fortimanager 1.13.0, Mar 13 25

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesFirewallConsolidatedPolicy

Explore with Pulumi AI

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

Create PackagesFirewallConsolidatedPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PackagesFirewallConsolidatedPolicy(name: string, args: PackagesFirewallConsolidatedPolicyArgs, opts?: CustomResourceOptions);

@overload
def PackagesFirewallConsolidatedPolicy(resource_name: str,
                                       args: PackagesFirewallConsolidatedPolicyArgs,
                                       opts: Optional[ResourceOptions] = None)

@overload
def PackagesFirewallConsolidatedPolicy(resource_name: str,
                                       opts: Optional[ResourceOptions] = None,
                                       pkg: Optional[str] = None,
                                       _policy_block: Optional[float] = None,
                                       action: Optional[str] = None,
                                       adom: Optional[str] = None,
                                       app_category: Optional[str] = None,
                                       app_group: Optional[str] = None,
                                       application_list: Optional[str] = None,
                                       applications: Optional[Sequence[float]] = None,
                                       auto_asic_offload: Optional[str] = None,
                                       av_profile: Optional[str] = None,
                                       captive_portal_exempt: Optional[str] = None,
                                       cifs_profile: Optional[str] = None,
                                       comments: Optional[str] = None,
                                       diffserv_forward: Optional[str] = None,
                                       diffserv_reverse: Optional[str] = None,
                                       diffservcode_forward: Optional[str] = None,
                                       diffservcode_rev: Optional[str] = None,
                                       dlp_sensor: Optional[str] = None,
                                       dnsfilter_profile: Optional[str] = None,
                                       dstaddr4: Optional[str] = None,
                                       dstaddr6: Optional[str] = None,
                                       dstaddr_negate: Optional[str] = None,
                                       dstintf: Optional[str] = None,
                                       emailfilter_profile: Optional[str] = None,
                                       fixedport: Optional[str] = None,
                                       fsso_groups: Optional[str] = None,
                                       global_label: Optional[str] = None,
                                       groups: Optional[str] = None,
                                       http_policy_redirect: Optional[str] = None,
                                       icap_profile: Optional[str] = None,
                                       inbound: Optional[str] = None,
                                       inspection_mode: Optional[str] = None,
                                       internet_service: Optional[str] = None,
                                       internet_service_custom: Optional[str] = None,
                                       internet_service_custom_group: Optional[str] = None,
                                       internet_service_group: Optional[str] = None,
                                       internet_service_id: Optional[str] = None,
                                       internet_service_negate: Optional[str] = None,
                                       internet_service_src: Optional[str] = None,
                                       internet_service_src_custom: Optional[str] = None,
                                       internet_service_src_custom_group: Optional[str] = None,
                                       internet_service_src_group: Optional[str] = None,
                                       internet_service_src_id: Optional[str] = None,
                                       internet_service_src_negate: Optional[str] = None,
                                       ippool: Optional[str] = None,
                                       ips_sensor: Optional[str] = None,
                                       logtraffic: Optional[str] = None,
                                       logtraffic_start: Optional[str] = None,
                                       mms_profile: Optional[str] = None,
                                       name: Optional[str] = None,
                                       nat: Optional[str] = None,
                                       outbound: Optional[str] = None,
                                       packages_firewall_consolidated_policy_id: Optional[str] = None,
                                       per_ip_shaper: Optional[str] = None,
                                       pkg_folder_path: Optional[str] = None,
                                       policyid: Optional[float] = None,
                                       poolname4: Optional[str] = None,
                                       poolname6: Optional[str] = None,
                                       profile_group: Optional[str] = None,
                                       profile_protocol_options: Optional[str] = None,
                                       profile_type: Optional[str] = None,
                                       schedule: Optional[str] = None,
                                       scopetype: Optional[str] = None,
                                       service: Optional[str] = None,
                                       service_negate: Optional[str] = None,
                                       session_ttl: Optional[float] = None,
                                       srcaddr4: Optional[str] = None,
                                       srcaddr6: Optional[str] = None,
                                       srcaddr_negate: Optional[str] = None,
                                       srcintf: Optional[str] = None,
                                       ssh_filter_profile: Optional[str] = None,
                                       ssh_policy_redirect: Optional[str] = None,
                                       ssl_ssh_profile: Optional[str] = None,
                                       status: Optional[str] = None,
                                       tcp_mss_receiver: Optional[float] = None,
                                       tcp_mss_sender: Optional[float] = None,
                                       traffic_shaper: Optional[str] = None,
                                       traffic_shaper_reverse: Optional[str] = None,
                                       url_category: Optional[str] = None,
                                       users: Optional[str] = None,
                                       utm_status: Optional[str] = None,
                                       uuid: Optional[str] = None,
                                       voip_profile: Optional[str] = None,
                                       vpntunnel: Optional[str] = None,
                                       waf_profile: Optional[str] = None,
                                       wanopt: Optional[str] = None,
                                       wanopt_detection: Optional[str] = None,
                                       wanopt_passive_opt: Optional[str] = None,
                                       wanopt_peer: Optional[str] = None,
                                       wanopt_profile: Optional[str] = None,
                                       webcache: Optional[str] = None,
                                       webcache_https: Optional[str] = None,
                                       webfilter_profile: Optional[str] = None,
                                       webproxy_forward_server: Optional[str] = None,
                                       webproxy_profile: Optional[str] = None)

func NewPackagesFirewallConsolidatedPolicy(ctx *Context, name string, args PackagesFirewallConsolidatedPolicyArgs, opts ...ResourceOption) (*PackagesFirewallConsolidatedPolicy, error)

public PackagesFirewallConsolidatedPolicy(string name, PackagesFirewallConsolidatedPolicyArgs args, CustomResourceOptions? opts = null)

