fortimanager 1.13.0, Mar 13 25

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectFirewallVip6DynamicMapping

Explore with Pulumi AI

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

This resource is a sub resource for variable dynamic_mapping of resource fortimanager.ObjectFirewallVip6. Conflict and overwrite may occur if use both of them. The following variables have sub resource. Avoid using them together, otherwise conflicts and overwrites may occur.
realservers: fortimanager_object_firewall_vip6_dynamic_mapping_realservers
ssl_cipher_suites: fortimanager_object_firewall_vip6_dynamic_mapping_sslciphersuites

Create ObjectFirewallVip6DynamicMapping Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new ObjectFirewallVip6DynamicMapping(name: string, args: ObjectFirewallVip6DynamicMappingArgs, opts?: CustomResourceOptions);

@overload
def ObjectFirewallVip6DynamicMapping(resource_name: str,
                                     args: ObjectFirewallVip6DynamicMappingInitArgs,
                                     opts: Optional[ResourceOptions] = None)

@overload
def ObjectFirewallVip6DynamicMapping(resource_name: str,
                                     opts: Optional[ResourceOptions] = None,
                                     vip6: Optional[str] = None,
                                     _scopes: Optional[Sequence[ObjectFirewallVip6DynamicMapping_ScopeArgs]] = None,
                                     add_nat64_route: Optional[str] = None,
                                     adom: Optional[str] = None,
                                     arp_reply: Optional[str] = None,
                                     color: Optional[float] = None,
                                     comment: Optional[str] = None,
                                     dynamic_sort_subtable: Optional[str] = None,
                                     embedded_ipv4_address: Optional[str] = None,
                                     extip: Optional[str] = None,
                                     extport: Optional[str] = None,
                                     fosid: Optional[float] = None,
                                     h2_support: Optional[str] = None,
                                     h3_support: Optional[str] = None,
                                     http_cookie_age: Optional[float] = None,
                                     http_cookie_domain: Optional[str] = None,
                                     http_cookie_domain_from_host: Optional[str] = None,
                                     http_cookie_generation: Optional[float] = None,
                                     http_cookie_path: Optional[str] = None,
                                     http_cookie_share: Optional[str] = None,
                                     http_ip_header: Optional[str] = None,
                                     http_ip_header_name: Optional[str] = None,
                                     http_multiplex: Optional[str] = None,
                                     http_redirect: Optional[str] = None,
                                     https_cookie_secure: Optional[str] = None,
                                     ipv4_mappedip: Optional[str] = None,
                                     ipv4_mappedport: Optional[str] = None,
                                     ldb_method: Optional[str] = None,
                                     mappedip: Optional[str] = None,
                                     mappedport: Optional[str] = None,
                                     max_embryonic_connections: Optional[float] = None,
                                     monitor: Optional[str] = None,
                                     nat64: Optional[str] = None,
                                     nat66: Optional[str] = None,
                                     nat_source_vip: Optional[str] = None,
                                     ndp_reply: Optional[str] = None,
                                     object_firewall_vip6_dynamic_mapping_id: Optional[str] = None,
                                     outlook_web_access: Optional[str] = None,
                                     persistence: Optional[str] = None,
                                     portforward: Optional[str] = None,
                                     protocol: Optional[str] = None,
                                     realservers: Optional[Sequence[ObjectFirewallVip6DynamicMappingRealserverArgs]] = None,
                                     scopetype: Optional[str] = None,
                                     server_type: Optional[str] = None,
                                     src_filters: Optional[Sequence[str]] = None,
                                     src_vip_filter: Optional[str] = None,
                                     ssl_accept_ffdhe_groups: Optional[str] = None,
                                     ssl_algorithm: Optional[str] = None,
                                     ssl_certificate: Optional[str] = None,
                                     ssl_cipher_suites: Optional[Sequence[ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs]] = None,
                                     ssl_client_fallback: Optional[str] = None,
                                     ssl_client_rekey_count: Optional[float] = None,
                                     ssl_client_renegotiation: Optional[str] = None,
                                     ssl_client_session_state_max: Optional[float] = None,
                                     ssl_client_session_state_timeout: Optional[float] = None,
                                     ssl_client_session_state_type: Optional[str] = None,
                                     ssl_dh_bits: Optional[str] = None,
                                     ssl_hpkp: Optional[str] = None,
                                     ssl_hpkp_age: Optional[float] = None,
                                     ssl_hpkp_backup: Optional[str] = None,
                                     ssl_hpkp_include_subdomains: Optional[str] = None,
                                     ssl_hpkp_primary: Optional[str] = None,
                                     ssl_hpkp_report_uri: Optional[str] = None,
                                     ssl_hsts: Optional[str] = None,
                                     ssl_hsts_age: Optional[float] = None,
                                     ssl_hsts_include_subdomains: Optional[str] = None,
                                     ssl_http_location_conversion: Optional[str] = None,
                                     ssl_http_match_host: Optional[str] = None,
                                     ssl_max_version: Optional[str] = None,
                                     ssl_min_version: Optional[str] = None,
                                     ssl_mode: Optional[str] = None,
                                     ssl_pfs: Optional[str] = None,
                                     ssl_send_empty_frags: Optional[str] = None,
                                     ssl_server_algorithm: Optional[str] = None,
                                     ssl_server_max_version: Optional[str] = None,
                                     ssl_server_min_version: Optional[str] = None,
                                     ssl_server_renegotiation: Optional[str] = None,
                                     ssl_server_session_state_max: Optional[float] = None,
                                     ssl_server_session_state_timeout: Optional[float] = None,
                                     ssl_server_session_state_type: Optional[str] = None,
                                     type: Optional[str] = None,
                                     uuid: Optional[str] = None,
                                     weblogic_server: Optional[str] = None,
                                     websphere_server: Optional[str] = None)

func NewObjectFirewallVip6DynamicMapping(ctx *Context, name string, args ObjectFirewallVip6DynamicMappingArgs, opts ...ResourceOption) (*ObjectFirewallVip6DynamicMapping, error)

public ObjectFirewallVip6DynamicMapping(string name, ObjectFirewallVip6DynamicMappingArgs args, CustomResourceOptions? opts = null)

public ObjectFirewallVip6DynamicMapping(String name, ObjectFirewallVip6DynamicMappingArgs args)
public ObjectFirewallVip6DynamicMapping(String name, ObjectFirewallVip6DynamicMappingArgs args, CustomResourceOptions options)

type: fortimanager:ObjectFirewallVip6DynamicMapping
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ObjectFirewallVip6DynamicMappingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ObjectFirewallVip6DynamicMappingInitArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ObjectFirewallVip6DynamicMappingArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ObjectFirewallVip6DynamicMappingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ObjectFirewallVip6DynamicMappingArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var objectFirewallVip6DynamicMappingResource = new Fortimanager.ObjectFirewallVip6DynamicMapping("objectFirewallVip6DynamicMappingResource", new()
{
    Vip6 = "string",
    _scopes = new[]
    {
        new Fortimanager.Inputs.ObjectFirewallVip6DynamicMapping_ScopeArgs
        {
            Name = "string",
            Vdom = "string",
        },
    },
    AddNat64Route = "string",
    Adom = "string",
    ArpReply = "string",
    Color = 0,
    Comment = "string",
    DynamicSortSubtable = "string",
    EmbeddedIpv4Address = "string",
    Extip = "string",
    Extport = "string",
    Fosid = 0,
    H2Support = "string",
    H3Support = "string",
    HttpCookieAge = 0,
    HttpCookieDomain = "string",
    HttpCookieDomainFromHost = "string",
    HttpCookieGeneration = 0,
    HttpCookiePath = "string",
    HttpCookieShare = "string",
    HttpIpHeader = "string",
    HttpIpHeaderName = "string",
    HttpMultiplex = "string",
    HttpRedirect = "string",
    HttpsCookieSecure = "string",
    Ipv4Mappedip = "string",
    Ipv4Mappedport = "string",
    LdbMethod = "string",
    Mappedip = "string",
    Mappedport = "string",
    MaxEmbryonicConnections = 0,
    Monitor = "string",
    Nat64 = "string",
    Nat66 = "string",
    NatSourceVip = "string",
    NdpReply = "string",
    ObjectFirewallVip6DynamicMappingId = "string",
    OutlookWebAccess = "string",
    Persistence = "string",
    Portforward = "string",
    Protocol = "string",
    Realservers = new[]
    {
        new Fortimanager.Inputs.ObjectFirewallVip6DynamicMappingRealserverArgs
        {
            ClientIp = "string",
            Healthcheck = "string",
            HolddownInterval = 0,
            HttpHost = "string",
            Id = 0,
            Ip = "string",
            MaxConnections = 0,
            Monitor = "string",
            Port = 0,
            Status = "string",
            TranslateHost = "string",
            Weight = 0,
        },
    },
    Scopetype = "string",
    ServerType = "string",
    SrcFilters = new[]
    {
        "string",
    },
    SrcVipFilter = "string",
    SslAcceptFfdheGroups = "string",
    SslAlgorithm = "string",
    SslCertificate = "string",
    SslCipherSuites = new[]
    {
        new Fortimanager.Inputs.ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs
        {
            Cipher = "string",
            Priority = 0,
            Versions = new[]
            {
                "string",
            },
        },
    },
    SslClientFallback = "string",
    SslClientRekeyCount = 0,
    SslClientRenegotiation = "string",
    SslClientSessionStateMax = 0,
    SslClientSessionStateTimeout = 0,
    SslClientSessionStateType = "string",
    SslDhBits = "string",
    SslHpkp = "string",
    SslHpkpAge = 0,
    SslHpkpBackup = "string",
    SslHpkpIncludeSubdomains = "string",
    SslHpkpPrimary = "string",
    SslHpkpReportUri = "string",
    SslHsts = "string",
    SslHstsAge = 0,
    SslHstsIncludeSubdomains = "string",
    SslHttpLocationConversion = "string",
    SslHttpMatchHost = "string",
    SslMaxVersion = "string",
    SslMinVersion = "string",
    SslMode = "string",
    SslPfs = "string",
    SslSendEmptyFrags = "string",
    SslServerAlgorithm = "string",
    SslServerMaxVersion = "string",
    SslServerMinVersion = "string",
    SslServerRenegotiation = "string",
    SslServerSessionStateMax = 0,
    SslServerSessionStateTimeout = 0,
    SslServerSessionStateType = "string",
    Type = "string",
    Uuid = "string",
    WeblogicServer = "string",
    WebsphereServer = "string",
});

