* Sequence number.
*/
readonly seqNum: pulumi.Output<number>;
/**
* Enable/disable negating source address match. Valid values: `enable`, `disable`.
*/
readonly srcNegate: pulumi.Output<string>;
/**
* Source address name. The structure of `srcaddr` block is documented below.
*/
readonly srcaddrs: pulumi.Output<outputs.router.PolicySrcaddr[] | undefined>;
/**
* Source IP and mask (x.x.x.x/x). The structure of `src` block is documented below.
*/
readonly srcs: pulumi.Output<outputs.router.PolicySrc[] | undefined>;
/**
* Start destination port number (0 - 65535).
*/
readonly startPort: pulumi.Output<number>;
/**
* Start source port number (0 - 65535).
*/
readonly startSourcePort: pulumi.Output<number>;
/**
* Enable/disable this policy route. Valid values: `enable`, `disable`.
*/
readonly status: pulumi.Output<string>;
/**
* Type of service bit pattern.
*/
readonly tos: pulumi.Output<string>;
/**
* Type of service evaluated bits.
*/
readonly tosMask: pulumi.Output<string>;
/**
* Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
*/
readonly vdomparam: pulumi.Output<string>;
/**
* Create a Policy resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args?: PolicyArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Policy resources.
*/
export interface PolicyState {
/**
* Action of the policy route. Valid values: `deny`, `permit`.
*/
action?: pulumi.Input<string>;
/**
* Optional comments.
*/
comments?: pulumi.Input<string>;
/**
* Enable/disable negating destination address match. Valid values: `enable`, `disable`.
*/
dstNegate?: pulumi.Input<string>;
/**
* Destination address name. The structure of `dstaddr` block is documented below.
*/
dstaddrs?: pulumi.Input<pulumi.Input<inputs.router.PolicyDstaddr>[]>;
/**
* Destination IP and mask (x.x.x.x/x). The structure of `dst` block is documented below.
*/
dsts?: pulumi.Input<pulumi.Input<inputs.router.PolicyDst>[]>;
/**
* Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
*/
dynamicSortSubtable?: pulumi.Input<string>;
/**
* End destination port number (0 - 65535).
*/
endPort?: pulumi.Input<number>;
/**
* End source port number (0 - 65535).
*/
endSourcePort?: pulumi.Input<number>;
/**
* IP address of the gateway.
*/
gateway?: pulumi.Input<string>;
/**
* Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
*/
getAllTables?: pulumi.Input<string>;
/**
* Enable/disable negation of input device match. Valid values: `enable`, `disable`.
*/
inputDeviceNegate?: pulumi.Input<string>;
/**
* Incoming interface name. The structure of `inputDevice` block is documented below.
*/
inputDevices?: pulumi.Input<pulumi.Input<inputs.router.PolicyInputDevice>[]>;
/**
* Custom Destination Internet Service name. The structure of `internetServiceCustom` block is documented below.
*/
internetServiceCustoms?: pulumi.Input<pulumi.Input<inputs.router.PolicyInternetServiceCustom>[]>;
/**
* Destination Internet Service ID. The structure of `internetServiceId` block is documented below.
*/
internetServiceIds?: pulumi.Input<pulumi.Input<inputs.router.PolicyInternetServiceId>[]>;
/**
* Outgoing interface name.
*/
outputDevice?: pulumi.Input<string>;
/**
* Protocol number (0 - 255).
*/
protocol?: pulumi.Input<number>;
/**
* Sequence number.
*/
seqNum?: pulumi.Input<number>;
/**
* Enable/disable negating source address match. Valid values: `enable`, `disable`.
*/
srcNegate?: pulumi.Input<string>;
/**
* Source address name. The structure of `srcaddr` block is documented below.
*/
srcaddrs?: pulumi.Input<pulumi.Input<inputs.router.PolicySrcaddr>[]>;
/**
* Source IP and mask (x.x.x.x/x). The structure of `src` block is documented below.
*/
srcs?: pulumi.Input<pulumi.Input<inputs.router.PolicySrc>[]>;
/**
* Start destination port number (0 - 65535).