public PackagesFirewallConsolidatedPolicy(String name, PackagesFirewallConsolidatedPolicyArgs args)
public PackagesFirewallConsolidatedPolicy(String name, PackagesFirewallConsolidatedPolicyArgs args, CustomResourceOptions options)

type: fortimanager:PackagesFirewallConsolidatedPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PackagesFirewallConsolidatedPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PackagesFirewallConsolidatedPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PackagesFirewallConsolidatedPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PackagesFirewallConsolidatedPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PackagesFirewallConsolidatedPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var packagesFirewallConsolidatedPolicyResource = new Fortimanager.PackagesFirewallConsolidatedPolicy("packagesFirewallConsolidatedPolicyResource", new()
{
    Pkg = "string",
    _policyBlock = 0,
    Action = "string",
    Adom = "string",
    AppCategory = "string",
    AppGroup = "string",
    ApplicationList = "string",
    Applications = new[]
    {
        0,
    },
    AutoAsicOffload = "string",
    AvProfile = "string",
    CaptivePortalExempt = "string",
    CifsProfile = "string",
    Comments = "string",
    DiffservForward = "string",
    DiffservReverse = "string",
    DiffservcodeForward = "string",
    DiffservcodeRev = "string",
    DlpSensor = "string",
    DnsfilterProfile = "string",
    Dstaddr4 = "string",
    Dstaddr6 = "string",
    DstaddrNegate = "string",
    Dstintf = "string",
    EmailfilterProfile = "string",
    Fixedport = "string",
    FssoGroups = "string",
    GlobalLabel = "string",
    Groups = "string",
    HttpPolicyRedirect = "string",
    IcapProfile = "string",
    Inbound = "string",
    InspectionMode = "string",
    InternetService = "string",
    InternetServiceCustom = "string",
    InternetServiceCustomGroup = "string",
    InternetServiceGroup = "string",
    InternetServiceId = "string",
    InternetServiceNegate = "string",
    InternetServiceSrc = "string",
    InternetServiceSrcCustom = "string",
    InternetServiceSrcCustomGroup = "string",
    InternetServiceSrcGroup = "string",
    InternetServiceSrcId = "string",
    InternetServiceSrcNegate = "string",
    Ippool = "string",
    IpsSensor = "string",
    Logtraffic = "string",
    LogtrafficStart = "string",
    MmsProfile = "string",
    Name = "string",
    Nat = "string",
    Outbound = "string",
    PackagesFirewallConsolidatedPolicyId = "string",
    PerIpShaper = "string",
    PkgFolderPath = "string",
    Policyid = 0,
    Poolname4 = "string",
    Poolname6 = "string",
    ProfileGroup = "string",
    ProfileProtocolOptions = "string",
    ProfileType = "string",
    Schedule = "string",
    Scopetype = "string",
    Service = "string",
    ServiceNegate = "string",
    SessionTtl = 0,
    Srcaddr4 = "string",
    Srcaddr6 = "string",
    SrcaddrNegate = "string",
    Srcintf = "string",
    SshFilterProfile = "string",
    SshPolicyRedirect = "string",
    SslSshProfile = "string",
    Status = "string",
    TcpMssReceiver = 0,
    TcpMssSender = 0,
    TrafficShaper = "string",
    TrafficShaperReverse = "string",
    UrlCategory = "string",
    Users = "string",
    UtmStatus = "string",
    Uuid = "string",
    VoipProfile = "string",
    Vpntunnel = "string",
    WafProfile = "string",
    Wanopt = "string",
    WanoptDetection = "string",
    WanoptPassiveOpt = "string",
    WanoptPeer = "string",
    WanoptProfile = "string",
    Webcache = "string",
    WebcacheHttps = "string",
    WebfilterProfile = "string",
    WebproxyForwardServer = "string",
    WebproxyProfile = "string",
});