example, err := fortimanager.NewObjectFirewallVip6DynamicMapping(ctx, "objectFirewallVip6DynamicMappingResource", &fortimanager.ObjectFirewallVip6DynamicMappingArgs{
Vip6: pulumi.String("string"),
_scopes: .ObjectFirewallVip6DynamicMapping_ScopeArray{
&.ObjectFirewallVip6DynamicMapping_ScopeArgs{
Name: pulumi.String("string"),
Vdom: pulumi.String("string"),
},
},
AddNat64Route: pulumi.String("string"),
Adom: pulumi.String("string"),
ArpReply: pulumi.String("string"),
Color: pulumi.Float64(0),
Comment: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
EmbeddedIpv4Address: pulumi.String("string"),
Extip: pulumi.String("string"),
Extport: pulumi.String("string"),
Fosid: pulumi.Float64(0),
H2Support: pulumi.String("string"),
H3Support: pulumi.String("string"),
HttpCookieAge: pulumi.Float64(0),
HttpCookieDomain: pulumi.String("string"),
HttpCookieDomainFromHost: pulumi.String("string"),
HttpCookieGeneration: pulumi.Float64(0),
HttpCookiePath: pulumi.String("string"),
HttpCookieShare: pulumi.String("string"),
HttpIpHeader: pulumi.String("string"),
HttpIpHeaderName: pulumi.String("string"),
HttpMultiplex: pulumi.String("string"),
HttpRedirect: pulumi.String("string"),
HttpsCookieSecure: pulumi.String("string"),
Ipv4Mappedip: pulumi.String("string"),
Ipv4Mappedport: pulumi.String("string"),
LdbMethod: pulumi.String("string"),
Mappedip: pulumi.String("string"),
Mappedport: pulumi.String("string"),
MaxEmbryonicConnections: pulumi.Float64(0),
Monitor: pulumi.String("string"),
Nat64: pulumi.String("string"),
Nat66: pulumi.String("string"),
NatSourceVip: pulumi.String("string"),
NdpReply: pulumi.String("string"),
ObjectFirewallVip6DynamicMappingId: pulumi.String("string"),
OutlookWebAccess: pulumi.String("string"),
Persistence: pulumi.String("string"),
Portforward: pulumi.String("string"),
Protocol: pulumi.String("string"),
Realservers: .ObjectFirewallVip6DynamicMappingRealserverArray{
&.ObjectFirewallVip6DynamicMappingRealserverArgs{
ClientIp: pulumi.String("string"),
Healthcheck: pulumi.String("string"),
HolddownInterval: pulumi.Float64(0),
HttpHost: pulumi.String("string"),
Id: pulumi.Float64(0),
Ip: pulumi.String("string"),
MaxConnections: pulumi.Float64(0),
Monitor: pulumi.String("string"),
Port: pulumi.Float64(0),
Status: pulumi.String("string"),
TranslateHost: pulumi.String("string"),
Weight: pulumi.Float64(0),
},
},
Scopetype: pulumi.String("string"),
ServerType: pulumi.String("string"),
SrcFilters: pulumi.StringArray{
pulumi.String("string"),
},
SrcVipFilter: pulumi.String("string"),
SslAcceptFfdheGroups: pulumi.String("string"),
SslAlgorithm: pulumi.String("string"),
SslCertificate: pulumi.String("string"),
SslCipherSuites: .ObjectFirewallVip6DynamicMappingSslCipherSuiteArray{
&.ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs{
Cipher: pulumi.String("string"),
Priority: pulumi.Float64(0),
Versions: pulumi.StringArray{
pulumi.String("string"),
},
},
},
SslClientFallback: pulumi.String("string"),
SslClientRekeyCount: pulumi.Float64(0),
SslClientRenegotiation: pulumi.String("string"),
SslClientSessionStateMax: pulumi.Float64(0),
SslClientSessionStateTimeout: pulumi.Float64(0),
SslClientSessionStateType: pulumi.String("string"),
SslDhBits: pulumi.String("string"),
SslHpkp: pulumi.String("string"),
SslHpkpAge: pulumi.Float64(0),
SslHpkpBackup: pulumi.String("string"),
SslHpkpIncludeSubdomains: pulumi.String("string"),
SslHpkpPrimary: pulumi.String("string"),
SslHpkpReportUri: pulumi.String("string"),
SslHsts: pulumi.String("string"),
SslHstsAge: pulumi.Float64(0),
SslHstsIncludeSubdomains: pulumi.String("string"),
SslHttpLocationConversion: pulumi.String("string"),
SslHttpMatchHost: pulumi.String("string"),
SslMaxVersion: pulumi.String("string"),
SslMinVersion: pulumi.String("string"),
SslMode: pulumi.String("string"),
SslPfs: pulumi.String("string"),
SslSendEmptyFrags: pulumi.String("string"),
SslServerAlgorithm: pulumi.String("string"),
SslServerMaxVersion: pulumi.String("string"),
SslServerMinVersion: pulumi.String("string"),
SslServerRenegotiation: pulumi.String("string"),
SslServerSessionStateMax: pulumi.Float64(0),
SslServerSessionStateTimeout: pulumi.Float64(0),
SslServerSessionStateType: pulumi.String("string"),
Type: pulumi.String("string"),
Uuid: pulumi.String("string"),
WeblogicServer: pulumi.String("string"),
WebsphereServer: pulumi.String("string"),
})

var objectFirewallVip6DynamicMappingResource = new ObjectFirewallVip6DynamicMapping("objectFirewallVip6DynamicMappingResource", ObjectFirewallVip6DynamicMappingArgs.builder()
    .vip6("string")
    ._scopes(ObjectFirewallVip6DynamicMapping_ScopeArgs.builder()
        .name("string")
        .vdom("string")
        .build())
    .addNat64Route("string")
    .adom("string")
    .arpReply("string")
    .color(0)
    .comment("string")
    .dynamicSortSubtable("string")
    .embeddedIpv4Address("string")
    .extip("string")
    .extport("string")
    .fosid(0)
    .h2Support("string")
    .h3Support("string")
    .httpCookieAge(0)
    .httpCookieDomain("string")
    .httpCookieDomainFromHost("string")
    .httpCookieGeneration(0)
    .httpCookiePath("string")
    .httpCookieShare("string")
    .httpIpHeader("string")
    .httpIpHeaderName("string")
    .httpMultiplex("string")
    .httpRedirect("string")
    .httpsCookieSecure("string")
    .ipv4Mappedip("string")
    .ipv4Mappedport("string")
    .ldbMethod("string")
    .mappedip("string")
    .mappedport("string")
    .maxEmbryonicConnections(0)
    .monitor("string")
    .nat64("string")
    .nat66("string")
    .natSourceVip("string")
    .ndpReply("string")
    .objectFirewallVip6DynamicMappingId("string")
    .outlookWebAccess("string")
    .persistence("string")
    .portforward("string")
    .protocol("string")
    .realservers(ObjectFirewallVip6DynamicMappingRealserverArgs.builder()
        .clientIp("string")
        .healthcheck("string")
        .holddownInterval(0)
        .httpHost("string")
        .id(0)
        .ip("string")
        .maxConnections(0)
        .monitor("string")
        .port(0)
        .status("string")
        .translateHost("string")
        .weight(0)
        .build())
    .scopetype("string")
    .serverType("string")
    .srcFilters("string")
    .srcVipFilter("string")
    .sslAcceptFfdheGroups("string")
    .sslAlgorithm("string")
    .sslCertificate("string")
    .sslCipherSuites(ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs.builder()
        .cipher("string")
        .priority(0)
        .versions("string")
        .build())
    .sslClientFallback("string")
    .sslClientRekeyCount(0)
    .sslClientRenegotiation("string")
    .sslClientSessionStateMax(0)
    .sslClientSessionStateTimeout(0)
    .sslClientSessionStateType("string")
    .sslDhBits("string")
    .sslHpkp("string")
    .sslHpkpAge(0)
    .sslHpkpBackup("string")
    .sslHpkpIncludeSubdomains("string")
    .sslHpkpPrimary("string")
    .sslHpkpReportUri("string")
    .sslHsts("string")
    .sslHstsAge(0)
    .sslHstsIncludeSubdomains("string")
    .sslHttpLocationConversion("string")
    .sslHttpMatchHost("string")
    .sslMaxVersion("string")
    .sslMinVersion("string")
    .sslMode("string")
    .sslPfs("string")
    .sslSendEmptyFrags("string")
    .sslServerAlgorithm("string")
    .sslServerMaxVersion("string")
    .sslServerMinVersion("string")
    .sslServerRenegotiation("string")
    .sslServerSessionStateMax(0)
    .sslServerSessionStateTimeout(0)
    .sslServerSessionStateType("string")
    .type("string")
    .uuid("string")
    .weblogicServer("string")
    .websphereServer("string")
    .build());

object_firewall_vip6_dynamic_mapping_resource = fortimanager.ObjectFirewallVip6DynamicMapping("objectFirewallVip6DynamicMappingResource",
    vip6="string",
    _scopes=[{
        "name": "string",
        "vdom": "string",
    }],
    add_nat64_route="string",
    adom="string",
    arp_reply="string",
    color=0,
    comment="string",
    dynamic_sort_subtable="string",
    embedded_ipv4_address="string",
    extip="string",
    extport="string",
    fosid=0,
    h2_support="string",
    h3_support="string",
    http_cookie_age=0,
    http_cookie_domain="string",
    http_cookie_domain_from_host="string",
    http_cookie_generation=0,
    http_cookie_path="string",
    http_cookie_share="string",
    http_ip_header="string",
    http_ip_header_name="string",
    http_multiplex="string",
    http_redirect="string",
    https_cookie_secure="string",
    ipv4_mappedip="string",
    ipv4_mappedport="string",
    ldb_method="string",
    mappedip="string",
    mappedport="string",
    max_embryonic_connections=0,
    monitor="string",
    nat64="string",
    nat66="string",
    nat_source_vip="string",
    ndp_reply="string",
    object_firewall_vip6_dynamic_mapping_id="string",
    outlook_web_access="string",
    persistence="string",
    portforward="string",
    protocol="string",
    realservers=[{
        "client_ip": "string",
        "healthcheck": "string",
        "holddown_interval": 0,
        "http_host": "string",
        "id": 0,
        "ip": "string",
        "max_connections": 0,
        "monitor": "string",
        "port": 0,
        "status": "string",
        "translate_host": "string",
        "weight": 0,
    }],
    scopetype="string",
    server_type="string",
    src_filters=["string"],
    src_vip_filter="string",
    ssl_accept_ffdhe_groups="string",
    ssl_algorithm="string",
    ssl_certificate="string",
    ssl_cipher_suites=[{
        "cipher": "string",
        "priority": 0,
        "versions": ["string"],
    }],
    ssl_client_fallback="string",
    ssl_client_rekey_count=0,
    ssl_client_renegotiation="string",
    ssl_client_session_state_max=0,
    ssl_client_session_state_timeout=0,
    ssl_client_session_state_type="string",
    ssl_dh_bits="string",
    ssl_hpkp="string",
    ssl_hpkp_age=0,
    ssl_hpkp_backup="string",
    ssl_hpkp_include_subdomains="string",
    ssl_hpkp_primary="string",
    ssl_hpkp_report_uri="string",
    ssl_hsts="string",
    ssl_hsts_age=0,
    ssl_hsts_include_subdomains="string",
    ssl_http_location_conversion="string",
    ssl_http_match_host="string",
    ssl_max_version="string",
    ssl_min_version="string",
    ssl_mode="string",
    ssl_pfs="string",
    ssl_send_empty_frags="string",
    ssl_server_algorithm="string",
    ssl_server_max_version="string",
    ssl_server_min_version="string",
    ssl_server_renegotiation="string",
    ssl_server_session_state_max=0,
    ssl_server_session_state_timeout=0,
    ssl_server_session_state_type="string",
    type="string",
    uuid="string",
    weblogic_server="string",
    websphere_server="string")

const objectFirewallVip6DynamicMappingResource = new fortimanager.ObjectFirewallVip6DynamicMapping("objectFirewallVip6DynamicMappingResource", {
    vip6: "string",
    _scopes: [{
        name: "string",
        vdom: "string",
    }],
    addNat64Route: "string",
    adom: "string",
    arpReply: "string",
    color: 0,
    comment: "string",
    dynamicSortSubtable: "string",
    embeddedIpv4Address: "string",
    extip: "string",
    extport: "string",
    fosid: 0,
    h2Support: "string",
    h3Support: "string",
    httpCookieAge: 0,
    httpCookieDomain: "string",
    httpCookieDomainFromHost: "string",
    httpCookieGeneration: 0,
    httpCookiePath: "string",
    httpCookieShare: "string",
    httpIpHeader: "string",
    httpIpHeaderName: "string",
    httpMultiplex: "string",
    httpRedirect: "string",
    httpsCookieSecure: "string",
    ipv4Mappedip: "string",
    ipv4Mappedport: "string",
    ldbMethod: "string",
    mappedip: "string",
    mappedport: "string",
    maxEmbryonicConnections: 0,
    monitor: "string",
    nat64: "string",
    nat66: "string",
    natSourceVip: "string",
    ndpReply: "string",
    objectFirewallVip6DynamicMappingId: "string",
    outlookWebAccess: "string",
    persistence: "string",
    portforward: "string",
    protocol: "string",
    realservers: [{
        clientIp: "string",
        healthcheck: "string",
        holddownInterval: 0,
        httpHost: "string",
        id: 0,
        ip: "string",
        maxConnections: 0,
        monitor: "string",
        port: 0,
        status: "string",
        translateHost: "string",
        weight: 0,
    }],
    scopetype: "string",
    serverType: "string",
    srcFilters: ["string"],
    srcVipFilter: "string",
    sslAcceptFfdheGroups: "string",
    sslAlgorithm: "string",
    sslCertificate: "string",
    sslCipherSuites: [{
        cipher: "string",
        priority: 0,
        versions: ["string"],
    }],
    sslClientFallback: "string",
    sslClientRekeyCount: 0,
    sslClientRenegotiation: "string",
    sslClientSessionStateMax: 0,
    sslClientSessionStateTimeout: 0,
    sslClientSessionStateType: "string",
    sslDhBits: "string",
    sslHpkp: "string",
    sslHpkpAge: 0,
    sslHpkpBackup: "string",
    sslHpkpIncludeSubdomains: "string",
    sslHpkpPrimary: "string",
    sslHpkpReportUri: "string",
    sslHsts: "string",
    sslHstsAge: 0,
    sslHstsIncludeSubdomains: "string",
    sslHttpLocationConversion: "string",
    sslHttpMatchHost: "string",
    sslMaxVersion: "string",
    sslMinVersion: "string",
    sslMode: "string",
    sslPfs: "string",
    sslSendEmptyFrags: "string",
    sslServerAlgorithm: "string",
    sslServerMaxVersion: "string",
    sslServerMinVersion: "string",
    sslServerRenegotiation: "string",
    sslServerSessionStateMax: 0,
    sslServerSessionStateTimeout: 0,
    sslServerSessionStateType: "string",
    type: "string",
    uuid: "string",
    weblogicServer: "string",
    websphereServer: "string",
});