*/
startPort?: pulumi.Input<number>;
/**
* Start source port number (0 - 65535).
*/
startSourcePort?: pulumi.Input<number>;
/**
* Enable/disable this policy route. Valid values: `enable`, `disable`.
*/
status?: pulumi.Input<string>;
/**
* Type of service bit pattern.
*/
tos?: pulumi.Input<string>;
/**
* Type of service evaluated bits.
*/
tosMask?: pulumi.Input<string>;
/**
* Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
*/
vdomparam?: pulumi.Input<string>;
}
/**
* The set of arguments for constructing a Policy resource.
*/
export interface PolicyArgs {
/**
* Action of the policy route. Valid values: `deny`, `permit`.
*/
action?: pulumi.Input<string>;
/**
* Optional comments.
*/
comments?: pulumi.Input<string>;
/**
* Enable/disable negating destination address match. Valid values: `enable`, `disable`.
*/
dstNegate?: pulumi.Input<string>;
/**
* Destination address name. The structure of `dstaddr` block is documented below.
*/
dstaddrs?: pulumi.Input<pulumi.Input<inputs.router.PolicyDstaddr>[]>;
/**
* Destination IP and mask (x.x.x.x/x). The structure of `dst` block is documented below.
*/
dsts?: pulumi.Input<pulumi.Input<inputs.router.PolicyDst>[]>;
/**
* Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
*/
dynamicSortSubtable?: pulumi.Input<string>;
/**
* End destination port number (0 - 65535).
*/
endPort?: pulumi.Input<number>;
/**
* End source port number (0 - 65535).
*/
endSourcePort?: pulumi.Input<number>;
/**
* IP address of the gateway.
*/
gateway?: pulumi.Input<string>;
/**
* Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
*/
getAllTables?: pulumi.Input<string>;
/**
* Enable/disable negation of input device match. Valid values: `enable`, `disable`.
*/
inputDeviceNegate?: pulumi.Input<string>;
/**
* Incoming interface name. The structure of `inputDevice` block is documented below.
*/
inputDevices?: pulumi.Input<pulumi.Input<inputs.router.PolicyInputDevice>[]>;
/**
* Custom Destination Internet Service name. The structure of `internetServiceCustom` block is documented below.
*/
internetServiceCustoms?: pulumi.Input<pulumi.Input<inputs.router.PolicyInternetServiceCustom>[]>;
/**
* Destination Internet Service ID. The structure of `internetServiceId` block is documented below.
*/
internetServiceIds?: pulumi.Input<pulumi.Input<inputs.router.PolicyInternetServiceId>[]>;
/**
* Outgoing interface name.
*/
outputDevice?: pulumi.Input<string>;
/**
* Protocol number (0 - 255).
*/
protocol?: pulumi.Input<number>;
/**
* Sequence number.
*/
seqNum?: pulumi.Input<number>;
/**
* Enable/disable negating source address match. Valid values: `enable`, `disable`.
*/
srcNegate?: pulumi.Input<string>;
/**
* Source address name. The structure of `srcaddr` block is documented below.
*/
srcaddrs?: pulumi.Input<pulumi.Input<inputs.router.PolicySrcaddr>[]>;
/**
* Source IP and mask (x.x.x.x/x). The structure of `src` block is documented below.
*/
srcs?: pulumi.Input<pulumi.Input<inputs.router.PolicySrc>[]>;
/**
* Start destination port number (0 - 65535).
*/
startPort?: pulumi.Input<number>;
/**
* Start source port number (0 - 65535).
*/
startSourcePort?: pulumi.Input<number>;
/**
* Enable/disable this policy route. Valid values: `enable`, `disable`.
*/
status?: pulumi.Input<string>;
/**
* Type of service bit pattern.
*/
tos?: pulumi.Input<string>;
/**
* Type of service evaluated bits.
*/
tosMask?: pulumi.Input<string>;
/**
* Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
*/
vdomparam?: pulumi.Input<string>;
}