example, err := fortimanager.NewPackagesFirewallConsolidatedPolicy(ctx, "packagesFirewallConsolidatedPolicyResource", &fortimanager.PackagesFirewallConsolidatedPolicyArgs{
Pkg: pulumi.String("string"),
_policyBlock: pulumi.Float64(0),
Action: pulumi.String("string"),
Adom: pulumi.String("string"),
AppCategory: pulumi.String("string"),
AppGroup: pulumi.String("string"),
ApplicationList: pulumi.String("string"),
Applications: pulumi.Float64Array{
pulumi.Float64(0),
},
AutoAsicOffload: pulumi.String("string"),
AvProfile: pulumi.String("string"),
CaptivePortalExempt: pulumi.String("string"),
CifsProfile: pulumi.String("string"),
Comments: pulumi.String("string"),
DiffservForward: pulumi.String("string"),
DiffservReverse: pulumi.String("string"),
DiffservcodeForward: pulumi.String("string"),
DiffservcodeRev: pulumi.String("string"),
DlpSensor: pulumi.String("string"),
DnsfilterProfile: pulumi.String("string"),
Dstaddr4: pulumi.String("string"),
Dstaddr6: pulumi.String("string"),
DstaddrNegate: pulumi.String("string"),
Dstintf: pulumi.String("string"),
EmailfilterProfile: pulumi.String("string"),
Fixedport: pulumi.String("string"),
FssoGroups: pulumi.String("string"),
GlobalLabel: pulumi.String("string"),
Groups: pulumi.String("string"),
HttpPolicyRedirect: pulumi.String("string"),
IcapProfile: pulumi.String("string"),
Inbound: pulumi.String("string"),
InspectionMode: pulumi.String("string"),
InternetService: pulumi.String("string"),
InternetServiceCustom: pulumi.String("string"),
InternetServiceCustomGroup: pulumi.String("string"),
InternetServiceGroup: pulumi.String("string"),
InternetServiceId: pulumi.String("string"),
InternetServiceNegate: pulumi.String("string"),
InternetServiceSrc: pulumi.String("string"),
InternetServiceSrcCustom: pulumi.String("string"),
InternetServiceSrcCustomGroup: pulumi.String("string"),
InternetServiceSrcGroup: pulumi.String("string"),
InternetServiceSrcId: pulumi.String("string"),
InternetServiceSrcNegate: pulumi.String("string"),
Ippool: pulumi.String("string"),
IpsSensor: pulumi.String("string"),
Logtraffic: pulumi.String("string"),
LogtrafficStart: pulumi.String("string"),
MmsProfile: pulumi.String("string"),
Name: pulumi.String("string"),
Nat: pulumi.String("string"),
Outbound: pulumi.String("string"),
PackagesFirewallConsolidatedPolicyId: pulumi.String("string"),
PerIpShaper: pulumi.String("string"),
PkgFolderPath: pulumi.String("string"),
Policyid: pulumi.Float64(0),
Poolname4: pulumi.String("string"),
Poolname6: pulumi.String("string"),
ProfileGroup: pulumi.String("string"),
ProfileProtocolOptions: pulumi.String("string"),
ProfileType: pulumi.String("string"),
Schedule: pulumi.String("string"),
Scopetype: pulumi.String("string"),
Service: pulumi.String("string"),
ServiceNegate: pulumi.String("string"),
SessionTtl: pulumi.Float64(0),
Srcaddr4: pulumi.String("string"),
Srcaddr6: pulumi.String("string"),
SrcaddrNegate: pulumi.String("string"),
Srcintf: pulumi.String("string"),
SshFilterProfile: pulumi.String("string"),
SshPolicyRedirect: pulumi.String("string"),
SslSshProfile: pulumi.String("string"),
Status: pulumi.String("string"),
TcpMssReceiver: pulumi.Float64(0),
TcpMssSender: pulumi.Float64(0),
TrafficShaper: pulumi.String("string"),
TrafficShaperReverse: pulumi.String("string"),
UrlCategory: pulumi.String("string"),
Users: pulumi.String("string"),
UtmStatus: pulumi.String("string"),
Uuid: pulumi.String("string"),
VoipProfile: pulumi.String("string"),
Vpntunnel: pulumi.String("string"),
WafProfile: pulumi.String("string"),
Wanopt: pulumi.String("string"),
WanoptDetection: pulumi.String("string"),
WanoptPassiveOpt: pulumi.String("string"),
WanoptPeer: pulumi.String("string"),
WanoptProfile: pulumi.String("string"),
Webcache: pulumi.String("string"),
WebcacheHttps: pulumi.String("string"),
WebfilterProfile: pulumi.String("string"),
WebproxyForwardServer: pulumi.String("string"),
WebproxyProfile: pulumi.String("string"),
})

var packagesFirewallConsolidatedPolicyResource = new PackagesFirewallConsolidatedPolicy("packagesFirewallConsolidatedPolicyResource", PackagesFirewallConsolidatedPolicyArgs.builder()
    .pkg("string")
    ._policyBlock(0)
    .action("string")
    .adom("string")
    .appCategory("string")
    .appGroup("string")
    .applicationList("string")
    .applications(0)
    .autoAsicOffload("string")
    .avProfile("string")
    .captivePortalExempt("string")
    .cifsProfile("string")
    .comments("string")
    .diffservForward("string")
    .diffservReverse("string")
    .diffservcodeForward("string")
    .diffservcodeRev("string")
    .dlpSensor("string")
    .dnsfilterProfile("string")
    .dstaddr4("string")
    .dstaddr6("string")
    .dstaddrNegate("string")
    .dstintf("string")
    .emailfilterProfile("string")
    .fixedport("string")
    .fssoGroups("string")
    .globalLabel("string")
    .groups("string")
    .httpPolicyRedirect("string")
    .icapProfile("string")
    .inbound("string")
    .inspectionMode("string")
    .internetService("string")
    .internetServiceCustom("string")
    .internetServiceCustomGroup("string")
    .internetServiceGroup("string")
    .internetServiceId("string")
    .internetServiceNegate("string")
    .internetServiceSrc("string")
    .internetServiceSrcCustom("string")
    .internetServiceSrcCustomGroup("string")
    .internetServiceSrcGroup("string")
    .internetServiceSrcId("string")
    .internetServiceSrcNegate("string")
    .ippool("string")
    .ipsSensor("string")
    .logtraffic("string")
    .logtrafficStart("string")
    .mmsProfile("string")
    .name("string")
    .nat("string")
    .outbound("string")
    .packagesFirewallConsolidatedPolicyId("string")
    .perIpShaper("string")
    .pkgFolderPath("string")
    .policyid(0)
    .poolname4("string")
    .poolname6("string")
    .profileGroup("string")
    .profileProtocolOptions("string")
    .profileType("string")
    .schedule("string")
    .scopetype("string")
    .service("string")
    .serviceNegate("string")
    .sessionTtl(0)
    .srcaddr4("string")
    .srcaddr6("string")
    .srcaddrNegate("string")
    .srcintf("string")
    .sshFilterProfile("string")
    .sshPolicyRedirect("string")
    .sslSshProfile("string")
    .status("string")
    .tcpMssReceiver(0)
    .tcpMssSender(0)
    .trafficShaper("string")
    .trafficShaperReverse("string")
    .urlCategory("string")
    .users("string")
    .utmStatus("string")
    .uuid("string")
    .voipProfile("string")
    .vpntunnel("string")
    .wafProfile("string")
    .wanopt("string")
    .wanoptDetection("string")
    .wanoptPassiveOpt("string")
    .wanoptPeer("string")
    .wanoptProfile("string")
    .webcache("string")
    .webcacheHttps("string")
    .webfilterProfile("string")
    .webproxyForwardServer("string")
    .webproxyProfile("string")
    .build());