type: fortimanager:ObjectFirewallVip6DynamicMapping
properties:
    _scopes:
        - name: string
          vdom: string
    addNat64Route: string
    adom: string
    arpReply: string
    color: 0
    comment: string
    dynamicSortSubtable: string
    embeddedIpv4Address: string
    extip: string
    extport: string
    fosid: 0
    h2Support: string
    h3Support: string
    httpCookieAge: 0
    httpCookieDomain: string
    httpCookieDomainFromHost: string
    httpCookieGeneration: 0
    httpCookiePath: string
    httpCookieShare: string
    httpIpHeader: string
    httpIpHeaderName: string
    httpMultiplex: string
    httpRedirect: string
    httpsCookieSecure: string
    ipv4Mappedip: string
    ipv4Mappedport: string
    ldbMethod: string
    mappedip: string
    mappedport: string
    maxEmbryonicConnections: 0
    monitor: string
    nat64: string
    nat66: string
    natSourceVip: string
    ndpReply: string
    objectFirewallVip6DynamicMappingId: string
    outlookWebAccess: string
    persistence: string
    portforward: string
    protocol: string
    realservers:
        - clientIp: string
          healthcheck: string
          holddownInterval: 0
          httpHost: string
          id: 0
          ip: string
          maxConnections: 0
          monitor: string
          port: 0
          status: string
          translateHost: string
          weight: 0
    scopetype: string
    serverType: string
    srcFilters:
        - string
    srcVipFilter: string
    sslAcceptFfdheGroups: string
    sslAlgorithm: string
    sslCertificate: string
    sslCipherSuites:
        - cipher: string
          priority: 0
          versions:
            - string
    sslClientFallback: string
    sslClientRekeyCount: 0
    sslClientRenegotiation: string
    sslClientSessionStateMax: 0
    sslClientSessionStateTimeout: 0
    sslClientSessionStateType: string
    sslDhBits: string
    sslHpkp: string
    sslHpkpAge: 0
    sslHpkpBackup: string
    sslHpkpIncludeSubdomains: string
    sslHpkpPrimary: string
    sslHpkpReportUri: string
    sslHsts: string
    sslHstsAge: 0
    sslHstsIncludeSubdomains: string
    sslHttpLocationConversion: string
    sslHttpMatchHost: string
    sslMaxVersion: string
    sslMinVersion: string
    sslMode: string
    sslPfs: string
    sslSendEmptyFrags: string
    sslServerAlgorithm: string
    sslServerMaxVersion: string
    sslServerMinVersion: string
    sslServerRenegotiation: string
    sslServerSessionStateMax: 0
    sslServerSessionStateTimeout: 0
    sslServerSessionStateType: string
    type: string
    uuid: string
    vip6: string
    weblogicServer: string
    websphereServer: string

ObjectFirewallVip6DynamicMapping Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ObjectFirewallVip6DynamicMapping resource accepts the following input properties:

Vip6 string: Vip6.
AddNat64Route string: Enable/disable adding NAT64 route. Valid values: disable, enable.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
ArpReply string: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
Color double: Color of icon on the GUI.
Comment string: Comment.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
EmbeddedIpv4Address string: Enable/disable embedded IPv4 address. Valid values: disable, enable.
Extip string: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
Extport string: Incoming port number range that you want to map to a port number range on the destination network.
Fosid double: Custom defined ID.
H2Support string: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
H3Support string: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
HttpCookieAge double: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
HttpCookieDomain string: Domain that HTTP cookie persistence should apply to.
HttpCookieDomainFromHost string: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
HttpCookieGeneration double: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
HttpCookiePath string: Limit HTTP cookie persistence to the specified path.
HttpCookieShare string: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
HttpIpHeader string: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
HttpIpHeaderName string: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
HttpMultiplex string: Enable/disable HTTP multiplexing. Valid values: disable, enable.
HttpRedirect string: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
HttpsCookieSecure string: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
Ipv4Mappedip string: Start-mapped-IPv4-address [-end mapped-IPv4-address].
Ipv4Mappedport string: IPv4 port number range on the destination network to which the external port number range is mapped.
LdbMethod string: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
Mappedip string: Mapped IP address range in the format startIP-endIP.
Mappedport string: Port number range on the destination network to which the external port number range is mapped.
MaxEmbryonicConnections double: Maximum number of incomplete connections.
Monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
Nat64 string: Enable/disable DNAT64. Valid values: disable, enable.
Nat66 string: Enable/disable DNAT66. Valid values: disable, enable.
NatSourceVip string: Nat-Source-Vip. Valid values: disable, enable.
NdpReply string: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
ObjectFirewallVip6DynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
OutlookWebAccess string: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
Persistence string: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
Portforward string: Enable port forwarding. Valid values: disable, enable.
Protocol string: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
Realservers List<ObjectFirewallVip6DynamicMappingRealserver>: Realservers. The structure of realservers block is documented below.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
ServerType string: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
SrcFilters List<string>: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
SrcVipFilter string: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
SslAcceptFfdheGroups string: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
SslAlgorithm string: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
SslCertificate string: The name of the SSL certificate to use for SSL acceleration.
SslCipherSuites List<ObjectFirewallVip6DynamicMappingSslCipherSuite>: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
SslClientFallback string: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
SslClientRekeyCount double: Maximum length of data in MB before triggering a client rekey (0 = disable).
SslClientRenegotiation string: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
SslClientSessionStateMax double: Maximum number of client to FortiGate SSL session states to keep.
SslClientSessionStateTimeout double: Number of minutes to keep client to FortiGate SSL session state.
SslClientSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
SslDhBits string: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
SslHpkp string: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
SslHpkpAge double: Number of minutes the web browser should keep HPKP.
SslHpkpBackup string: Certificate to generate backup HPKP pin from.
SslHpkpIncludeSubdomains string: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
SslHpkpPrimary string: Certificate to generate primary HPKP pin from.
SslHpkpReportUri string: URL to report HPKP violations to.
SslHsts string: Enable/disable including HSTS header in response. Valid values: disable, enable.
SslHstsAge double: Number of seconds the client should honour the HSTS setting.
SslHstsIncludeSubdomains string: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
SslHttpLocationConversion string: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
SslHttpMatchHost string: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
SslMaxVersion string: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
SslMinVersion string: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
SslMode string: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
SslPfs string: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
SslSendEmptyFrags string: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
SslServerAlgorithm string: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
SslServerMaxVersion string: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
SslServerMinVersion string: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
SslServerRenegotiation string: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
SslServerSessionStateMax double: Maximum number of FortiGate to Server SSL session states to keep.
SslServerSessionStateTimeout double: Number of minutes to keep FortiGate to Server SSL session state.
SslServerSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
Type string: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
WeblogicServer string: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
WebsphereServer string: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.
_scopes List<ObjectFirewallVip6DynamicMapping_Scope>: _Scope. The structure of _scope block is documented below.

Vip6 string: Vip6.
AddNat64Route string: Enable/disable adding NAT64 route. Valid values: disable, enable.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
ArpReply string: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
Color float64: Color of icon on the GUI.
Comment string: Comment.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
EmbeddedIpv4Address string: Enable/disable embedded IPv4 address. Valid values: disable, enable.
Extip string: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
Extport string: Incoming port number range that you want to map to a port number range on the destination network.
Fosid float64: Custom defined ID.
H2Support string: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
H3Support string: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
HttpCookieAge float64: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
HttpCookieDomain string: Domain that HTTP cookie persistence should apply to.
HttpCookieDomainFromHost string: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
HttpCookieGeneration float64: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
HttpCookiePath string: Limit HTTP cookie persistence to the specified path.
HttpCookieShare string: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
HttpIpHeader string: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
HttpIpHeaderName string: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
HttpMultiplex string: Enable/disable HTTP multiplexing. Valid values: disable, enable.
HttpRedirect string: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
HttpsCookieSecure string: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
Ipv4Mappedip string: Start-mapped-IPv4-address [-end mapped-IPv4-address].
Ipv4Mappedport string: IPv4 port number range on the destination network to which the external port number range is mapped.
LdbMethod string: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
Mappedip string: Mapped IP address range in the format startIP-endIP.
Mappedport string: Port number range on the destination network to which the external port number range is mapped.
MaxEmbryonicConnections float64: Maximum number of incomplete connections.
Monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
Nat64 string: Enable/disable DNAT64. Valid values: disable, enable.
Nat66 string: Enable/disable DNAT66. Valid values: disable, enable.
NatSourceVip string: Nat-Source-Vip. Valid values: disable, enable.
NdpReply string: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
ObjectFirewallVip6DynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
OutlookWebAccess string: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
Persistence string: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
Portforward string: Enable port forwarding. Valid values: disable, enable.
Protocol string: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
Realservers []ObjectFirewallVip6DynamicMappingRealserverArgs: Realservers. The structure of realservers block is documented below.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
ServerType string: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
SrcFilters []string: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
SrcVipFilter string: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
SslAcceptFfdheGroups string: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
SslAlgorithm string: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
SslCertificate string: The name of the SSL certificate to use for SSL acceleration.
SslCipherSuites []ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
SslClientFallback string: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
SslClientRekeyCount float64: Maximum length of data in MB before triggering a client rekey (0 = disable).
SslClientRenegotiation string: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
SslClientSessionStateMax float64: Maximum number of client to FortiGate SSL session states to keep.
SslClientSessionStateTimeout float64: Number of minutes to keep client to FortiGate SSL session state.
SslClientSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
SslDhBits string: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
SslHpkp string: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
SslHpkpAge float64: Number of minutes the web browser should keep HPKP.
SslHpkpBackup string: Certificate to generate backup HPKP pin from.
SslHpkpIncludeSubdomains string: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
SslHpkpPrimary string: Certificate to generate primary HPKP pin from.
SslHpkpReportUri string: URL to report HPKP violations to.
SslHsts string: Enable/disable including HSTS header in response. Valid values: disable, enable.
SslHstsAge float64: Number of seconds the client should honour the HSTS setting.
SslHstsIncludeSubdomains string: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
SslHttpLocationConversion string: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
SslHttpMatchHost string: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
SslMaxVersion string: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
SslMinVersion string: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
SslMode string: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
SslPfs string: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
SslSendEmptyFrags string: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
SslServerAlgorithm string: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
SslServerMaxVersion string: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
SslServerMinVersion string: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
SslServerRenegotiation string: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
SslServerSessionStateMax float64: Maximum number of FortiGate to Server SSL session states to keep.
SslServerSessionStateTimeout float64: Number of minutes to keep FortiGate to Server SSL session state.
SslServerSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
Type string: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
WeblogicServer string: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
WebsphereServer string: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.
_scopes []ObjectFirewallVip6DynamicMapping_ScopeArgs: _Scope. The structure of _scope block is documented below.

