@pulumiverse/fortios

import * as pulumi from "@pulumi/pulumi"; import * as outputs from "../types/output"; /** * Use this data source to get information on fortios system global * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as fortios from "@pulumi/fortios"; * * const sample1 = fortios.system.getGlobal({}); * export const output1 = sample1.then(sample1 => sample1.hostname); * ``` */ export declare function getGlobal(args?: GetGlobalArgs, opts?: pulumi.InvokeOptions): Promise<GetGlobalResult>; /** * A collection of arguments for invoking getGlobal. */ export interface GetGlobalArgs { /** * Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter. */ vdomparam?: string; } /** * A collection of values returned by getGlobal. */ export interface GetGlobalResult { /** * Enable/disable concurrent administrator logins. (Use policy-auth-concurrent for firewall authenticated users.) */ readonly adminConcurrent: string; /** * Console login timeout that overrides the admintimeout value. (15 - 300 seconds) (15 seconds to 5 minutes). 0 the default, disables this timeout. */ readonly adminConsoleTimeout: number; /** * Override access profile. */ readonly adminForticloudSsoDefaultProfile: string; /** * Enable/disable FortiCloud admin login via SSO. */ readonly adminForticloudSsoLogin: string; /** * Administrative host for HTTP and HTTPS. When set, will be used in lieu of the client's Host header for any redirection. */ readonly adminHost: string; /** * HTTPS Strict-Transport-Security header max-age in seconds. A value of 0 will reset any HSTS records in the browser.When admin-https-redirect is disabled the header max-age will be 0. */ readonly adminHstsMaxAge: number; /** * Enable/disable admin login method. Enable to force administrators to provide a valid certificate to log in if PKI is enabled. Disable to allow administrators to log in with a certificate or password. */ readonly adminHttpsPkiRequired: string; /** * Enable/disable redirection of HTTP administration access to HTTPS. */ readonly adminHttpsRedirect: string; /** * Select one or more cipher technologies that cannot be used in GUI HTTPS negotiations. Only applies to TLS 1.2 and below. */ readonly adminHttpsSslBannedCiphers: string; /** * Select one or more TLS 1.3 ciphersuites to enable. Does not affect ciphers in TLS 1.2 and below. At least one must be enabled. To disable all, remove TLS1.3 from admin-https-ssl-versions. */ readonly adminHttpsSslCiphersuites: string; /** * Allowed TLS versions for web administration. */ readonly adminHttpsSslVersions: string; /** * Amount of time in seconds that an administrator account is locked out after reaching the admin-lockout-threshold for repeated failed login attempts. */ readonly adminLockoutDuration: number; /** * Number of failed login attempts before an administrator account is locked out for the admin-lockout-duration. */ readonly adminLockoutThreshold: number; /** * Maximum number of administrators who can be logged in at the same time (1 - 100, default = 100) */ readonly adminLoginMax: number; /** * Enable/disable maintainer administrator login. When enabled, the maintainer account can be used to log in from the console after a hard reboot. The password is "bcpb" followed by the FortiGate unit serial number. You have limited time to complete this login. */ readonly adminMaintainer: string; /** * Administrative access port for HTTP. (1 - 65535, default = 80). */ readonly adminPort: number; /** * Enable/disable local admin authentication restriction when remote authenticator is up and running. (default = disable) */ readonly adminRestrictLocal: string; /** * Enable/disable using SCP to download the system configuration. You can use SCP as an alternative method for backing up the configuration. */ readonly adminScp: string; /** * Server certificate that the FortiGate uses for HTTPS administrative connections. */ readonly adminServerCert: string; /** * Administrative access port for HTTPS. (1 - 65535, default = 443). */ readonly adminSport: number; /** * Maximum time in seconds permitted between making an SSH connection to the FortiGate unit and authenticating (10 - 3600 sec (1 hour), default 120). */ readonly adminSshGraceTime: number; /** * Enable/disable password authentication for SSH admin access. */ readonly adminSshPassword: string; /** * Administrative access port for SSH. (1 - 65535, default = 22). */ readonly adminSshPort: number; /** * Enable/disable SSH v1 compatibility. */ readonly adminSshV1: string; /** * Enable/disable TELNET service. */ readonly adminTelnet: string; /** * Administrative access port for TELNET. (1 - 65535, default = 23). */ readonly adminTelnetPort: number; /** * Number of minutes