packages_firewall_consolidated_policy_resource = fortimanager.PackagesFirewallConsolidatedPolicy("packagesFirewallConsolidatedPolicyResource",
    pkg="string",
    _policy_block=0,
    action="string",
    adom="string",
    app_category="string",
    app_group="string",
    application_list="string",
    applications=[0],
    auto_asic_offload="string",
    av_profile="string",
    captive_portal_exempt="string",
    cifs_profile="string",
    comments="string",
    diffserv_forward="string",
    diffserv_reverse="string",
    diffservcode_forward="string",
    diffservcode_rev="string",
    dlp_sensor="string",
    dnsfilter_profile="string",
    dstaddr4="string",
    dstaddr6="string",
    dstaddr_negate="string",
    dstintf="string",
    emailfilter_profile="string",
    fixedport="string",
    fsso_groups="string",
    global_label="string",
    groups="string",
    http_policy_redirect="string",
    icap_profile="string",
    inbound="string",
    inspection_mode="string",
    internet_service="string",
    internet_service_custom="string",
    internet_service_custom_group="string",
    internet_service_group="string",
    internet_service_id="string",
    internet_service_negate="string",
    internet_service_src="string",
    internet_service_src_custom="string",
    internet_service_src_custom_group="string",
    internet_service_src_group="string",
    internet_service_src_id="string",
    internet_service_src_negate="string",
    ippool="string",
    ips_sensor="string",
    logtraffic="string",
    logtraffic_start="string",
    mms_profile="string",
    name="string",
    nat="string",
    outbound="string",
    packages_firewall_consolidated_policy_id="string",
    per_ip_shaper="string",
    pkg_folder_path="string",
    policyid=0,
    poolname4="string",
    poolname6="string",
    profile_group="string",
    profile_protocol_options="string",
    profile_type="string",
    schedule="string",
    scopetype="string",
    service="string",
    service_negate="string",
    session_ttl=0,
    srcaddr4="string",
    srcaddr6="string",
    srcaddr_negate="string",
    srcintf="string",
    ssh_filter_profile="string",
    ssh_policy_redirect="string",
    ssl_ssh_profile="string",
    status="string",
    tcp_mss_receiver=0,
    tcp_mss_sender=0,
    traffic_shaper="string",
    traffic_shaper_reverse="string",
    url_category="string",
    users="string",
    utm_status="string",
    uuid="string",
    voip_profile="string",
    vpntunnel="string",
    waf_profile="string",
    wanopt="string",
    wanopt_detection="string",
    wanopt_passive_opt="string",
    wanopt_peer="string",
    wanopt_profile="string",
    webcache="string",
    webcache_https="string",
    webfilter_profile="string",
    webproxy_forward_server="string",
    webproxy_profile="string")

const packagesFirewallConsolidatedPolicyResource = new fortimanager.PackagesFirewallConsolidatedPolicy("packagesFirewallConsolidatedPolicyResource", {
    pkg: "string",
    _policyBlock: 0,
    action: "string",
    adom: "string",
    appCategory: "string",
    appGroup: "string",
    applicationList: "string",
    applications: [0],
    autoAsicOffload: "string",
    avProfile: "string",
    captivePortalExempt: "string",
    cifsProfile: "string",
    comments: "string",
    diffservForward: "string",
    diffservReverse: "string",
    diffservcodeForward: "string",
    diffservcodeRev: "string",
    dlpSensor: "string",
    dnsfilterProfile: "string",
    dstaddr4: "string",
    dstaddr6: "string",
    dstaddrNegate: "string",
    dstintf: "string",
    emailfilterProfile: "string",
    fixedport: "string",
    fssoGroups: "string",
    globalLabel: "string",
    groups: "string",
    httpPolicyRedirect: "string",
    icapProfile: "string",
    inbound: "string",
    inspectionMode: "string",
    internetService: "string",
    internetServiceCustom: "string",
    internetServiceCustomGroup: "string",
    internetServiceGroup: "string",
    internetServiceId: "string",
    internetServiceNegate: "string",
    internetServiceSrc: "string",
    internetServiceSrcCustom: "string",
    internetServiceSrcCustomGroup: "string",
    internetServiceSrcGroup: "string",
    internetServiceSrcId: "string",
    internetServiceSrcNegate: "string",
    ippool: "string",
    ipsSensor: "string",
    logtraffic: "string",
    logtrafficStart: "string",
    mmsProfile: "string",
    name: "string",
    nat: "string",
    outbound: "string",
    packagesFirewallConsolidatedPolicyId: "string",
    perIpShaper: "string",
    pkgFolderPath: "string",
    policyid: 0,
    poolname4: "string",
    poolname6: "string",
    profileGroup: "string",
    profileProtocolOptions: "string",
    profileType: "string",
    schedule: "string",
    scopetype: "string",
    service: "string",
    serviceNegate: "string",
    sessionTtl: 0,
    srcaddr4: "string",
    srcaddr6: "string",
    srcaddrNegate: "string",
    srcintf: "string",
    sshFilterProfile: "string",
    sshPolicyRedirect: "string",
    sslSshProfile: "string",
    status: "string",
    tcpMssReceiver: 0,
    tcpMssSender: 0,
    trafficShaper: "string",
    trafficShaperReverse: "string",
    urlCategory: "string",
    users: "string",
    utmStatus: "string",
    uuid: "string",
    voipProfile: "string",
    vpntunnel: "string",
    wafProfile: "string",
    wanopt: "string",
    wanoptDetection: "string",
    wanoptPassiveOpt: "string",
    wanoptPeer: "string",
    wanoptProfile: "string",
    webcache: "string",
    webcacheHttps: "string",
    webfilterProfile: "string",
    webproxyForwardServer: "string",
    webproxyProfile: "string",
});