vip6 String: Vip6.
_scopes List<ObjectFirewallVip6DynamicMapping_Scope>: _Scope. The structure of _scope block is documented below.
addNat64Route String: Enable/disable adding NAT64 route. Valid values: disable, enable.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
arpReply String: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
color Double: Color of icon on the GUI.
comment String: Comment.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
embeddedIpv4Address String: Enable/disable embedded IPv4 address. Valid values: disable, enable.
extip String: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
extport String: Incoming port number range that you want to map to a port number range on the destination network.
fosid Double: Custom defined ID.
h2Support String: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
h3Support String: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
httpCookieAge Double: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
httpCookieDomain String: Domain that HTTP cookie persistence should apply to.
httpCookieDomainFromHost String: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
httpCookieGeneration Double: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
httpCookiePath String: Limit HTTP cookie persistence to the specified path.
httpCookieShare String: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
httpIpHeader String: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
httpIpHeaderName String: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
httpMultiplex String: Enable/disable HTTP multiplexing. Valid values: disable, enable.
httpRedirect String: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
httpsCookieSecure String: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
ipv4Mappedip String: Start-mapped-IPv4-address [-end mapped-IPv4-address].
ipv4Mappedport String: IPv4 port number range on the destination network to which the external port number range is mapped.
ldbMethod String: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
mappedip String: Mapped IP address range in the format startIP-endIP.
mappedport String: Port number range on the destination network to which the external port number range is mapped.
maxEmbryonicConnections Double: Maximum number of incomplete connections.
monitor String: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
nat64 String: Enable/disable DNAT64. Valid values: disable, enable.
nat66 String: Enable/disable DNAT66. Valid values: disable, enable.
natSourceVip String: Nat-Source-Vip. Valid values: disable, enable.
ndpReply String: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
objectFirewallVip6DynamicMappingId String: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
outlookWebAccess String: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
persistence String: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
portforward String: Enable port forwarding. Valid values: disable, enable.
protocol String: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
realservers List<ObjectFirewallVip6DynamicMappingRealserver>: Realservers. The structure of realservers block is documented below.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
serverType String: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
srcFilters List<String>: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
srcVipFilter String: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
sslAcceptFfdheGroups String: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
sslAlgorithm String: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
sslCertificate String: The name of the SSL certificate to use for SSL acceleration.
sslCipherSuites List<ObjectFirewallVip6DynamicMappingSslCipherSuite>: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
sslClientFallback String: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
sslClientRekeyCount Double: Maximum length of data in MB before triggering a client rekey (0 = disable).
sslClientRenegotiation String: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
sslClientSessionStateMax Double: Maximum number of client to FortiGate SSL session states to keep.
sslClientSessionStateTimeout Double: Number of minutes to keep client to FortiGate SSL session state.
sslClientSessionStateType String: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
sslDhBits String: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
sslHpkp String: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
sslHpkpAge Double: Number of minutes the web browser should keep HPKP.
sslHpkpBackup String: Certificate to generate backup HPKP pin from.
sslHpkpIncludeSubdomains String: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
sslHpkpPrimary String: Certificate to generate primary HPKP pin from.
sslHpkpReportUri String: URL to report HPKP violations to.
sslHsts String: Enable/disable including HSTS header in response. Valid values: disable, enable.
sslHstsAge Double: Number of seconds the client should honour the HSTS setting.
sslHstsIncludeSubdomains String: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
sslHttpLocationConversion String: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
sslHttpMatchHost String: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
sslMaxVersion String: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMinVersion String: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMode String: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
sslPfs String: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
sslSendEmptyFrags String: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
sslServerAlgorithm String: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
sslServerMaxVersion String: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerMinVersion String: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerRenegotiation String: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
sslServerSessionStateMax Double: Maximum number of FortiGate to Server SSL session states to keep.
sslServerSessionStateTimeout Double: Number of minutes to keep FortiGate to Server SSL session state.
sslServerSessionStateType String: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
type String: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
weblogicServer String: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
websphereServer String: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.

vip6 string: Vip6.
_scopes ObjectFirewallVip6DynamicMapping_Scope[]: _Scope. The structure of _scope block is documented below.
addNat64Route string: Enable/disable adding NAT64 route. Valid values: disable, enable.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
arpReply string: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
color number: Color of icon on the GUI.
comment string: Comment.
dynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
embeddedIpv4Address string: Enable/disable embedded IPv4 address. Valid values: disable, enable.
extip string: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
extport string: Incoming port number range that you want to map to a port number range on the destination network.
fosid number: Custom defined ID.
h2Support string: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
h3Support string: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
httpCookieAge number: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
httpCookieDomain string: Domain that HTTP cookie persistence should apply to.
httpCookieDomainFromHost string: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
httpCookieGeneration number: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
httpCookiePath string: Limit HTTP cookie persistence to the specified path.
httpCookieShare string: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
httpIpHeader string: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
httpIpHeaderName string: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
httpMultiplex string: Enable/disable HTTP multiplexing. Valid values: disable, enable.
httpRedirect string: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
httpsCookieSecure string: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
ipv4Mappedip string: Start-mapped-IPv4-address [-end mapped-IPv4-address].
ipv4Mappedport string: IPv4 port number range on the destination network to which the external port number range is mapped.
ldbMethod string: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
mappedip string: Mapped IP address range in the format startIP-endIP.
mappedport string: Port number range on the destination network to which the external port number range is mapped.
maxEmbryonicConnections number: Maximum number of incomplete connections.
monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
nat64 string: Enable/disable DNAT64. Valid values: disable, enable.
nat66 string: Enable/disable DNAT66. Valid values: disable, enable.
natSourceVip string: Nat-Source-Vip. Valid values: disable, enable.
ndpReply string: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
objectFirewallVip6DynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
outlookWebAccess string: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
persistence string: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
portforward string: Enable port forwarding. Valid values: disable, enable.
protocol string: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
realservers ObjectFirewallVip6DynamicMappingRealserver[]: Realservers. The structure of realservers block is documented below.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
serverType string: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
srcFilters string[]: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
srcVipFilter string: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
sslAcceptFfdheGroups string: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
sslAlgorithm string: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
sslCertificate string: The name of the SSL certificate to use for SSL acceleration.
sslCipherSuites ObjectFirewallVip6DynamicMappingSslCipherSuite[]: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
sslClientFallback string: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
sslClientRekeyCount number: Maximum length of data in MB before triggering a client rekey (0 = disable).
sslClientRenegotiation string: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
sslClientSessionStateMax number: Maximum number of client to FortiGate SSL session states to keep.
sslClientSessionStateTimeout number: Number of minutes to keep client to FortiGate SSL session state.
sslClientSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
sslDhBits string: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
sslHpkp string: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
sslHpkpAge number: Number of minutes the web browser should keep HPKP.
sslHpkpBackup string: Certificate to generate backup HPKP pin from.
sslHpkpIncludeSubdomains string: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
sslHpkpPrimary string: Certificate to generate primary HPKP pin from.
sslHpkpReportUri string: URL to report HPKP violations to.
sslHsts string: Enable/disable including HSTS header in response. Valid values: disable, enable.
sslHstsAge number: Number of seconds the client should honour the HSTS setting.
sslHstsIncludeSubdomains string: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
sslHttpLocationConversion string: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
sslHttpMatchHost string: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
sslMaxVersion string: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMinVersion string: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMode string: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
sslPfs string: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
sslSendEmptyFrags string: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
sslServerAlgorithm string: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
sslServerMaxVersion string: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerMinVersion string: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerRenegotiation string: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
sslServerSessionStateMax number: Maximum number of FortiGate to Server SSL session states to keep.
sslServerSessionStateTimeout number: Number of minutes to keep FortiGate to Server SSL session state.
sslServerSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
type string: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
weblogicServer string: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
websphereServer string: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.

vip6 str: Vip6.
_scopes Sequence[ObjectFirewallVip6DynamicMapping_ScopeArgs]: _Scope. The structure of _scope block is documented below.
add_nat64_route str: Enable/disable adding NAT64 route. Valid values: disable, enable.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
arp_reply str: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
color float: Color of icon on the GUI.
comment str: Comment.
dynamic_sort_subtable str: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
embedded_ipv4_address str: Enable/disable embedded IPv4 address. Valid values: disable, enable.
extip str: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
extport str: Incoming port number range that you want to map to a port number range on the destination network.
fosid float: Custom defined ID.
h2_support str: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
h3_support str: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
http_cookie_age float: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
http_cookie_domain str: Domain that HTTP cookie persistence should apply to.
http_cookie_domain_from_host str: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
http_cookie_generation float: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
http_cookie_path str: Limit HTTP cookie persistence to the specified path.
http_cookie_share str: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
http_ip_header str: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
http_ip_header_name str: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
http_multiplex str: Enable/disable HTTP multiplexing. Valid values: disable, enable.
http_redirect str: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
https_cookie_secure str: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
ipv4_mappedip str: Start-mapped-IPv4-address [-end mapped-IPv4-address].
ipv4_mappedport str: IPv4 port number range on the destination network to which the external port number range is mapped.
ldb_method str: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
mappedip str: Mapped IP address range in the format startIP-endIP.
mappedport str: Port number range on the destination network to which the external port number range is mapped.
max_embryonic_connections float: Maximum number of incomplete connections.
monitor str: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
nat64 str: Enable/disable DNAT64. Valid values: disable, enable.
nat66 str: Enable/disable DNAT66. Valid values: disable, enable.
nat_source_vip str: Nat-Source-Vip. Valid values: disable, enable.
ndp_reply str: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
object_firewall_vip6_dynamic_mapping_id str: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
outlook_web_access str: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
persistence str: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
portforward str: Enable port forwarding. Valid values: disable, enable.
protocol str: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
realservers Sequence[ObjectFirewallVip6DynamicMappingRealserverArgs]: Realservers. The structure of realservers block is documented below.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
server_type str: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
src_filters Sequence[str]: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
src_vip_filter str: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
ssl_accept_ffdhe_groups str: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
ssl_algorithm str: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
ssl_certificate str: The name of the SSL certificate to use for SSL acceleration.
ssl_cipher_suites Sequence[ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs]: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
ssl_client_fallback str: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
ssl_client_rekey_count float: Maximum length of data in MB before triggering a client rekey (0 = disable).
ssl_client_renegotiation str: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
ssl_client_session_state_max float: Maximum number of client to FortiGate SSL session states to keep.
ssl_client_session_state_timeout float: Number of minutes to keep client to FortiGate SSL session state.
ssl_client_session_state_type str: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
ssl_dh_bits str: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
ssl_hpkp str: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
ssl_hpkp_age float: Number of minutes the web browser should keep HPKP.
ssl_hpkp_backup str: Certificate to generate backup HPKP pin from.
ssl_hpkp_include_subdomains str: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
ssl_hpkp_primary str: Certificate to generate primary HPKP pin from.
ssl_hpkp_report_uri str: URL to report HPKP violations to.
ssl_hsts str: Enable/disable including HSTS header in response. Valid values: disable, enable.
ssl_hsts_age float: Number of seconds the client should honour the HSTS setting.
ssl_hsts_include_subdomains str: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
ssl_http_location_conversion str: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
ssl_http_match_host str: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
ssl_max_version str: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ssl_min_version str: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ssl_mode str: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
ssl_pfs str: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
ssl_send_empty_frags str: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
ssl_server_algorithm str: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
ssl_server_max_version str: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
ssl_server_min_version str: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
ssl_server_renegotiation str: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
ssl_server_session_state_max float: Maximum number of FortiGate to Server SSL session states to keep.
ssl_server_session_state_timeout float: Number of minutes to keep FortiGate to Server SSL session state.
ssl_server_session_state_type str: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
type str: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
weblogic_server str: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
websphere_server str: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.