before an idle administrator session times out (5 - 480 minutes (8 hours), default = 5). A shorter idle timeout is more secure. */ readonly admintimeout: number; /** * Alias for your FortiGate unit. */ readonly alias: string; /** * Disable to allow traffic to be routed back on a different interface. */ readonly allowTrafficRedirect: string; /** * Level of checking for packet replay and TCP sequence checking. */ readonly antiReplay: string; /** * Maximum number of dynamically learned MAC addresses that can be added to the ARP table (131072 - 2147483647, default = 131072). */ readonly arpMaxEntry: number; /** * Enable/disable asymmetric route. */ readonly asymroute: string; /** * Server certificate that the FortiGate uses for HTTPS firewall authentication connections. */ readonly authCert: string; /** * User authentication HTTP port. (1 - 65535, default = 80). */ readonly authHttpPort: number; /** * User authentication HTTPS port. (1 - 65535, default = 443). */ readonly authHttpsPort: number; /** * User IKE SAML authentication port (0 - 65535, default = 1001). */ readonly authIkeSamlPort: number; /** * Enable to prevent user authentication sessions from timing out when idle. */ readonly authKeepalive: string; /** * Action to take when the number of allowed user authenticated sessions is reached. */ readonly authSessionLimit: string; /** * Enable/disable automatic authorization of dedicated Fortinet extension devices. */ readonly autoAuthExtensionDevice: string; /** * Enable/disable automatic log partition check after ungraceful shutdown. */ readonly autorunLogFsck: string; /** * Affinity setting for AV scanning (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). */ readonly avAffinity: string; /** * Set the action to take if the FortiGate is running low on memory or the proxy connection limit has been reached. */ readonly avFailopen: string; /** * When enabled and a proxy for a protocol runs out of room in its session table, that protocol goes into failopen mode and enacts the action specified by av-failopen. */ readonly avFailopenSession: string; /** * Enable/disable batch mode, allowing you to enter a series of CLI commands that will execute as a group once they are loaded. */ readonly batchCmdb: string; /** * Affinity setting for BFD daemon (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). */ readonly bfdAffinity: string; /** * Duration in seconds for blocked sessions (1 - 300 sec (5 minutes), default = 30). */ readonly blockSessionTimer: number; /** * Maximum number of bridge forwarding database (FDB) entries. */ readonly brFdbMaxEntry: number; /** * Maximum number of certificates that can be traversed in a certificate chain. */ readonly certChainMax: number; /** * Time-out for reverting to the last saved configuration. */ readonly cfgRevertTimeout: number; /** * Configuration file save mode for CLI changes. */ readonly cfgSave: string; /** * Level of checking performed on protocol headers. Strict checking is more thorough but may affect performance. Loose checking is ok in most cases. */ readonly checkProtocolHeader: string; /** * Configure ICMP error message verification. You can either apply strict RST range checking or disable it. */ readonly checkResetRange: string; /** * Enable/disable CLI audit log. */ readonly cliAuditLog: string; /** * Enable/disable all cloud communication. */ readonly cloudCommunication: string; /** * Enable/disable requiring administrators to have a client certificate to log into the GUI using HTTPS. */ readonly cltCertReq: string; /** * Affinity setting for cmdbsvr (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). */ readonly cmdbsvrAffinity: string; /** * Enable/disable global PCI DSS compliance check. */ readonly complianceCheck: string; /** * Time of day to run scheduled PCI DSS compliance checks. */ readonly complianceCheckTime: string; /** * Threshold at which CPU usage is reported. (% of total CPU, default = 90). */ readonly cpuUseThreshold: number; /** * Enable/disable the CA attribute in certificates. Some CA servers reject CSRs that have the CA attribute. */ readonly csrCaAttribute: string; /** * Enable/disable daily restart of FortiGate unit. Use the restart-time option to set the time of day for the restart. */ readonly dailyRestart: string; /** * Default service source port range. (default=1-65535) */ readonly defaultServiceSourcePort: string; /** * Number of seconds to passively scan a device before performing an active scan. (20 - 3600 sec, (20 sec to 1 hour), default = 90). */ readonly deviceIdentificationActiveScanDelay: number; /** * Time in seconds that a device must be idle to automatically log the device user out. (30 - 31536000 sec (30 sec to 1 