type: fortimanager:PackagesFirewallConsolidatedPolicy
properties:
    _policyBlock: 0
    action: string
    adom: string
    appCategory: string
    appGroup: string
    applicationList: string
    applications:
        - 0
    autoAsicOffload: string
    avProfile: string
    captivePortalExempt: string
    cifsProfile: string
    comments: string
    diffservForward: string
    diffservReverse: string
    diffservcodeForward: string
    diffservcodeRev: string
    dlpSensor: string
    dnsfilterProfile: string
    dstaddr4: string
    dstaddr6: string
    dstaddrNegate: string
    dstintf: string
    emailfilterProfile: string
    fixedport: string
    fssoGroups: string
    globalLabel: string
    groups: string
    httpPolicyRedirect: string
    icapProfile: string
    inbound: string
    inspectionMode: string
    internetService: string
    internetServiceCustom: string
    internetServiceCustomGroup: string
    internetServiceGroup: string
    internetServiceId: string
    internetServiceNegate: string
    internetServiceSrc: string
    internetServiceSrcCustom: string
    internetServiceSrcCustomGroup: string
    internetServiceSrcGroup: string
    internetServiceSrcId: string
    internetServiceSrcNegate: string
    ippool: string
    ipsSensor: string
    logtraffic: string
    logtrafficStart: string
    mmsProfile: string
    name: string
    nat: string
    outbound: string
    packagesFirewallConsolidatedPolicyId: string
    perIpShaper: string
    pkg: string
    pkgFolderPath: string
    policyid: 0
    poolname4: string
    poolname6: string
    profileGroup: string
    profileProtocolOptions: string
    profileType: string
    schedule: string
    scopetype: string
    service: string
    serviceNegate: string
    sessionTtl: 0
    srcaddr4: string
    srcaddr6: string
    srcaddrNegate: string
    srcintf: string
    sshFilterProfile: string
    sshPolicyRedirect: string
    sslSshProfile: string
    status: string
    tcpMssReceiver: 0
    tcpMssSender: 0
    trafficShaper: string
    trafficShaperReverse: string
    urlCategory: string
    users: string
    utmStatus: string
    uuid: string
    voipProfile: string
    vpntunnel: string
    wafProfile: string
    wanopt: string
    wanoptDetection: string
    wanoptPassiveOpt: string
    wanoptPeer: string
    wanoptProfile: string
    webcache: string
    webcacheHttps: string
    webfilterProfile: string
    webproxyForwardServer: string
    webproxyProfile: string

PackagesFirewallConsolidatedPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PackagesFirewallConsolidatedPolicy resource accepts the following input properties:

Pkg string: Package.
Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AppCategory string: App-Category.
AppGroup string: App-Group.
ApplicationList string: Name of an existing Application list.
Applications List<double>: Application.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CaptivePortalExempt string: Enable exemption of some users from the captive portal. Valid values: disable, enable.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
Dstaddr4 string: Destination IPv4 address name and address group names.
Dstaddr6 string: Destination IPv6 address name and address group names.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
InternetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetServiceCustom string: Custom Internet Service name.
InternetServiceCustomGroup string: Custom Internet Service group name.
InternetServiceGroup string: Internet Service group name.
InternetServiceId string: Internet Service ID.
InternetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetServiceSrcCustom string: Custom Internet Service source name.
InternetServiceSrcCustomGroup string: Custom Internet Service source group name.
InternetServiceSrcGroup string: Internet Service source group name.
InternetServiceSrcId string: Internet Service source ID.
InternetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesFirewallConsolidatedPolicyId string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
PkgFolderPath string: Pkg Folder Path.
Policyid double: Policy ID (0 - 4294967294).
Poolname4 string: IPv4 pool names.
Poolname6 string: IPv6 pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
SessionTtl double: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
Srcaddr4 string: Source IPv4 address name and address group names.
Srcaddr6 string: Source IPv6 address name and address group names.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
TcpMssReceiver double: Receiver TCP maximum segment size (MSS).
TcpMssSender double: Sender TCP maximum segment size (MSS).
TrafficShaper string: Traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategory string: Url-Category.
Users string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Wanopt string: Enable/disable WAN optimization. Valid values: disable, enable.
WanoptDetection string: WAN optimization auto-detection mode. Valid values: active, passive, off.
WanoptPassiveOpt string: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
WanoptPeer string: WAN optimization peer.
WanoptProfile string: WAN optimization profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Webproxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

Pkg string: Package.
Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AppCategory string: App-Category.
AppGroup string: App-Group.
ApplicationList string: Name of an existing Application list.
Applications []float64: Application.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CaptivePortalExempt string: Enable exemption of some users from the captive portal. Valid values: disable, enable.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
Dstaddr4 string: Destination IPv4 address name and address group names.
Dstaddr6 string: Destination IPv6 address name and address group names.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
InternetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetServiceCustom string: Custom Internet Service name.
InternetServiceCustomGroup string: Custom Internet Service group name.
InternetServiceGroup string: Internet Service group name.
InternetServiceId string: Internet Service ID.
InternetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetServiceSrcCustom string: Custom Internet Service source name.
InternetServiceSrcCustomGroup string: Custom Internet Service source group name.
InternetServiceSrcGroup string: Internet Service source group name.
InternetServiceSrcId string: Internet Service source ID.
InternetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesFirewallConsolidatedPolicyId string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
PkgFolderPath string: Pkg Folder Path.
Policyid float64: Policy ID (0 - 4294967294).
Poolname4 string: IPv4 pool names.
Poolname6 string: IPv6 pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
SessionTtl float64: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
Srcaddr4 string: Source IPv4 address name and address group names.
Srcaddr6 string: Source IPv6 address name and address group names.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
TcpMssReceiver float64: Receiver TCP maximum segment size (MSS).
TcpMssSender float64: Sender TCP maximum segment size (MSS).
TrafficShaper string: Traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategory string: Url-Category.
Users string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Wanopt string: Enable/disable WAN optimization. Valid values: disable, enable.
WanoptDetection string: WAN optimization auto-detection mode. Valid values: active, passive, off.
WanoptPassiveOpt string: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
WanoptPeer string: WAN optimization peer.
WanoptProfile string: WAN optimization profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Webproxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock float64: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