vip6 String: Vip6.
_scopes List<Property Map>: _Scope. The structure of _scope block is documented below.
addNat64Route String: Enable/disable adding NAT64 route. Valid values: disable, enable.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
arpReply String: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
color Number: Color of icon on the GUI.
comment String: Comment.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
embeddedIpv4Address String: Enable/disable embedded IPv4 address. Valid values: disable, enable.
extip String: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
extport String: Incoming port number range that you want to map to a port number range on the destination network.
fosid Number: Custom defined ID.
h2Support String: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
h3Support String: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
httpCookieAge Number: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
httpCookieDomain String: Domain that HTTP cookie persistence should apply to.
httpCookieDomainFromHost String: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
httpCookieGeneration Number: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
httpCookiePath String: Limit HTTP cookie persistence to the specified path.
httpCookieShare String: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
httpIpHeader String: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
httpIpHeaderName String: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
httpMultiplex String: Enable/disable HTTP multiplexing. Valid values: disable, enable.
httpRedirect String: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
httpsCookieSecure String: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
ipv4Mappedip String: Start-mapped-IPv4-address [-end mapped-IPv4-address].
ipv4Mappedport String: IPv4 port number range on the destination network to which the external port number range is mapped.
ldbMethod String: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
mappedip String: Mapped IP address range in the format startIP-endIP.
mappedport String: Port number range on the destination network to which the external port number range is mapped.
maxEmbryonicConnections Number: Maximum number of incomplete connections.
monitor String: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
nat64 String: Enable/disable DNAT64. Valid values: disable, enable.
nat66 String: Enable/disable DNAT66. Valid values: disable, enable.
natSourceVip String: Nat-Source-Vip. Valid values: disable, enable.
ndpReply String: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
objectFirewallVip6DynamicMappingId String: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
outlookWebAccess String: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
persistence String: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
portforward String: Enable port forwarding. Valid values: disable, enable.
protocol String: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
realservers List<Property Map>: Realservers. The structure of realservers block is documented below.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
serverType String: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
srcFilters List<String>: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
srcVipFilter String: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
sslAcceptFfdheGroups String: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
sslAlgorithm String: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
sslCertificate String: The name of the SSL certificate to use for SSL acceleration.
sslCipherSuites List<Property Map>: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
sslClientFallback String: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
sslClientRekeyCount Number: Maximum length of data in MB before triggering a client rekey (0 = disable).
sslClientRenegotiation String: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
sslClientSessionStateMax Number: Maximum number of client to FortiGate SSL session states to keep.
sslClientSessionStateTimeout Number: Number of minutes to keep client to FortiGate SSL session state.
sslClientSessionStateType String: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
sslDhBits String: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
sslHpkp String: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
sslHpkpAge Number: Number of minutes the web browser should keep HPKP.
sslHpkpBackup String: Certificate to generate backup HPKP pin from.
sslHpkpIncludeSubdomains String: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
sslHpkpPrimary String: Certificate to generate primary HPKP pin from.
sslHpkpReportUri String: URL to report HPKP violations to.
sslHsts String: Enable/disable including HSTS header in response. Valid values: disable, enable.
sslHstsAge Number: Number of seconds the client should honour the HSTS setting.
sslHstsIncludeSubdomains String: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
sslHttpLocationConversion String: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
sslHttpMatchHost String: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
sslMaxVersion String: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMinVersion String: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMode String: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
sslPfs String: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
sslSendEmptyFrags String: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
sslServerAlgorithm String: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
sslServerMaxVersion String: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerMinVersion String: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerRenegotiation String: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
sslServerSessionStateMax Number: Maximum number of FortiGate to Server SSL session states to keep.
sslServerSessionStateTimeout Number: Number of minutes to keep FortiGate to Server SSL session state.
sslServerSessionStateType String: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
type String: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
weblogicServer String: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
websphereServer String: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.

Outputs

All input properties are implicitly available as output properties. Additionally, the ObjectFirewallVip6DynamicMapping resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ObjectFirewallVip6DynamicMapping Resource

Get an existing ObjectFirewallVip6DynamicMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ObjectFirewallVip6DynamicMappingState, opts?: CustomResourceOptions): ObjectFirewallVip6DynamicMapping

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _scopes: Optional[Sequence[ObjectFirewallVip6DynamicMapping_ScopeArgs]] = None,
        add_nat64_route: Optional[str] = None,
        adom: Optional[str] = None,
        arp_reply: Optional[str] = None,
        color: Optional[float] = None,
        comment: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        embedded_ipv4_address: Optional[str] = None,
        extip: Optional[str] = None,
        extport: Optional[str] = None,
        fosid: Optional[float] = None,
        h2_support: Optional[str] = None,
        h3_support: Optional[str] = None,
        http_cookie_age: Optional[float] = None,
        http_cookie_domain: Optional[str] = None,
        http_cookie_domain_from_host: Optional[str] = None,
        http_cookie_generation: Optional[float] = None,
        http_cookie_path: Optional[str] = None,
        http_cookie_share: Optional[str] = None,
        http_ip_header: Optional[str] = None,
        http_ip_header_name: Optional[str] = None,
        http_multiplex: Optional[str] = None,
        http_redirect: Optional[str] = None,
        https_cookie_secure: Optional[str] = None,
        ipv4_mappedip: Optional[str] = None,
        ipv4_mappedport: Optional[str] = None,
        ldb_method: Optional[str] = None,
        mappedip: Optional[str] = None,
        mappedport: Optional[str] = None,
        max_embryonic_connections: Optional[float] = None,
        monitor: Optional[str] = None,
        nat64: Optional[str] = None,
        nat66: Optional[str] = None,
        nat_source_vip: Optional[str] = None,
        ndp_reply: Optional[str] = None,
        object_firewall_vip6_dynamic_mapping_id: Optional[str] = None,
        outlook_web_access: Optional[str] = None,
        persistence: Optional[str] = None,
        portforward: Optional[str] = None,
        protocol: Optional[str] = None,
        realservers: Optional[Sequence[ObjectFirewallVip6DynamicMappingRealserverArgs]] = None,
        scopetype: Optional[str] = None,
        server_type: Optional[str] = None,
        src_filters: Optional[Sequence[str]] = None,
        src_vip_filter: Optional[str] = None,
        ssl_accept_ffdhe_groups: Optional[str] = None,
        ssl_algorithm: Optional[str] = None,
        ssl_certificate: Optional[str] = None,
        ssl_cipher_suites: Optional[Sequence[ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs]] = None,
        ssl_client_fallback: Optional[str] = None,
        ssl_client_rekey_count: Optional[float] = None,
        ssl_client_renegotiation: Optional[str] = None,
        ssl_client_session_state_max: Optional[float] = None,
        ssl_client_session_state_timeout: Optional[float] = None,
        ssl_client_session_state_type: Optional[str] = None,
        ssl_dh_bits: Optional[str] = None,
        ssl_hpkp: Optional[str] = None,
        ssl_hpkp_age: Optional[float] = None,
        ssl_hpkp_backup: Optional[str] = None,
        ssl_hpkp_include_subdomains: Optional[str] = None,
        ssl_hpkp_primary: Optional[str] = None,
        ssl_hpkp_report_uri: Optional[str] = None,
        ssl_hsts: Optional[str] = None,
        ssl_hsts_age: Optional[float] = None,
        ssl_hsts_include_subdomains: Optional[str] = None,
        ssl_http_location_conversion: Optional[str] = None,
        ssl_http_match_host: Optional[str] = None,
        ssl_max_version: Optional[str] = None,
        ssl_min_version: Optional[str] = None,
        ssl_mode: Optional[str] = None,
        ssl_pfs: Optional[str] = None,
        ssl_send_empty_frags: Optional[str] = None,
        ssl_server_algorithm: Optional[str] = None,
        ssl_server_max_version: Optional[str] = None,
        ssl_server_min_version: Optional[str] = None,
        ssl_server_renegotiation: Optional[str] = None,
        ssl_server_session_state_max: Optional[float] = None,
        ssl_server_session_state_timeout: Optional[float] = None,
        ssl_server_session_state_type: Optional[str] = None,
        type: Optional[str] = None,
        uuid: Optional[str] = None,
        vip6: Optional[str] = None,
        weblogic_server: Optional[str] = None,
        websphere_server: Optional[str] = None) -> ObjectFirewallVip6DynamicMapping

func GetObjectFirewallVip6DynamicMapping(ctx *Context, name string, id IDInput, state *ObjectFirewallVip6DynamicMappingState, opts ...ResourceOption) (*ObjectFirewallVip6DynamicMapping, error)

public static ObjectFirewallVip6DynamicMapping Get(string name, Input<string> id, ObjectFirewallVip6DynamicMappingState? state, CustomResourceOptions? opts = null)

public static ObjectFirewallVip6DynamicMapping get(String name, Output<String> id, ObjectFirewallVip6DynamicMappingState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:ObjectFirewallVip6DynamicMapping    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AddNat64Route string: Enable/disable adding NAT64 route. Valid values: disable, enable.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
ArpReply string: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
Color double: Color of icon on the GUI.
Comment string: Comment.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
EmbeddedIpv4Address string: Enable/disable embedded IPv4 address. Valid values: disable, enable.
Extip string: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
Extport string: Incoming port number range that you want to map to a port number range on the destination network.
Fosid double: Custom defined ID.
H2Support string: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
H3Support string: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
HttpCookieAge double: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
HttpCookieDomain string: Domain that HTTP cookie persistence should apply to.
HttpCookieDomainFromHost string: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
HttpCookieGeneration double: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
HttpCookiePath string: Limit HTTP cookie persistence to the specified path.
HttpCookieShare string: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
HttpIpHeader string: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
HttpIpHeaderName string: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
HttpMultiplex string: Enable/disable HTTP multiplexing. Valid values: disable, enable.
HttpRedirect string: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
HttpsCookieSecure string: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
Ipv4Mappedip string: Start-mapped-IPv4-address [-end mapped-IPv4-address].
Ipv4Mappedport string: IPv4 port number range on the destination network to which the external port number range is mapped.
LdbMethod string: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
Mappedip string: Mapped IP address range in the format startIP-endIP.
Mappedport string: Port number range on the destination network to which the external port number range is mapped.
MaxEmbryonicConnections double: Maximum number of incomplete connections.
Monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
Nat64 string: Enable/disable DNAT64. Valid values: disable, enable.
Nat66 string: Enable/disable DNAT66. Valid values: disable, enable.
NatSourceVip string: Nat-Source-Vip. Valid values: disable, enable.
NdpReply string: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
ObjectFirewallVip6DynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
OutlookWebAccess string: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
Persistence string: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
Portforward string: Enable port forwarding. Valid values: disable, enable.
Protocol string: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
Realservers List<ObjectFirewallVip6DynamicMappingRealserver>: Realservers. The structure of realservers block is documented below.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
ServerType string: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
SrcFilters List<string>: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
SrcVipFilter string: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
SslAcceptFfdheGroups string: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
SslAlgorithm string: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
SslCertificate string: The name of the SSL certificate to use for SSL acceleration.
SslCipherSuites List<ObjectFirewallVip6DynamicMappingSslCipherSuite>: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
SslClientFallback string: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
SslClientRekeyCount double: Maximum length of data in MB before triggering a client rekey (0 = disable).
SslClientRenegotiation string: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
SslClientSessionStateMax double: Maximum number of client to FortiGate SSL session states to keep.
SslClientSessionStateTimeout double: Number of minutes to keep client to FortiGate SSL session state.
SslClientSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
SslDhBits string: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
SslHpkp string: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
SslHpkpAge double: Number of minutes the web browser should keep HPKP.
SslHpkpBackup string: Certificate to generate backup HPKP pin from.
SslHpkpIncludeSubdomains string: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
SslHpkpPrimary string: Certificate to generate primary HPKP pin from.
SslHpkpReportUri string: URL to report HPKP violations to.
SslHsts string: Enable/disable including HSTS header in response. Valid values: disable, enable.
SslHstsAge double: Number of seconds the client should honour the HSTS setting.
SslHstsIncludeSubdomains string: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
SslHttpLocationConversion string: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
SslHttpMatchHost string: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
SslMaxVersion string: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
SslMinVersion string: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
SslMode string: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
SslPfs string: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
SslSendEmptyFrags string: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
SslServerAlgorithm string: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
SslServerMaxVersion string: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
SslServerMinVersion string: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
SslServerRenegotiation string: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
SslServerSessionStateMax double: Maximum number of FortiGate to Server SSL session states to keep.
SslServerSessionStateTimeout double: Number of minutes to keep FortiGate to Server SSL session state.
SslServerSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
Type string: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
Vip6 string: Vip6.
WeblogicServer string: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
WebsphereServer string: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.
_scopes List<ObjectFirewallVip6DynamicMapping_Scope>: _Scope. The structure of _scope block is documented below.