year), default = 300). */ readonly deviceIdleTimeout: number; /** * Number of bits to use in the Diffie-Hellman exchange for HTTPS/SSH protocols. */ readonly dhParams: string; /** * DHCP leases backup interval in seconds (10 - 3600, default = 60). */ readonly dhcpLeaseBackupInterval: number; /** * DNS proxy worker count. */ readonly dnsproxyWorkerCount: number; /** * Enable/disable daylight saving time. */ readonly dst: string; /** * Enable/disable early TCP NPU session. */ readonly earlyTcpNpuSession: string; /** * Enable/disable edit new VDOM prompt. */ readonly editVdomPrompt: string; /** * Enable/disable access to the FortiGuard network for non-compliant endpoints. */ readonly endpointControlFdsAccess: string; /** * Endpoint control portal port (1 - 65535). */ readonly endpointControlPortalPort: number; /** * Configure reserved network subnet for managed LAN extension FortiExtenders. This is available when the extender daemon is running. */ readonly extenderControllerReservedNetwork: string; /** * Fail-time for server lost. */ readonly failtime: number; /** * Maximum disk buffer size to temporarily store logs destined for FortiAnalyzer. To be used in the event that FortiAnalyzer is unavailalble. */ readonly fazDiskBufferSize: number; /** * Enable/disable sending IPS, Application Control, and AntiVirus data to FortiGuard. This data is used to improve FortiGuard services and is not shared with external parties and is protected by Fortinet's privacy policy. */ readonly fdsStatistics: string; /** * FortiGuard statistics collection period in minutes. (1 - 1440 min (1 min to 24 hours), default = 60). */ readonly fdsStatisticsPeriod: number; /** * Local UDP port for Forward Error Correction (49152 - 65535). */ readonly fecPort: number; /** * Type of alert to retrieve from FortiGuard. */ readonly fgdAlertSubscription: string; /** * Enable/disable config upload to FortiConverter. */ readonly forticonverterConfigUpload: string; /** * Enable/disable FortiConverter integration service. */ readonly forticonverterIntegration: string; /** * Enable/disable FortiExtender. */ readonly fortiextender: string; /** * FortiExtender data port (1024 - 49150, default = 25246). */ readonly fortiextenderDataPort: number; /** * Enable/disable FortiExtender CAPWAP lockdown. */ readonly fortiextenderDiscoveryLockdown: string; /** * Enable/disable automatic provisioning of latest FortiExtender firmware on authorization. */ readonly fortiextenderProvisionOnAuthorization: string; /** * Enable/disable FortiExtender VLAN mode. */ readonly fortiextenderVlanMode: string; /** * Enable/disable integration with the FortiGSLB cloud service. */ readonly fortigslbIntegration: string; /** * Enable/disable integration with the FortiIPAM cloud service. */ readonly fortiipamIntegration: string; /** * FortiService port (1 - 65535, default = 8013). Used by FortiClient endpoint compliance. Older versions of FortiClient used a different port. */ readonly fortiservicePort: number; /** * Enable/disable FortiToken Cloud service. */ readonly fortitokenCloud: string; /** * Enable/disable FTM push service of FortiToken Cloud. */ readonly fortitokenCloudPushStatus: string; /** * Interval in which to clean up remote users in FortiToken Cloud (0 - 336 hours (14 days), default = 24, disable = 0). */ readonly fortitokenCloudSyncInterval: number; /** * Enable/disable the GUI warning about using a default hostname */ readonly guiAllowDefaultHostname: string; /** * Enable/disable Allow FGT with incompatible firmware to be treated as compatible in security fabric on the GUI. May cause unexpected error. */ readonly guiAllowIncompatibleFabricFgt: string; /** * Enable/disable Allow app-detection based SD-WAN. */ readonly guiAppDetectionSdwan: string; /** * Enable/disable the automatic patch upgrade setup prompt on the GUI. */ readonly guiAutoUpgradeSetupWarning: string; /** * Domain of CDN server. */ readonly guiCdnDomainOverride: string; /** * Enable/disable Load GUI static files from a CDN. */ readonly guiCdnUsage: string; /** * Enable/disable the System > Certificate GUI page, allowing you to add and configure certificates from the GUI. */ readonly guiCertificates: string; /** * Enable/disable custom languages in GUI. */ readonly guiCustomLanguage: string; /** * Default date format used throughout GUI. */ readonly guiDateFormat: string; /** * Source from which the FortiGate GUI uses to display date and time entries. */ readonly guiDateTimeSource: string; /** * Add the latitude of the location of this FortiGate to position it on the Threat Map. */ readonly guiDeviceLatitude: string; /** * Add the longitude of the location of this FortiGate to position it on the Threat Map. */ readonly