pkg String: Package.
_policyBlock Double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory String: App-Category.
appGroup String: App-Group.
applicationList String: Name of an existing Application list.
applications List<Double>: Application.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
captivePortalExempt String: Enable exemption of some users from the captive portal. Valid values: disable, enable.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dstaddr4 String: Destination IPv4 address name and address group names.
dstaddr6 String: Destination IPv6 address name and address group names.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
internetService String: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetServiceCustom String: Custom Internet Service name.
internetServiceCustomGroup String: Custom Internet Service group name.
internetServiceGroup String: Internet Service group name.
internetServiceId String: Internet Service ID.
internetServiceNegate String: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc String: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom String: Custom Internet Service source name.
internetServiceSrcCustomGroup String: Custom Internet Service source group name.
internetServiceSrcGroup String: Internet Service source group name.
internetServiceSrcId String: Internet Service source ID.
internetServiceSrcNegate String: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesFirewallConsolidatedPolicyId String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
pkgFolderPath String: Pkg Folder Path.
policyid Double: Policy ID (0 - 4294967294).
poolname4 String: IPv4 pool names.
poolname6 String: IPv6 pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl Double: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
srcaddr4 String: Source IPv4 address name and address group names.
srcaddr6 String: Source IPv6 address name and address group names.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver Double: Receiver TCP maximum segment size (MSS).
tcpMssSender Double: Sender TCP maximum segment size (MSS).
trafficShaper String: Traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategory String: Url-Category.
users String: Names of individual users that can authenticate with this policy.
utmStatus String: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
wanopt String: Enable/disable WAN optimization. Valid values: disable, enable.
wanoptDetection String: WAN optimization auto-detection mode. Valid values: active, passive, off.
wanoptPassiveOpt String: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
wanoptPeer String: WAN optimization peer.
wanoptProfile String: WAN optimization profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Webproxy forward server name.
webproxyProfile String: Webproxy profile name.

pkg string: Package.
_policyBlock number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory string: App-Category.
appGroup string: App-Group.
applicationList string: Name of an existing Application list.
applications number[]: Application.
autoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile string: Name of an existing Antivirus profile.
captivePortalExempt string: Enable exemption of some users from the captive portal. Valid values: disable, enable.
cifsProfile string: Name of an existing CIFS profile.
comments string: Comment.
diffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward string: Change packet's DiffServ to this value.
diffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
dlpSensor string: Name of an existing DLP sensor.
dnsfilterProfile string: Name of an existing DNS filter profile.
dstaddr4 string: Destination IPv4 address name and address group names.
dstaddr6 string: Destination IPv6 address name and address group names.
dstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf string: Outgoing (egress) interface.
emailfilterProfile string: Name of an existing email filter profile.
fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups string: Names of FSSO groups.
globalLabel string: Label for the policy that appears when the GUI is in Global View mode.
groups string: Names of user groups that can authenticate with this policy.
httpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile string: Name of an existing ICAP profile.
inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
internetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetServiceCustom string: Custom Internet Service name.
internetServiceCustomGroup string: Custom Internet Service group name.
internetServiceGroup string: Internet Service group name.
internetServiceId string: Internet Service ID.
internetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom string: Custom Internet Service source name.
internetServiceSrcCustomGroup string: Custom Internet Service source group name.
internetServiceSrcGroup string: Internet Service source group name.
internetServiceSrcId string: Internet Service source ID.
internetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor string: Name of an existing IPS sensor.
logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
mmsProfile string: Name of an existing MMS profile.
name string: Policy name.
nat string: Enable/disable source NAT. Valid values: disable, enable.
outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesFirewallConsolidatedPolicyId string: an identifier for the resource with format {{policyid}}.
perIpShaper string: Per-IP traffic shaper.
pkgFolderPath string: Pkg Folder Path.
policyid number: Policy ID (0 - 4294967294).
poolname4 string: IPv4 pool names.
poolname6 string: IPv6 pool names.
profileGroup string: Name of profile group.
profileProtocolOptions string: Name of an existing Protocol options profile.
profileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule string: Schedule name.
scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
service string: Service and service group names.
serviceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl number: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
srcaddr4 string: Source IPv4 address name and address group names.
srcaddr6 string: Source IPv6 address name and address group names.
srcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf string: Incoming (ingress) interface.
sshFilterProfile string: Name of an existing SSH filter profile.
sshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile string: Name of an existing SSL SSH profile.
status string: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver number: Receiver TCP maximum segment size (MSS).
tcpMssSender number: Sender TCP maximum segment size (MSS).
trafficShaper string: Traffic shaper.
trafficShaperReverse string: Reverse traffic shaper.
urlCategory string: Url-Category.
users string: Names of individual users that can authenticate with this policy.
utmStatus string: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
voipProfile string: Name of an existing VoIP profile.
vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile string: Name of an existing Web application firewall profile.
wanopt string: Enable/disable WAN optimization. Valid values: disable, enable.
wanoptDetection string: WAN optimization auto-detection mode. Valid values: active, passive, off.
wanoptPassiveOpt string: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
wanoptPeer string: WAN optimization peer.
wanoptProfile string: WAN optimization profile.
webcache string: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile string: Name of an existing Web filter profile.
webproxyForwardServer string: Webproxy forward server name.
webproxyProfile string: Webproxy profile name.