AddNat64Route string: Enable/disable adding NAT64 route. Valid values: disable, enable.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
ArpReply string: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
Color float64: Color of icon on the GUI.
Comment string: Comment.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
EmbeddedIpv4Address string: Enable/disable embedded IPv4 address. Valid values: disable, enable.
Extip string: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
Extport string: Incoming port number range that you want to map to a port number range on the destination network.
Fosid float64: Custom defined ID.
H2Support string: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
H3Support string: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
HttpCookieAge float64: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
HttpCookieDomain string: Domain that HTTP cookie persistence should apply to.
HttpCookieDomainFromHost string: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
HttpCookieGeneration float64: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
HttpCookiePath string: Limit HTTP cookie persistence to the specified path.
HttpCookieShare string: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
HttpIpHeader string: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
HttpIpHeaderName string: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
HttpMultiplex string: Enable/disable HTTP multiplexing. Valid values: disable, enable.
HttpRedirect string: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
HttpsCookieSecure string: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
Ipv4Mappedip string: Start-mapped-IPv4-address [-end mapped-IPv4-address].
Ipv4Mappedport string: IPv4 port number range on the destination network to which the external port number range is mapped.
LdbMethod string: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
Mappedip string: Mapped IP address range in the format startIP-endIP.
Mappedport string: Port number range on the destination network to which the external port number range is mapped.
MaxEmbryonicConnections float64: Maximum number of incomplete connections.
Monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
Nat64 string: Enable/disable DNAT64. Valid values: disable, enable.
Nat66 string: Enable/disable DNAT66. Valid values: disable, enable.
NatSourceVip string: Nat-Source-Vip. Valid values: disable, enable.
NdpReply string: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
ObjectFirewallVip6DynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
OutlookWebAccess string: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
Persistence string: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
Portforward string: Enable port forwarding. Valid values: disable, enable.
Protocol string: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
Realservers []ObjectFirewallVip6DynamicMappingRealserverArgs: Realservers. The structure of realservers block is documented below.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
ServerType string: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
SrcFilters []string: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
SrcVipFilter string: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
SslAcceptFfdheGroups string: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
SslAlgorithm string: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
SslCertificate string: The name of the SSL certificate to use for SSL acceleration.
SslCipherSuites []ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
SslClientFallback string: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
SslClientRekeyCount float64: Maximum length of data in MB before triggering a client rekey (0 = disable).
SslClientRenegotiation string: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
SslClientSessionStateMax float64: Maximum number of client to FortiGate SSL session states to keep.
SslClientSessionStateTimeout float64: Number of minutes to keep client to FortiGate SSL session state.
SslClientSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
SslDhBits string: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
SslHpkp string: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
SslHpkpAge float64: Number of minutes the web browser should keep HPKP.
SslHpkpBackup string: Certificate to generate backup HPKP pin from.
SslHpkpIncludeSubdomains string: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
SslHpkpPrimary string: Certificate to generate primary HPKP pin from.
SslHpkpReportUri string: URL to report HPKP violations to.
SslHsts string: Enable/disable including HSTS header in response. Valid values: disable, enable.
SslHstsAge float64: Number of seconds the client should honour the HSTS setting.
SslHstsIncludeSubdomains string: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
SslHttpLocationConversion string: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
SslHttpMatchHost string: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
SslMaxVersion string: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
SslMinVersion string: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
SslMode string: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
SslPfs string: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
SslSendEmptyFrags string: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
SslServerAlgorithm string: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
SslServerMaxVersion string: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
SslServerMinVersion string: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
SslServerRenegotiation string: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
SslServerSessionStateMax float64: Maximum number of FortiGate to Server SSL session states to keep.
SslServerSessionStateTimeout float64: Number of minutes to keep FortiGate to Server SSL session state.
SslServerSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
Type string: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
Vip6 string: Vip6.
WeblogicServer string: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
WebsphereServer string: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.
_scopes []ObjectFirewallVip6DynamicMapping_ScopeArgs: _Scope. The structure of _scope block is documented below.

_scopes List<ObjectFirewallVip6DynamicMapping_Scope>: _Scope. The structure of _scope block is documented below.
addNat64Route String: Enable/disable adding NAT64 route. Valid values: disable, enable.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
arpReply String: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
color Double: Color of icon on the GUI.
comment String: Comment.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
embeddedIpv4Address String: Enable/disable embedded IPv4 address. Valid values: disable, enable.
extip String: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
extport String: Incoming port number range that you want to map to a port number range on the destination network.
fosid Double: Custom defined ID.
h2Support String: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
h3Support String: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
httpCookieAge Double: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
httpCookieDomain String: Domain that HTTP cookie persistence should apply to.
httpCookieDomainFromHost String: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
httpCookieGeneration Double: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
httpCookiePath String: Limit HTTP cookie persistence to the specified path.
httpCookieShare String: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
httpIpHeader String: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
httpIpHeaderName String: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
httpMultiplex String: Enable/disable HTTP multiplexing. Valid values: disable, enable.
httpRedirect String: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
httpsCookieSecure String: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
ipv4Mappedip String: Start-mapped-IPv4-address [-end mapped-IPv4-address].
ipv4Mappedport String: IPv4 port number range on the destination network to which the external port number range is mapped.
ldbMethod String: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
mappedip String: Mapped IP address range in the format startIP-endIP.
mappedport String: Port number range on the destination network to which the external port number range is mapped.
maxEmbryonicConnections Double: Maximum number of incomplete connections.
monitor String: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
nat64 String: Enable/disable DNAT64. Valid values: disable, enable.
nat66 String: Enable/disable DNAT66. Valid values: disable, enable.
natSourceVip String: Nat-Source-Vip. Valid values: disable, enable.
ndpReply String: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
objectFirewallVip6DynamicMappingId String: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
outlookWebAccess String: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
persistence String: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
portforward String: Enable port forwarding. Valid values: disable, enable.
protocol String: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
realservers List<ObjectFirewallVip6DynamicMappingRealserver>: Realservers. The structure of realservers block is documented below.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
serverType String: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
srcFilters List<String>: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
srcVipFilter String: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
sslAcceptFfdheGroups String: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
sslAlgorithm String: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
sslCertificate String: The name of the SSL certificate to use for SSL acceleration.
sslCipherSuites List<ObjectFirewallVip6DynamicMappingSslCipherSuite>: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
sslClientFallback String: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
sslClientRekeyCount Double: Maximum length of data in MB before triggering a client rekey (0 = disable).
sslClientRenegotiation String: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
sslClientSessionStateMax Double: Maximum number of client to FortiGate SSL session states to keep.
sslClientSessionStateTimeout Double: Number of minutes to keep client to FortiGate SSL session state.
sslClientSessionStateType String: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
sslDhBits String: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
sslHpkp String: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
sslHpkpAge Double: Number of minutes the web browser should keep HPKP.
sslHpkpBackup String: Certificate to generate backup HPKP pin from.
sslHpkpIncludeSubdomains String: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
sslHpkpPrimary String: Certificate to generate primary HPKP pin from.
sslHpkpReportUri String: URL to report HPKP violations to.
sslHsts String: Enable/disable including HSTS header in response. Valid values: disable, enable.
sslHstsAge Double: Number of seconds the client should honour the HSTS setting.
sslHstsIncludeSubdomains String: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
sslHttpLocationConversion String: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
sslHttpMatchHost String: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
sslMaxVersion String: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMinVersion String: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMode String: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
sslPfs String: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
sslSendEmptyFrags String: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
sslServerAlgorithm String: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
sslServerMaxVersion String: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerMinVersion String: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerRenegotiation String: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
sslServerSessionStateMax Double: Maximum number of FortiGate to Server SSL session states to keep.
sslServerSessionStateTimeout Double: Number of minutes to keep FortiGate to Server SSL session state.
sslServerSessionStateType String: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
type String: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vip6 String: Vip6.
weblogicServer String: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
websphereServer String: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.

_scopes ObjectFirewallVip6DynamicMapping_Scope[]: _Scope. The structure of _scope block is documented below.
addNat64Route string: Enable/disable adding NAT64 route. Valid values: disable, enable.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
arpReply string: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
color number: Color of icon on the GUI.
comment string: Comment.
dynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
embeddedIpv4Address string: Enable/disable embedded IPv4 address. Valid values: disable, enable.
extip string: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
extport string: Incoming port number range that you want to map to a port number range on the destination network.
fosid number: Custom defined ID.
h2Support string: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
h3Support string: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
httpCookieAge number: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
httpCookieDomain string: Domain that HTTP cookie persistence should apply to.
httpCookieDomainFromHost string: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
httpCookieGeneration number: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
httpCookiePath string: Limit HTTP cookie persistence to the specified path.
httpCookieShare string: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
httpIpHeader string: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
httpIpHeaderName string: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
httpMultiplex string: Enable/disable HTTP multiplexing. Valid values: disable, enable.
httpRedirect string: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
httpsCookieSecure string: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
ipv4Mappedip string: Start-mapped-IPv4-address [-end mapped-IPv4-address].
ipv4Mappedport string: IPv4 port number range on the destination network to which the external port number range is mapped.
ldbMethod string: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
mappedip string: Mapped IP address range in the format startIP-endIP.
mappedport string: Port number range on the destination network to which the external port number range is mapped.
maxEmbryonicConnections number: Maximum number of incomplete connections.
monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
nat64 string: Enable/disable DNAT64. Valid values: disable, enable.
nat66 string: Enable/disable DNAT66. Valid values: disable, enable.
natSourceVip string: Nat-Source-Vip. Valid values: disable, enable.
ndpReply string: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
objectFirewallVip6DynamicMappingId string: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
outlookWebAccess string: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
persistence string: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
portforward string: Enable port forwarding. Valid values: disable, enable.
protocol string: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
realservers ObjectFirewallVip6DynamicMappingRealserver[]: Realservers. The structure of realservers block is documented below.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
serverType string: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
srcFilters string[]: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
srcVipFilter string: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
sslAcceptFfdheGroups string: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
sslAlgorithm string: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
sslCertificate string: The name of the SSL certificate to use for SSL acceleration.
sslCipherSuites ObjectFirewallVip6DynamicMappingSslCipherSuite[]: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
sslClientFallback string: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
sslClientRekeyCount number: Maximum length of data in MB before triggering a client rekey (0 = disable).
sslClientRenegotiation string: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
sslClientSessionStateMax number: Maximum number of client to FortiGate SSL session states to keep.
sslClientSessionStateTimeout number: Number of minutes to keep client to FortiGate SSL session state.
sslClientSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
sslDhBits string: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
sslHpkp string: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
sslHpkpAge number: Number of minutes the web browser should keep HPKP.
sslHpkpBackup string: Certificate to generate backup HPKP pin from.
sslHpkpIncludeSubdomains string: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
sslHpkpPrimary string: Certificate to generate primary HPKP pin from.
sslHpkpReportUri string: URL to report HPKP violations to.
sslHsts string: Enable/disable including HSTS header in response. Valid values: disable, enable.
sslHstsAge number: Number of seconds the client should honour the HSTS setting.
sslHstsIncludeSubdomains string: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
sslHttpLocationConversion string: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
sslHttpMatchHost string: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
sslMaxVersion string: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMinVersion string: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMode string: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
sslPfs string: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
sslSendEmptyFrags string: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
sslServerAlgorithm string: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
sslServerMaxVersion string: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerMinVersion string: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerRenegotiation string: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
sslServerSessionStateMax number: Maximum number of FortiGate to Server SSL session states to keep.
sslServerSessionStateTimeout number: Number of minutes to keep FortiGate to Server SSL session state.
sslServerSessionStateType string: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
type string: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vip6 string: Vip6.
weblogicServer string: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
websphereServer string: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.

_scopes Sequence[ObjectFirewallVip6DynamicMapping_ScopeArgs]: _Scope. The structure of _scope block is documented below.
add_nat64_route str: Enable/disable adding NAT64 route. Valid values: disable, enable.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
arp_reply str: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
color float: Color of icon on the GUI.
comment str: Comment.
dynamic_sort_subtable str: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
embedded_ipv4_address str: Enable/disable embedded IPv4 address. Valid values: disable, enable.
extip str: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
extport str: Incoming port number range that you want to map to a port number range on the destination network.
fosid float: Custom defined ID.
h2_support str: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
h3_support str: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
http_cookie_age float: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
http_cookie_domain str: Domain that HTTP cookie persistence should apply to.
http_cookie_domain_from_host str: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
http_cookie_generation float: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
http_cookie_path str: Limit HTTP cookie persistence to the specified path.
http_cookie_share str: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
http_ip_header str: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
http_ip_header_name str: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
http_multiplex str: Enable/disable HTTP multiplexing. Valid values: disable, enable.
http_redirect str: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
https_cookie_secure str: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
ipv4_mappedip str: Start-mapped-IPv4-address [-end mapped-IPv4-address].
ipv4_mappedport str: IPv4 port number range on the destination network to which the external port number range is mapped.
ldb_method str: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
mappedip str: Mapped IP address range in the format startIP-endIP.
mappedport str: Port number range on the destination network to which the external port number range is mapped.
max_embryonic_connections float: Maximum number of incomplete connections.
monitor str: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
nat64 str: Enable/disable DNAT64. Valid values: disable, enable.
nat66 str: Enable/disable DNAT66. Valid values: disable, enable.
nat_source_vip str: Nat-Source-Vip. Valid values: disable, enable.
ndp_reply str: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
object_firewall_vip6_dynamic_mapping_id str: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
outlook_web_access str: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
persistence str: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
portforward str: Enable port forwarding. Valid values: disable, enable.
protocol str: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
realservers Sequence[ObjectFirewallVip6DynamicMappingRealserverArgs]: Realservers. The structure of realservers block is documented below.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
server_type str: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
src_filters Sequence[str]: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
src_vip_filter str: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
ssl_accept_ffdhe_groups str: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
ssl_algorithm str: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
ssl_certificate str: The name of the SSL certificate to use for SSL acceleration.
ssl_cipher_suites Sequence[ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs]: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
ssl_client_fallback str: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
ssl_client_rekey_count float: Maximum length of data in MB before triggering a client rekey (0 = disable).
ssl_client_renegotiation str: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
ssl_client_session_state_max float: Maximum number of client to FortiGate SSL session states to keep.
ssl_client_session_state_timeout float: Number of minutes to keep client to FortiGate SSL session state.
ssl_client_session_state_type str: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
ssl_dh_bits str: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
ssl_hpkp str: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
ssl_hpkp_age float: Number of minutes the web browser should keep HPKP.
ssl_hpkp_backup str: Certificate to generate backup HPKP pin from.
ssl_hpkp_include_subdomains str: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
ssl_hpkp_primary str: Certificate to generate primary HPKP pin from.
ssl_hpkp_report_uri str: URL to report HPKP violations to.
ssl_hsts str: Enable/disable including HSTS header in response. Valid values: disable, enable.
ssl_hsts_age float: Number of seconds the client should honour the HSTS setting.
ssl_hsts_include_subdomains str: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
ssl_http_location_conversion str: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
ssl_http_match_host str: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
ssl_max_version str: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ssl_min_version str: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ssl_mode str: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
ssl_pfs str: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
ssl_send_empty_frags str: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
ssl_server_algorithm str: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
ssl_server_max_version str: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
ssl_server_min_version str: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
ssl_server_renegotiation str: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
ssl_server_session_state_max float: Maximum number of FortiGate to Server SSL session states to keep.
ssl_server_session_state_timeout float: Number of minutes to keep FortiGate to Server SSL session state.
ssl_server_session_state_type str: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
type str: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vip6 str: Vip6.
weblogic_server str: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
websphere_server str: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.