guiDeviceLongitude: string; /** * Enable/disable displaying the FortiGate's hostname on the GUI login page. */ readonly guiDisplayHostname: string; /** * Enable/disable the firmware upgrade warning on GUI setup wizard. */ readonly guiFirmwareUpgradeSetupWarning: string; /** * Enable/disable the firmware upgrade warning on the GUI. */ readonly guiFirmwareUpgradeWarning: string; /** * Enable/disable the FortiCare registration setup warning on the GUI. */ readonly guiForticareRegistrationSetupWarning: string; /** * Enable/disable displaying FortiGate Cloud Sandbox on the GUI. */ readonly guiFortigateCloudSandbox: string; /** * Enable/disable retrieving static GUI resources from FortiGuard. Disabling it will improve GUI load time for air-gapped environments. */ readonly guiFortiguardResourceFetch: string; /** * Enable/disable displaying FortiSandbox Cloud on the GUI. */ readonly guiFortisandboxCloud: string; /** * Enable/disable IPv6 settings on the GUI. */ readonly guiIpv6: string; /** * Number of lines to display per page for web administration. */ readonly guiLinesPerPage: number; /** * Enable/disable Local-out traffic on the GUI. */ readonly guiLocalOut: string; /** * Enable/disable replacement message groups on the GUI. */ readonly guiReplacementMessageGroups: string; /** * Enable/disable REST API result caching on FortiGate. */ readonly guiRestApiCache: string; /** * Color scheme for the administration GUI. */ readonly guiTheme: string; /** * Enable/disable wireless open security option on the GUI. */ readonly guiWirelessOpensecurity: string; /** * Enable/disable Workflow management features on the GUI. */ readonly guiWorkflowManagement: string; /** * Affinity setting for HA daemons (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). */ readonly haAffinity: string; /** * Enable/disable honoring of Don't-Fragment (DF) flag. */ readonly honorDf: string; /** * FortiGate unit's hostname. Most models will truncate names longer than 24 characters. Some models support hostnames up to 35 characters. */ readonly hostname: string; /** * The provider-assigned unique ID for this managed resource. */ readonly id: string; /** * Maximum number of IGMP memberships (96 - 64000, default = 3200). */ readonly igmpStateLimit: number; /** * Maximum number of IPsec tunnels to negotiate simultaneously. */ readonly ikeEmbryonicLimit: number; /** * Enable/disable allowing use of interface-subnet setting in firewall addresses (default = enable). */ readonly interfaceSubnetUsage: string; /** * Configure which Internet Service database size to download from FortiGuard and use. */ readonly internetServiceDatabase: string; /** * Configure which on-demand Internet Service IDs are to be downloaded. The structure of `internetServiceDownloadList` block is documented below. */ readonly internetServiceDownloadLists: outputs.system.GetGlobalInternetServiceDownloadList[]; /** * Dead gateway detection interval. */ readonly interval: number; /** * Maximum memory (MB) used to reassemble IPv4/IPv6 fragments. */ readonly ipFragmentMemThresholds: number; /** * IP source port range used for traffic originating from the FortiGate unit. */ readonly ipSrcPortRange: string; /** * Affinity setting for IPS (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx; allowed CPUs must be less than total number of IPS engine daemons). */ readonly ipsAffinity: string; /** * Enable/disable ASIC offloading (hardware acceleration) for IPsec VPN traffic. Hardware acceleration can offload IPsec VPN sessions and accelerate encryption and decryption. */ readonly ipsecAsicOffload: string; /** * ESP jump ahead rate (1G - 10G pps equivalent). */ readonly ipsecHaSeqjumpRate: number; /** * Enable/disable offloading (hardware acceleration) of HMAC processing for IPsec VPN. */ readonly ipsecHmacOffload: string; /** * Enable/disable QAT offloading (Intel QuickAssist) for IPsec VPN traffic. QuickAssist can accelerate IPsec encryption and decryption. */ readonly ipsecQatOffload: string; /** * Enable/disable round-robin redistribution to multiple CPUs for IPsec VPN traffic. */ readonly ipsecRoundRobin: string; /** * Enable/disable software decryption asynchronization (using multiple CPUs to do decryption) for IPsec VPN traffic. */ readonly ipsecSoftDecAsync: string; /** * Enable/disable acceptance of IPv6 Duplicate Address Detection (DAD). */ readonly ipv6AcceptDad: number; /** * Enable/disable IPv6 address probe through Anycast. */ readonly ipv6AllowAnycastProbe: string; /** * Enable/disable silent drop of IPv6 local-in traffic. */ readonly ipv6AllowLocalInSilentDrop: string; /** * Enable/disable silent drop of IPv6 local-in traffic. */ readonly ipv6AllowLocalInSlientDrop: string; /** * Enable/disable IPv6 address probe through Multicast. */ readonly ipv6AllowMulticastProbe: string; /** * Disable to prevent IPv6 traffic with same local ingress and egress interface from being forwarded without policy check. */ readonly ipv6AllowTrafficRedirect: string; /** * Configure CPU IRQ time accounting mode. */ readonly irqTimeAccounting: string; /** * GUI display language. */ readonly language: string; /** * Global timeout for connections with remote LDAP servers in milliseconds (1 - 300000, default 500). */ readonly ldapconntimeout: number; /** * Enable/disable Link Layer Discovery Protocol (LLDP) reception. */ readonly lldpReception: string; /** * Enable/disable Link Layer Discovery Protocol (LLDP) transmission. */ readonly lldpTransmission: string; /** * Enable/disable logging the event of a single CPU core reaching CPU usage threshold. */ readonly logSingleCpuHigh: string; /** * Enable/disable logging of SSL connection events. */ readonly logSslConnection: string; /** * Enable/disable insertion of address UUIDs to traffic logs. */ readonly logUuidAddress: string; /** * Enable/disable insertion of policy UUIDs to traffic logs. */ readonly logUuidPolicy: string; /** * Enable/disable login time recording. */ readonly loginTimestamp: string; /** * Enable/disable long VDOM name support. */ readonly longVdomName: string; /** * Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric. */ readonly managementIp: string; /** * Overriding port for management connection (Overrides admin port). */ readonly managementPort: number; /** * Enable/disable use of the admin-sport setting for the management port. If disabled, FortiGate will allow user to specify management-port. */ readonly managementPortUseAdminSport: string; /** * Management virtual domain name. */ readonly managementVdom: string; /** * Maximum DLP stat memory (0 - 4294967295). */ readonly maxDlpstatMemory: number; /** * Maximum number of IP route cache entries (0 - 2147483647). */ readonly maxRouteCacheSize: number; /** * Enable/disable no modification of multicast TTL. */ readonly mcTtlNotchange: string; /** * Threshold at which memory usage is considered extreme (new sessions are dropped) (% of total RAM, default = 95). */ readonly memoryUseThresholdExtreme: number; /** * Threshold at which memory usage forces the FortiGate to exit conserve mode (% of total RAM, default = 82). */ readonly memoryUseThresholdGreen: number; /** * Threshold at which memory usage forces the FortiGate to enter conserve mode (% of total RAM, default = 88). */ readonly memoryUseThresholdRed: number; /** * Affinity setting for logging (64-bit hexadecimal value in the format of xxxxxxxxxxxxxxxx). */ readonly miglogAffinity: string; /** * Number of logging (miglogd) processes to be allowed to run. Higher number can reduce performance; lower number can slow log processing time. No logs will be dropped or lost if the number is changed. */ readonly miglogdChildren: number; /** * Enforce all login methods to require an additional authentication factor (default = optional). */ readonly multiFactorAuthentication: string; /** * Enable/disable multicast forwarding. */ readonly multicastForward: string; /** * Maximum number of NDP table entries (set to 65,536 or higher; if set to 0, kernel holds 65,536 entries). */ readonly ndpMaxEntry: number; /** * Enable/disable sending of probing packets to update neighbors for offloaded sessions. */ readonly npuNeighborUpdate: string; /** * Enable/disable per-user block/allow list filter. */ readonly perUserBal: string; /** * Enable/disable per-user black/white list filter. */ readonly perUserBwl: string; /** * Enable/disable path MTU discovery. */ readonly pmtuDiscovery: string; /** * Number of concurrent firewall use logins from the same user (1 - 100, default = 0 means no limit). */ readonly policyAuthConcurrent: number; /** * Enable/disable displaying the administrator access disclaimer message after an administrator successfully logs in. */ readonly postLoginBanner: string; /** * Enable/disable displaying the administrator access disclaimer message on the login page before an administrator logs in. */ readonly preLoginBanner: string; /** * Enable/disable private data encryption using an AES 128-bit key. */ readonly privateDataEncryption: string; /** * Enable/disable authenticated users lifetime control. This is a cap on the total time a proxy user can be authenticated for after which re-authentication will take place. */ readonly proxyAuthLifetime: string; /** * Lifetime timeout in minutes for authenticated users (5 - 65535 min, default=480 (8 hours)). */ readonly proxyAuthLifetimeTimeout: number; /** * Authentication timeout in minutes for