pkg str: Package.
_policy_block float: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action str: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
app_category str: App-Category.
app_group str: App-Group.
application_list str: Name of an existing Application list.
applications Sequence[float]: Application.
auto_asic_offload str: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
av_profile str: Name of an existing Antivirus profile.
captive_portal_exempt str: Enable exemption of some users from the captive portal. Valid values: disable, enable.
cifs_profile str: Name of an existing CIFS profile.
comments str: Comment.
diffserv_forward str: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffserv_reverse str: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcode_forward str: Change packet's DiffServ to this value.
diffservcode_rev str: Change packet's reverse (reply) DiffServ to this value.
dlp_sensor str: Name of an existing DLP sensor.
dnsfilter_profile str: Name of an existing DNS filter profile.
dstaddr4 str: Destination IPv4 address name and address group names.
dstaddr6 str: Destination IPv6 address name and address group names.
dstaddr_negate str: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf str: Outgoing (egress) interface.
emailfilter_profile str: Name of an existing email filter profile.
fixedport str: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsso_groups str: Names of FSSO groups.
global_label str: Label for the policy that appears when the GUI is in Global View mode.
groups str: Names of user groups that can authenticate with this policy.
http_policy_redirect str: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icap_profile str: Name of an existing ICAP profile.
inbound str: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspection_mode str: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
internet_service str: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internet_service_custom str: Custom Internet Service name.
internet_service_custom_group str: Custom Internet Service group name.
internet_service_group str: Internet Service group name.
internet_service_id str: Internet Service ID.
internet_service_negate str: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internet_service_src str: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internet_service_src_custom str: Custom Internet Service source name.
internet_service_src_custom_group str: Custom Internet Service source group name.
internet_service_src_group str: Internet Service source group name.
internet_service_src_id str: Internet Service source ID.
internet_service_src_negate str: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ippool str: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ips_sensor str: Name of an existing IPS sensor.
logtraffic str: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtraffic_start str: Record logs when a session starts. Valid values: disable, enable.
mms_profile str: Name of an existing MMS profile.
name str: Policy name.
nat str: Enable/disable source NAT. Valid values: disable, enable.
outbound str: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packages_firewall_consolidated_policy_id str: an identifier for the resource with format {{policyid}}.
per_ip_shaper str: Per-IP traffic shaper.
pkg_folder_path str: Pkg Folder Path.
policyid float: Policy ID (0 - 4294967294).
poolname4 str: IPv4 pool names.
poolname6 str: IPv6 pool names.
profile_group str: Name of profile group.
profile_protocol_options str: Name of an existing Protocol options profile.
profile_type str: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule str: Schedule name.
scopetype str: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
service str: Service and service group names.
service_negate str: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
session_ttl float: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
srcaddr4 str: Source IPv4 address name and address group names.
srcaddr6 str: Source IPv6 address name and address group names.
srcaddr_negate str: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf str: Incoming (ingress) interface.
ssh_filter_profile str: Name of an existing SSH filter profile.
ssh_policy_redirect str: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
ssl_ssh_profile str: Name of an existing SSL SSH profile.
status str: Enable or disable this policy. Valid values: disable, enable.
tcp_mss_receiver float: Receiver TCP maximum segment size (MSS).
tcp_mss_sender float: Sender TCP maximum segment size (MSS).
traffic_shaper str: Traffic shaper.
traffic_shaper_reverse str: Reverse traffic shaper.
url_category str: Url-Category.
users str: Names of individual users that can authenticate with this policy.
utm_status str: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
voip_profile str: Name of an existing VoIP profile.
vpntunnel str: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
waf_profile str: Name of an existing Web application firewall profile.
wanopt str: Enable/disable WAN optimization. Valid values: disable, enable.
wanopt_detection str: WAN optimization auto-detection mode. Valid values: active, passive, off.
wanopt_passive_opt str: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
wanopt_peer str: WAN optimization peer.
wanopt_profile str: WAN optimization profile.
webcache str: Enable/disable web cache. Valid values: disable, enable.
webcache_https str: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilter_profile str: Name of an existing Web filter profile.
webproxy_forward_server str: Webproxy forward server name.
webproxy_profile str: Webproxy profile name.

pkg String: Package.
_policyBlock Number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory String: App-Category.
appGroup String: App-Group.
applicationList String: Name of an existing Application list.
applications List<Number>: Application.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
captivePortalExempt String: Enable exemption of some users from the captive portal. Valid values: disable, enable.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dstaddr4 String: Destination IPv4 address name and address group names.
dstaddr6 String: Destination IPv6 address name and address group names.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
internetService String: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetServiceCustom String: Custom Internet Service name.
internetServiceCustomGroup String: Custom Internet Service group name.
internetServiceGroup String: Internet Service group name.
internetServiceId String: Internet Service ID.
internetServiceNegate String: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc String: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom String: Custom Internet Service source name.
internetServiceSrcCustomGroup String: Custom Internet Service source group name.
internetServiceSrcGroup String: Internet Service source group name.
internetServiceSrcId String: Internet Service source ID.
internetServiceSrcNegate String: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesFirewallConsolidatedPolicyId String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
pkgFolderPath String: Pkg Folder Path.
policyid Number: Policy ID (0 - 4294967294).
poolname4 String: IPv4 pool names.
poolname6 String: IPv6 pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl Number: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
srcaddr4 String: Source IPv4 address name and address group names.
srcaddr6 String: Source IPv6 address name and address group names.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver Number: Receiver TCP maximum segment size (MSS).
tcpMssSender Number: Sender TCP maximum segment size (MSS).
trafficShaper String: Traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategory String: Url-Category.
users String: Names of individual users that can authenticate with this policy.
utmStatus String: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
wanopt String: Enable/disable WAN optimization. Valid values: disable, enable.
wanoptDetection String: WAN optimization auto-detection mode. Valid values: active, passive, off.
wanoptPassiveOpt String: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
wanoptPeer String: WAN optimization peer.
wanoptProfile String: WAN optimization profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Webproxy forward server name.
webproxyProfile String: Webproxy profile name.