_scopes List<Property Map>: _Scope. The structure of _scope block is documented below.
addNat64Route String: Enable/disable adding NAT64 route. Valid values: disable, enable.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
arpReply String: Enable to respond to ARP requests for this virtual IP address. Enabled by default. Valid values: disable, enable.
color Number: Color of icon on the GUI.
comment String: Comment.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
embeddedIpv4Address String: Enable/disable embedded IPv4 address. Valid values: disable, enable.
extip String: IP address or address range on the external interface that you want to map to an address or address range on the destination network.
extport String: Incoming port number range that you want to map to a port number range on the destination network.
fosid Number: Custom defined ID.
h2Support String: Enable/disable HTTP2 support (default = enable). Valid values: disable, enable.
h3Support String: Enable/disable HTTP3/QUIC support (default = disable). Valid values: disable, enable.
httpCookieAge Number: Time in minutes that client web browsers should keep a cookie. Default is 60 seconds. 0 = no time limit.
httpCookieDomain String: Domain that HTTP cookie persistence should apply to.
httpCookieDomainFromHost String: Enable/disable use of HTTP cookie domain from host field in HTTP. Valid values: disable, enable.
httpCookieGeneration Number: Generation of HTTP cookie to be accepted. Changing invalidates all existing cookies.
httpCookiePath String: Limit HTTP cookie persistence to the specified path.
httpCookieShare String: Control sharing of cookies across virtual servers. same-ip means a cookie from one virtual server can be used by another. Disable stops cookie sharing. Valid values: disable, same-ip.
httpIpHeader String: For HTTP multiplexing, enable to add the original client IP address in the XForwarded-For HTTP header. Valid values: disable, enable.
httpIpHeaderName String: For HTTP multiplexing, enter a custom HTTPS header name. The original client IP address is added to this header. If empty, X-Forwarded-For is used.
httpMultiplex String: Enable/disable HTTP multiplexing. Valid values: disable, enable.
httpRedirect String: Enable/disable redirection of HTTP to HTTPS Valid values: disable, enable.
httpsCookieSecure String: Enable/disable verification that inserted HTTPS cookies are secure. Valid values: disable, enable.
ipv4Mappedip String: Start-mapped-IPv4-address [-end mapped-IPv4-address].
ipv4Mappedport String: IPv4 port number range on the destination network to which the external port number range is mapped.
ldbMethod String: Method used to distribute sessions to real servers. Valid values: static, round-robin, weighted, least-session, least-rtt, first-alive, http-host.
mappedip String: Mapped IP address range in the format startIP-endIP.
mappedport String: Port number range on the destination network to which the external port number range is mapped.
maxEmbryonicConnections Number: Maximum number of incomplete connections.
monitor String: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
nat64 String: Enable/disable DNAT64. Valid values: disable, enable.
nat66 String: Enable/disable DNAT66. Valid values: disable, enable.
natSourceVip String: Nat-Source-Vip. Valid values: disable, enable.
ndpReply String: Enable/disable this FortiGate unit's ability to respond to NDP requests for this virtual IP address (default = enable). Valid values: disable, enable.
objectFirewallVip6DynamicMappingId String: an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
outlookWebAccess String: Enable to add the Front-End-Https header for Microsoft Outlook Web Access. Valid values: disable, enable.
persistence String: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same session. Valid values: none, http-cookie, ssl-session-id.
portforward String: Enable port forwarding. Valid values: disable, enable.
protocol String: Protocol to use when forwarding packets. Valid values: tcp, udp, sctp.
realservers List<Property Map>: Realservers. The structure of realservers block is documented below.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
serverType String: Protocol to be load balanced by the virtual server (also called the server load balance virtual IP). Valid values: http, https, ssl, tcp, udp, ip, imaps, pop3s, smtps.
srcFilters List<String>: Source IP6 filter (x:x:x:x:x:x:x:x/x). Separate addresses with spaces.
srcVipFilter String: Enable/disable use of 'src-filter' to match destinations for the reverse SNAT rule. Valid values: disable, enable.
sslAcceptFfdheGroups String: Enable/disable FFDHE cipher suite for SSL key exchange. Valid values: disable, enable.
sslAlgorithm String: Permitted encryption algorithms for SSL sessions according to encryption strength. Valid values: high, low, medium, custom.
sslCertificate String: The name of the SSL certificate to use for SSL acceleration.
sslCipherSuites List<Property Map>: Ssl-Cipher-Suites. The structure of ssl_cipher_suites block is documented below.
sslClientFallback String: Enable/disable support for preventing Downgrade Attacks on client connections (RFC 7507). Valid values: disable, enable.
sslClientRekeyCount Number: Maximum length of data in MB before triggering a client rekey (0 = disable).
sslClientRenegotiation String: Allow, deny, or require secure renegotiation of client sessions to comply with RFC 5746. Valid values: deny, allow, secure.
sslClientSessionStateMax Number: Maximum number of client to FortiGate SSL session states to keep.
sslClientSessionStateTimeout Number: Number of minutes to keep client to FortiGate SSL session state.
sslClientSessionStateType String: How to expire SSL sessions for the segment of the SSL connection between the client and the FortiGate. Valid values: disable, time, count, both.
sslDhBits String: Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SSL sessions. Valid values: 768, 1024, 1536, 2048, 3072, 4096.
sslHpkp String: Enable/disable including HPKP header in response. Valid values: disable, enable, report-only.
sslHpkpAge Number: Number of minutes the web browser should keep HPKP.
sslHpkpBackup String: Certificate to generate backup HPKP pin from.
sslHpkpIncludeSubdomains String: Indicate that HPKP header applies to all subdomains. Valid values: disable, enable.
sslHpkpPrimary String: Certificate to generate primary HPKP pin from.
sslHpkpReportUri String: URL to report HPKP violations to.
sslHsts String: Enable/disable including HSTS header in response. Valid values: disable, enable.
sslHstsAge Number: Number of seconds the client should honour the HSTS setting.
sslHstsIncludeSubdomains String: Indicate that HSTS header applies to all subdomains. Valid values: disable, enable.
sslHttpLocationConversion String: Enable to replace HTTP with HTTPS in the reply's Location HTTP header field. Valid values: disable, enable.
sslHttpMatchHost String: Enable/disable HTTP host matching for location conversion. Valid values: disable, enable.
sslMaxVersion String: Highest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMinVersion String: Lowest SSL/TLS version acceptable from a client. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
sslMode String: Apply SSL offloading between the client and the FortiGate (half) or from the client to the FortiGate and from the FortiGate to the server (full). Valid values: half, full.
sslPfs String: Select the cipher suites that can be used for SSL perfect forward secrecy (PFS). Applies to both client and server sessions. Valid values: require, deny, allow.
sslSendEmptyFrags String: Enable/disable sending empty fragments to avoid CBC IV attacks (SSL 3.0 & TLS 1.0 only). May need to be disabled for compatibility with older systems. Valid values: disable, enable.
sslServerAlgorithm String: Permitted encryption algorithms for the server side of SSL full mode sessions according to encryption strength. Valid values: high, low, medium, custom, client.
sslServerMaxVersion String: Highest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerMinVersion String: Lowest SSL/TLS version acceptable from a server. Use the client setting by default. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, client, tls-1.3.
sslServerRenegotiation String: Enable/disable secure renegotiation to comply with RFC 5746. Valid values: disable, enable.
sslServerSessionStateMax Number: Maximum number of FortiGate to Server SSL session states to keep.
sslServerSessionStateTimeout Number: Number of minutes to keep FortiGate to Server SSL session state.
sslServerSessionStateType String: How to expire SSL sessions for the segment of the SSL connection between the server and the FortiGate. Valid values: disable, time, count, both.
type String: Configure a static NAT or server load balance VIP. Valid values: static-nat, server-load-balance.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vip6 String: Vip6.
weblogicServer String: Enable to add an HTTP header to indicate SSL offloading for a WebLogic server. Valid values: disable, enable.
websphereServer String: Enable to add an HTTP header to indicate SSL offloading for a WebSphere server. Valid values: disable, enable.

Supporting Types

ObjectFirewallVip6DynamicMappingRealserver, ObjectFirewallVip6DynamicMappingRealserverArgs

ClientIp string: Only clients in this IP range can connect to this real server.
Healthcheck string: Enable to check the responsiveness of the real server before forwarding traffic. Valid values: disable, enable, vip.
HolddownInterval double: Time in seconds that the health check monitor continues to monitor an unresponsive server that should be active.
HttpHost string: HTTP server domain name in HTTP header.
Id double: Real server ID.
Ip string: IP address of the real server.
MaxConnections double: Max number of active connections that can directed to the real server. When reached, sessions are sent to other real servers.
Monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
Port double: Port for communicating with the real server. Required if port forwarding is enabled.
Status string: Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values: active, standby, disable.
TranslateHost string: Enable/disable translation of hostname/IP from virtual server to real server. Valid values: disable, enable.
Weight double: Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.