authenticated users (1 - 300 min, default = 10). */ readonly proxyAuthTimeout: number; /** * Enable/disable using management VDOM to send requests. */ readonly proxyCertUseMgmtVdom: string; /** * Enable/disable using content processor (CP8 or CP9) hardware acceleration to encrypt and decrypt IPsec and SSL traffic. */ readonly proxyCipherHardwareAcceleration: string; /** * Enable/disable email proxy hardware acceleration. */ readonly proxyHardwareAcceleration: string; /** * Control if users must re-authenticate after a session is closed, traffic has been idle, or from the point at which the user was authenticated. */ readonly proxyKeepAliveMode: string; /** * Enable/disable using the content processor to accelerate KXP traffic. */ readonly proxyKxpHardwareAcceleration: string; /** * Control if users must re-authenticate after a session is closed, traffic has been idle, or from the point at which the user was first created. */ readonly proxyReAuthenticationMode: string; /** * The time limit that users must re-authenticate if proxy-keep-alive-mode is set to re-authenticate (1 - 86400 sec, default=30s. */ readonly proxyReAuthenticationTime: number; /** * Enable/disable use of the maximum memory usage on the FortiGate unit's proxy processing of resources, such as block lists, allow lists, and external resources. */ readonly proxyResourceMode: string; /** * Proxy worker count. */ readonly proxyWorkerCount: number; /** * Purdue Level of this FortiGate. */ readonly purdueLevel: string; /** * Maximum number of unacknowledged packets before sending ACK (2 - 5, default = 3). */ readonly quicAckThresold: number; /** * QUIC congestion control algorithm (default = cubic). */ readonly quicCongestionControlAlgo: string; /** * Maximum transmit datagram size (1200 - 1500, default = 1500). */ readonly quicMaxDatagramSize: number; /** * Enable/disable path MTU discovery (default = enable). */ readonly quicPmtud: string; /** * Time-to-live (TTL) for TLS handshake in seconds (1 - 60, default = 5). */ readonly quicTlsHandshakeTimeout: number; /** * Enable/disable UDP payload size shaping per connection ID (default = enable). */ readonly quicUdpPayloadSizeShapingPerCid: string; /** * RADIUS service port number. */ readonly radiusPort: number; /** * Enable/disable reboot of system upon restoring configuration. */ readonly rebootUponConfigRestore: string; /** * Statistics refresh interval in GUI. */ readonly refresh: number; /** * Number of seconds that the FortiGate waits for responses from remote RADIUS, LDAP, or TACACS+ authentication servers. (0-300 sec, default = 5, 0 means no timeout). */ readonly remoteauthtimeout: number; /** * Action to perform if the FortiGate receives a TCP packet but cannot find a corresponding session in its session table. NAT/Route mode only. */ readonly resetSessionlessTcp: string; /** * Daily restart time (hh:mm). */ readonly restartTime: string; /** * Enable/disable back-up of the latest configuration revision when an administrator logs out of the CLI or GUI. */ readonly revisionBackupOnLogout: string; /** * Enable/disable back-up of the latest configuration revision after the firmware is upgraded. */ readonly revisionImageAutoBackup: string; /** * Number of scanunits. The range and the default depend on the number of CPUs. Only available on FortiGate units with multiple CPUs. */ readonly scanunitCount: number; /** * Enable/disable the submission of Security Rating results to FortiGuard. */ readonly securityRatingResultSubmission: string; /** * Enable/disable scheduled runs of Security Rating. */ readonly securityRatingRunOnSchedule: string; /** * Enable/disable sending of path maximum transmission unit (PMTU) - ICMP destination unreachable packet and to support PMTUD protocol on your network to reduce fragmentation of packets. */ readonly sendPmtuIcmp: string; /** * Maximum number of sflowd child processes allowed to run. */ readonly sflowdMaxChildrenNum: number; /** * Enable/disable the ability to change the static NAT route. */ readonly snatRouteChange: string; /** * Enable/disable IPS detection of HIBUN format files when using Data Leak Protection. */ readonly specialFile23Support: string; /** * Enable/disable speed test server. */ readonly speedtestServer: string; /** * Speedtest server controller port number. */ readonly speedtestdCtrlPort: number; /** * Speedtest server port number. */ readonly speedtestdServerPort: number; /** * Split port(s) to multiple 10Gbps ports. */ readonly splitPort: string; /** * Date within a month to run ssd trim. */ readonly ssdTrimDate: number; /** * How often to run SSD Trim (default = weekly). SSD Trim prevents SSD drive data loss by finding and isolating errors. */ readonly