ClientIp string: Only clients in this IP range can connect to this real server.
Healthcheck string: Enable to check the responsiveness of the real server before forwarding traffic. Valid values: disable, enable, vip.
HolddownInterval float64: Time in seconds that the health check monitor continues to monitor an unresponsive server that should be active.
HttpHost string: HTTP server domain name in HTTP header.
Id float64: Real server ID.
Ip string: IP address of the real server.
MaxConnections float64: Max number of active connections that can directed to the real server. When reached, sessions are sent to other real servers.
Monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
Port float64: Port for communicating with the real server. Required if port forwarding is enabled.
Status string: Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values: active, standby, disable.
TranslateHost string: Enable/disable translation of hostname/IP from virtual server to real server. Valid values: disable, enable.
Weight float64: Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.

clientIp String: Only clients in this IP range can connect to this real server.
healthcheck String: Enable to check the responsiveness of the real server before forwarding traffic. Valid values: disable, enable, vip.
holddownInterval Double: Time in seconds that the health check monitor continues to monitor an unresponsive server that should be active.
httpHost String: HTTP server domain name in HTTP header.
id Double: Real server ID.
ip String: IP address of the real server.
maxConnections Double: Max number of active connections that can directed to the real server. When reached, sessions are sent to other real servers.
monitor String: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
port Double: Port for communicating with the real server. Required if port forwarding is enabled.
status String: Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values: active, standby, disable.
translateHost String: Enable/disable translation of hostname/IP from virtual server to real server. Valid values: disable, enable.
weight Double: Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.

clientIp string: Only clients in this IP range can connect to this real server.
healthcheck string: Enable to check the responsiveness of the real server before forwarding traffic. Valid values: disable, enable, vip.
holddownInterval number: Time in seconds that the health check monitor continues to monitor an unresponsive server that should be active.
httpHost string: HTTP server domain name in HTTP header.
id number: Real server ID.
ip string: IP address of the real server.
maxConnections number: Max number of active connections that can directed to the real server. When reached, sessions are sent to other real servers.
monitor string: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
port number: Port for communicating with the real server. Required if port forwarding is enabled.
status string: Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values: active, standby, disable.
translateHost string: Enable/disable translation of hostname/IP from virtual server to real server. Valid values: disable, enable.
weight number: Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.

client_ip str: Only clients in this IP range can connect to this real server.
healthcheck str: Enable to check the responsiveness of the real server before forwarding traffic. Valid values: disable, enable, vip.
holddown_interval float: Time in seconds that the health check monitor continues to monitor an unresponsive server that should be active.
http_host str: HTTP server domain name in HTTP header.
id float: Real server ID.
ip str: IP address of the real server.
max_connections float: Max number of active connections that can directed to the real server. When reached, sessions are sent to other real servers.
monitor str: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
port float: Port for communicating with the real server. Required if port forwarding is enabled.
status str: Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values: active, standby, disable.
translate_host str: Enable/disable translation of hostname/IP from virtual server to real server. Valid values: disable, enable.
weight float: Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.

clientIp String: Only clients in this IP range can connect to this real server.
healthcheck String: Enable to check the responsiveness of the real server before forwarding traffic. Valid values: disable, enable, vip.
holddownInterval Number: Time in seconds that the health check monitor continues to monitor an unresponsive server that should be active.
httpHost String: HTTP server domain name in HTTP header.
id Number: Real server ID.
ip String: IP address of the real server.
maxConnections Number: Max number of active connections that can directed to the real server. When reached, sessions are sent to other real servers.
monitor String: Name of the health check monitor to use when polling to determine a virtual server's connectivity status.
port Number: Port for communicating with the real server. Required if port forwarding is enabled.
status String: Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic is sent. Valid values: active, standby, disable.
translateHost String: Enable/disable translation of hostname/IP from virtual server to real server. Valid values: disable, enable.
weight Number: Weight of the real server. If weighted load balancing is enabled, the server with the highest weight gets more connections.

ObjectFirewallVip6DynamicMappingSslCipherSuite, ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs

Cipher string: Cipher suite name. Valid values: TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, TLS-RSA-WITH-3DES-EDE-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA, TLS-RSA-WITH-AES-256-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA256, TLS-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-RSA-WITH-SEED-CBC-SHA, TLS-RSA-WITH-ARIA-128-CBC-SHA256, TLS-RSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-RSA-WITH-DES-CBC-SHA, TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA256, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-RSA-WITH-SEED-CBC-SHA, TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-RC4-128-SHA, TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA, TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-AES-128-GCM-SHA256, TLS-DHE-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-AES-128-CBC-SHA, TLS-DHE-DSS-WITH-AES-256-CBC-SHA, TLS-DHE-DSS-WITH-AES-128-CBC-SHA256, TLS-DHE-DSS-WITH-AES-128-GCM-SHA256, TLS-DHE-DSS-WITH-AES-256-CBC-SHA256, TLS-DHE-DSS-WITH-AES-256-GCM-SHA384, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, TLS-RSA-WITH-AES-128-GCM-SHA256, TLS-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-DSS-WITH-SEED-CBC-SHA, TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA, TLS-DHE-DSS-WITH-DES-CBC-SHA, TLS-AES-128-GCM-SHA256, TLS-AES-256-GCM-SHA384, TLS-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA.
Priority double: SSL/TLS cipher suites priority.
Versions List<string>: SSL/TLS versions that the cipher suite can be used with. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.

Cipher string: Cipher suite name. Valid values: TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, TLS-RSA-WITH-3DES-EDE-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA, TLS-RSA-WITH-AES-256-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA256, TLS-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-RSA-WITH-SEED-CBC-SHA, TLS-RSA-WITH-ARIA-128-CBC-SHA256, TLS-RSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-RSA-WITH-DES-CBC-SHA, TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA256, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-RSA-WITH-SEED-CBC-SHA, TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-RC4-128-SHA, TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA, TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-AES-128-GCM-SHA256, TLS-DHE-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-AES-128-CBC-SHA, TLS-DHE-DSS-WITH-AES-256-CBC-SHA, TLS-DHE-DSS-WITH-AES-128-CBC-SHA256, TLS-DHE-DSS-WITH-AES-128-GCM-SHA256, TLS-DHE-DSS-WITH-AES-256-CBC-SHA256, TLS-DHE-DSS-WITH-AES-256-GCM-SHA384, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, TLS-RSA-WITH-AES-128-GCM-SHA256, TLS-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-DSS-WITH-SEED-CBC-SHA, TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA, TLS-DHE-DSS-WITH-DES-CBC-SHA, TLS-AES-128-GCM-SHA256, TLS-AES-256-GCM-SHA384, TLS-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA.
Priority float64: SSL/TLS cipher suites priority.
Versions []string: SSL/TLS versions that the cipher suite can be used with. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.

cipher String: Cipher suite name. Valid values: TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, TLS-RSA-WITH-3DES-EDE-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA, TLS-RSA-WITH-AES-256-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA256, TLS-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-RSA-WITH-SEED-CBC-SHA, TLS-RSA-WITH-ARIA-128-CBC-SHA256, TLS-RSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-RSA-WITH-DES-CBC-SHA, TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA256, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-RSA-WITH-SEED-CBC-SHA, TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-RC4-128-SHA, TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA, TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-AES-128-GCM-SHA256, TLS-DHE-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-AES-128-CBC-SHA, TLS-DHE-DSS-WITH-AES-256-CBC-SHA, TLS-DHE-DSS-WITH-AES-128-CBC-SHA256, TLS-DHE-DSS-WITH-AES-128-GCM-SHA256, TLS-DHE-DSS-WITH-AES-256-CBC-SHA256, TLS-DHE-DSS-WITH-AES-256-GCM-SHA384, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, TLS-RSA-WITH-AES-128-GCM-SHA256, TLS-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-DSS-WITH-SEED-CBC-SHA, TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA, TLS-DHE-DSS-WITH-DES-CBC-SHA, TLS-AES-128-GCM-SHA256, TLS-AES-256-GCM-SHA384, TLS-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA.
priority Double: SSL/TLS cipher suites priority.
versions List<String>: SSL/TLS versions that the cipher suite can be used with. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.

cipher string: Cipher suite name. Valid values: TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, TLS-RSA-WITH-3DES-EDE-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA, TLS-RSA-WITH-AES-256-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA256, TLS-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-RSA-WITH-SEED-CBC-SHA, TLS-RSA-WITH-ARIA-128-CBC-SHA256, TLS-RSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-RSA-WITH-DES-CBC-SHA, TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA256, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-RSA-WITH-SEED-CBC-SHA, TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-RC4-128-SHA, TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA, TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-AES-128-GCM-SHA256, TLS-DHE-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-AES-128-CBC-SHA, TLS-DHE-DSS-WITH-AES-256-CBC-SHA, TLS-DHE-DSS-WITH-AES-128-CBC-SHA256, TLS-DHE-DSS-WITH-AES-128-GCM-SHA256, TLS-DHE-DSS-WITH-AES-256-CBC-SHA256, TLS-DHE-DSS-WITH-AES-256-GCM-SHA384, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, TLS-RSA-WITH-AES-128-GCM-SHA256, TLS-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-DSS-WITH-SEED-CBC-SHA, TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA, TLS-DHE-DSS-WITH-DES-CBC-SHA, TLS-AES-128-GCM-SHA256, TLS-AES-256-GCM-SHA384, TLS-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA.
priority number: SSL/TLS cipher suites priority.
versions string[]: SSL/TLS versions that the cipher suite can be used with. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.

cipher str: Cipher suite name. Valid values: TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, TLS-RSA-WITH-3DES-EDE-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA, TLS-RSA-WITH-AES-256-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA256, TLS-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-RSA-WITH-SEED-CBC-SHA, TLS-RSA-WITH-ARIA-128-CBC-SHA256, TLS-RSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-RSA-WITH-DES-CBC-SHA, TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA256, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-RSA-WITH-SEED-CBC-SHA, TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-RC4-128-SHA, TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA, TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-AES-128-GCM-SHA256, TLS-DHE-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-AES-128-CBC-SHA, TLS-DHE-DSS-WITH-AES-256-CBC-SHA, TLS-DHE-DSS-WITH-AES-128-CBC-SHA256, TLS-DHE-DSS-WITH-AES-128-GCM-SHA256, TLS-DHE-DSS-WITH-AES-256-CBC-SHA256, TLS-DHE-DSS-WITH-AES-256-GCM-SHA384, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, TLS-RSA-WITH-AES-128-GCM-SHA256, TLS-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-DSS-WITH-SEED-CBC-SHA, TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA, TLS-DHE-DSS-WITH-DES-CBC-SHA, TLS-AES-128-GCM-SHA256, TLS-AES-256-GCM-SHA384, TLS-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA.
priority float: SSL/TLS cipher suites priority.
versions Sequence[str]: SSL/TLS versions that the cipher suite can be used with. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.

cipher String: Cipher suite name. Valid values: TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, TLS-RSA-WITH-3DES-EDE-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA, TLS-RSA-WITH-AES-256-CBC-SHA, TLS-RSA-WITH-AES-128-CBC-SHA256, TLS-RSA-WITH-AES-256-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-RSA-WITH-SEED-CBC-SHA, TLS-RSA-WITH-ARIA-128-CBC-SHA256, TLS-RSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-RSA-WITH-DES-CBC-SHA, TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA, TLS-DHE-RSA-WITH-AES-256-CBC-SHA, TLS-DHE-RSA-WITH-AES-128-CBC-SHA256, TLS-DHE-RSA-WITH-AES-256-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-RSA-WITH-SEED-CBC-SHA, TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-RC4-128-SHA, TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA, TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256, TLS-DHE-RSA-WITH-AES-128-GCM-SHA256, TLS-DHE-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-AES-128-CBC-SHA, TLS-DHE-DSS-WITH-AES-256-CBC-SHA, TLS-DHE-DSS-WITH-AES-128-CBC-SHA256, TLS-DHE-DSS-WITH-AES-128-GCM-SHA256, TLS-DHE-DSS-WITH-AES-256-CBC-SHA256, TLS-DHE-DSS-WITH-AES-256-GCM-SHA384, TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA, TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, TLS-RSA-WITH-AES-128-GCM-SHA256, TLS-RSA-WITH-AES-256-GCM-SHA384, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA, TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256, TLS-DHE-DSS-WITH-SEED-CBC-SHA, TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256, TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384, TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256, TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384, TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA, TLS-DHE-DSS-WITH-DES-CBC-SHA, TLS-AES-128-GCM-SHA256, TLS-AES-256-GCM-SHA384, TLS-CHACHA20-POLY1305-SHA256, TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA.
priority Number: SSL/TLS cipher suites priority.
versions List<String>: SSL/TLS versions that the cipher suite can be used with. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.

ObjectFirewallVip6DynamicMapping_Scope, ObjectFirewallVip6DynamicMapping_ScopeArgs

Name string: Name.
Vdom string: Vdom.

Name string: Name.
Vdom string: Vdom.

name String: Name.
vdom String: Vdom.

name string: Name.
vdom string: Vdom.

name str: Name.
vdom str: Vdom.

name String: Name.
vdom String: Vdom.

Import

ObjectFirewall Vip6DynamicMapping can be imported using any of these accepted formats:

Set import_options = [“vip6=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/objectFirewallVip6DynamicMapping:ObjectFirewallVip6DynamicMapping labelname {{_scope.name}}.{{_scope.vdom}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectFirewallVip6DynamicMapping

On this page

On this page

Create ObjectFirewallVip6DynamicMapping Resource

Constructor syntax

Parameters

Constructor example

ObjectFirewallVip6DynamicMapping Resource Properties

Inputs

Outputs

Look up Existing ObjectFirewallVip6DynamicMapping Resource

Supporting Types

ObjectFirewallVip6DynamicMappingRealserver, ObjectFirewallVip6DynamicMappingRealserverArgs

ObjectFirewallVip6DynamicMappingSslCipherSuite, ObjectFirewallVip6DynamicMappingSslCipherSuiteArgs

ObjectFirewallVip6DynamicMapping_Scope, ObjectFirewallVip6DynamicMapping_ScopeArgs

Import

Package Details

On this page

On this page