ssdTrimFreq: string; /** * Hour of the day on which to run SSD Trim (0 - 23, default = 1). */ readonly ssdTrimHour: number; /** * Minute of the hour on which to run SSD Trim (0 - 59, 60 for random). */ readonly ssdTrimMin: number; /** * Day of week to run SSD Trim. */ readonly ssdTrimWeekday: string; /** * Enable/disable CBC cipher for SSH access. */ readonly sshCbcCipher: string; /** * Select one or more SSH ciphers. */ readonly sshEncAlgo: string; /** * Enable/disable HMAC-MD5 for SSH access. */ readonly sshHmacMd5: string; /** * Config SSH host key. */ readonly sshHostkey: string; /** * Select one or more SSH hostkey algorithms. */ readonly sshHostkeyAlgo: string; /** * Enable/disable SSH host key override in SSH daemon. */ readonly sshHostkeyOverride: string; /** * Password for ssh-hostkey. */ readonly sshHostkeyPassword: string; /** * Select one or more SSH kex algorithms. */ readonly sshKexAlgo: string; /** * Enable/disable SHA1 key exchange for SSH access. */ readonly sshKexSha1: string; /** * Select one or more SSH MAC algorithms. */ readonly sshMacAlgo: string; /** * Enable/disable HMAC-SHA1 and UMAC-64-ETM for SSH access. */ readonly sshMacWeak: string; /** * Minimum supported protocol version for SSL/TLS connections (default = TLSv1.2). */ readonly sslMinProtoVersion: string; /** * Enable/disable static key ciphers in SSL/TLS connections (e.g. AES128-SHA, AES256-SHA, AES128-SHA256, AES256-SHA256). */ readonly sslStaticKeyCiphers: string; /** * Enable/disable SSL VPN hardware acceleration. */ readonly sslvpnCipherHardwareAcceleration: string; /** * Enable/disable verification of EMS serial number in SSL-VPN connection. */ readonly sslvpnEmsSnCheck: string; /** * Enable/disable SSL VPN KXP hardware acceleration. */ readonly sslvpnKxpHardwareAcceleration: string; /** * Maximum number of SSL VPN processes. Upper limit for this value is the number of CPUs and depends on the model. */ readonly sslvpnMaxWorkerCount: number; /** * Enable/disable checking browser's plugin version by SSL VPN. */ readonly sslvpnPluginVersionCheck: string; /** * Enable/disable SSL-VPN web mode. */ readonly sslvpnWebMode: string; /** * Enable to check the session against the original policy when revalidating. This can prevent dropping of redirected sessions when web-filtering and authentication are enabled together. If this option is enabled, the FortiGate unit deletes a session if a routing or policy change causes the session to no longer match the policy that originally allowed the session. */ readonly strictDirtySessionCheck: string; /** * Enable to use strong encryption and only allow strong ciphers (AES, 3DES) and digest (SHA1) for HTTPS/SSH/TLS/SSL functions. */ readonly strongCrypto: string; /** * Enable/disable switch controller feature. Switch controller allows you to manage FortiSwitch from the FortiGate itself. */ readonly switchController: string; /** * Enable reserved network subnet for controlled switches. This is available when the switch controller is enabled. */ readonly switchControllerReservedNetwork: string; /** * Time in minutes between updates of performance statistics logging. (1 - 15 min, default = 5, 0 = disabled). */ readonly sysPerfLogInterval: number; /** * Affinity setting for syslog (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). */ readonly syslogAffinity: string; /** * Number of seconds the FortiGate unit should wait to close a session after one peer has sent a FIN packet but the other has not responded (1 - 86400 sec (1 day), default = 120). */ readonly tcpHalfcloseTimer: number; /** * Number of seconds the FortiGate unit should wait to close a session after one peer has sent an open session packet but the other has not responded (1 - 86400 sec (1 day), default = 10). */ readonly tcpHalfopenTimer: number; /** * Enable SACK, timestamp and MSS TCP options. */ readonly tcpOption: string; /** * Length of the TCP CLOSE state in seconds (5 - 300 sec, default = 5). */ readonly tcpRstTimer: number; /** * Length of the TCP TIME-WAIT state in seconds. */ readonly tcpTimewaitTimer: number; /** * Enable/disable TFTP. */ readonly tftp: string; /** * Number corresponding to your time zone from 00 to 86. Enter set timezone ? to view the list of time zones and the numbers that represent them. */ readonly timezone: string; /** * Enable/disable skip policy check and allow multicast through. */ readonly tpMcSkipPolicy: string; /** * Choose Type of Service (ToS) or Differentiated Services Code Point (DSCP) for traffic prioritization in traffic shaping. */ readonly trafficPriority: string; /** * Default system-wide level of priority for traffic prioritization. */ readonly trafficPriorityLevel: string; /** * Email-based two-factor authentication session timeout (30 - 300 seconds (5 minutes), default = 60). */ readonly twoFactorEmailExpiry: number; /** * FortiAuthenticator token authentication session timeout (10 - 3600 seconds (1 hour), default = 60). */ readonly twoFactorFacExpiry: number; /** * FortiToken authentication session timeout (60 - 600 sec (10 minutes), default = 60). */ readonly twoFactorFtkExpiry: number; /** * FortiToken Mobile session timeout (1 - 168 hours (7 days), default = 72). */ readonly twoFactorFtmExpiry: number; /** * SMS-based two-factor authentication session timeout (30 - 300 sec, default = 60). */ readonly twoFactorSmsExpiry: number; /** * UDP connection session timeout. This command can be useful in managing CPU and memory resources (1 - 86400 seconds (1 day), default = 60). */ readonly udpIdleTimer: number; /** * URL filter CPU affinity. */ readonly urlFilterAffinity: string; /** * URL filter daemon count. */ readonly urlFilterCount: number; /** * Maximum number of devices allowed in user device store. */ readonly userDeviceStoreMaxDevices: number; /** * Maximum unified memory allowed in user device store. */ readonly userDeviceStoreMaxUnifiedMem: number; /** * Maximum number of users allowed in user device store. */ readonly userDeviceStoreMaxUsers: number; /** * Certificate to use for https user authentication. */ readonly userServerCert: string; /** * Enable/disable support for multiple virtual domains (VDOMs). */ readonly vdomAdmin: string; /** * Enable/disable support for split/multiple virtual domains (VDOMs). */ readonly vdomMode: string; readonly vdomparam?: string; /** * Controls the number of ARPs that the FortiGate sends for a Virtual IP (VIP) address range. */ readonly vipArpRange: string; /** * Maximum number of virtual server processes to create. The maximum is the number of CPU cores. This is not available on single-core CPUs. */ readonly virtualServerCount: number; /** * Enable/disable virtual server hardware acceleration. */ readonly virtualServerHardwareAcceleration: string; /** * Enable/disable virtual switch VLAN. */ readonly virtualSwitchVlan: string; /** * Enable/disable verification of EMS serial number in SSL-VPN and IPsec VPN connection. */ readonly vpnEmsSnCheck: string; /** * Affinity setting for wad (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). */ readonly wadAffinity: string; /** * Number of concurrent WAD-cache-service object-cache processes. */ readonly wadCsvcCsCount: number; /** * Number of concurrent WAD-cache-service byte-cache processes. */ readonly wadCsvcDbCount: number; /** * Minimum percentage change in system memory usage detected by the wad daemon prior to adjusting TCP window size for any active connection. */ readonly wadMemoryChangeGranularity: number; /** * WAD workers daily restart end time (hh:mm). */ readonly wadRestartEndTime: string; /** * WAD worker restart mode (default = none). */ readonly wadRestartMode: string; /** * WAD workers daily restart time (hh:mm). */ readonly wadRestartStartTime: string; /** * Enable/disable dispatching traffic to WAD workers based on source affinity. */ readonly wadSourceAffinity: string; /** * Number of explicit proxy WAN optimization daemon (WAD) processes. By default WAN optimization, explicit proxy, and web caching is handled by all of the CPU cores in a FortiGate unit. */ readonly wadWorkerCount: number; /** * CA certificate that verifies the WiFi certificate. */ readonly wifiCaCertificate: string; /** * Certificate to use for WiFi authentication. */ readonly wifiCertificate: string; /** * Enable/disable comparability with WiMAX 4G USB devices. */ readonly wimax4gUsb: string; /** * Enable/disable the wireless controller feature to use the FortiGate unit to manage FortiAPs. */ readonly wirelessController: string; /** * Port used for the control channel in wireless controller mode (wireless-mode is ac). The data channel port is the control channel port number plus one (1024 - 49150, default = 5246). */ readonly wirelessControllerPort: number; } /** * Use this data source to get information on fortios system global * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as fortios from "@pulumi/fortios"; * * const sample1 = fortios.system.getGlobal({}); * export const output1 = sample1.then(sample1 => sample1.hostname); * ``` */ export declare function getGlobalOutput(args?: GetGlobalOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output<GetGlobalResult>; /** * A collection of arguments for invoking getGlobal. */ export interface GetGlobalOutputArgs { /** * Specifies the vdom to which the data source will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter. */ vdomparam?: pulumi.Input<string>; }