Outputs

All input properties are implicitly available as output properties. Additionally, the PackagesFirewallConsolidatedPolicy resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing PackagesFirewallConsolidatedPolicy Resource

Get an existing PackagesFirewallConsolidatedPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PackagesFirewallConsolidatedPolicyState, opts?: CustomResourceOptions): PackagesFirewallConsolidatedPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _policy_block: Optional[float] = None,
        action: Optional[str] = None,
        adom: Optional[str] = None,
        app_category: Optional[str] = None,
        app_group: Optional[str] = None,
        application_list: Optional[str] = None,
        applications: Optional[Sequence[float]] = None,
        auto_asic_offload: Optional[str] = None,
        av_profile: Optional[str] = None,
        captive_portal_exempt: Optional[str] = None,
        cifs_profile: Optional[str] = None,
        comments: Optional[str] = None,
        diffserv_forward: Optional[str] = None,
        diffserv_reverse: Optional[str] = None,
        diffservcode_forward: Optional[str] = None,
        diffservcode_rev: Optional[str] = None,
        dlp_sensor: Optional[str] = None,
        dnsfilter_profile: Optional[str] = None,
        dstaddr4: Optional[str] = None,
        dstaddr6: Optional[str] = None,
        dstaddr_negate: Optional[str] = None,
        dstintf: Optional[str] = None,
        emailfilter_profile: Optional[str] = None,
        fixedport: Optional[str] = None,
        fsso_groups: Optional[str] = None,
        global_label: Optional[str] = None,
        groups: Optional[str] = None,
        http_policy_redirect: Optional[str] = None,
        icap_profile: Optional[str] = None,
        inbound: Optional[str] = None,
        inspection_mode: Optional[str] = None,
        internet_service: Optional[str] = None,
        internet_service_custom: Optional[str] = None,
        internet_service_custom_group: Optional[str] = None,
        internet_service_group: Optional[str] = None,
        internet_service_id: Optional[str] = None,
        internet_service_negate: Optional[str] = None,
        internet_service_src: Optional[str] = None,
        internet_service_src_custom: Optional[str] = None,
        internet_service_src_custom_group: Optional[str] = None,
        internet_service_src_group: Optional[str] = None,
        internet_service_src_id: Optional[str] = None,
        internet_service_src_negate: Optional[str] = None,
        ippool: Optional[str] = None,
        ips_sensor: Optional[str] = None,
        logtraffic: Optional[str] = None,
        logtraffic_start: Optional[str] = None,
        mms_profile: Optional[str] = None,
        name: Optional[str] = None,
        nat: Optional[str] = None,
        outbound: Optional[str] = None,
        packages_firewall_consolidated_policy_id: Optional[str] = None,
        per_ip_shaper: Optional[str] = None,
        pkg: Optional[str] = None,
        pkg_folder_path: Optional[str] = None,
        policyid: Optional[float] = None,
        poolname4: Optional[str] = None,
        poolname6: Optional[str] = None,
        profile_group: Optional[str] = None,
        profile_protocol_options: Optional[str] = None,
        profile_type: Optional[str] = None,
        schedule: Optional[str] = None,
        scopetype: Optional[str] = None,
        service: Optional[str] = None,
        service_negate: Optional[str] = None,
        session_ttl: Optional[float] = None,
        srcaddr4: Optional[str] = None,
        srcaddr6: Optional[str] = None,
        srcaddr_negate: Optional[str] = None,
        srcintf: Optional[str] = None,
        ssh_filter_profile: Optional[str] = None,
        ssh_policy_redirect: Optional[str] = None,
        ssl_ssh_profile: Optional[str] = None,
        status: Optional[str] = None,
        tcp_mss_receiver: Optional[float] = None,
        tcp_mss_sender: Optional[float] = None,
        traffic_shaper: Optional[str] = None,
        traffic_shaper_reverse: Optional[str] = None,
        url_category: Optional[str] = None,
        users: Optional[str] = None,
        utm_status: Optional[str] = None,
        uuid: Optional[str] = None,
        voip_profile: Optional[str] = None,
        vpntunnel: Optional[str] = None,
        waf_profile: Optional[str] = None,
        wanopt: Optional[str] = None,
        wanopt_detection: Optional[str] = None,
        wanopt_passive_opt: Optional[str] = None,
        wanopt_peer: Optional[str] = None,
        wanopt_profile: Optional[str] = None,
        webcache: Optional[str] = None,
        webcache_https: Optional[str] = None,
        webfilter_profile: Optional[str] = None,
        webproxy_forward_server: Optional[str] = None,
        webproxy_profile: Optional[str] = None) -> PackagesFirewallConsolidatedPolicy

func GetPackagesFirewallConsolidatedPolicy(ctx *Context, name string, id IDInput, state *PackagesFirewallConsolidatedPolicyState, opts ...ResourceOption) (*PackagesFirewallConsolidatedPolicy, error)

public static PackagesFirewallConsolidatedPolicy Get(string name, Input<string> id, PackagesFirewallConsolidatedPolicyState? state, CustomResourceOptions? opts = null)

public static PackagesFirewallConsolidatedPolicy get(String name, Output<String> id, PackagesFirewallConsolidatedPolicyState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:PackagesFirewallConsolidatedPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AppCategory string: App-Category.
AppGroup string: App-Group.
ApplicationList string: Name of an existing Application list.
Applications List<double>: Application.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CaptivePortalExempt string: Enable exemption of some users from the captive portal. Valid values: disable, enable.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
Dstaddr4 string: Destination IPv4 address name and address group names.
Dstaddr6 string: Destination IPv6 address name and address group names.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
InternetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetServiceCustom string: Custom Internet Service name.
InternetServiceCustomGroup string: Custom Internet Service group name.
InternetServiceGroup string: Internet Service group name.
InternetServiceId string: Internet Service ID.
InternetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetServiceSrcCustom string: Custom Internet Service source name.
InternetServiceSrcCustomGroup string: Custom Internet Service source group name.
InternetServiceSrcGroup string: Internet Service source group name.
InternetServiceSrcId string: Internet Service source ID.
InternetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesFirewallConsolidatedPolicyId string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
Pkg string: Package.
PkgFolderPath string: Pkg Folder Path.
Policyid double: Policy ID (0 - 4294967294).
Poolname4 string: IPv4 pool names.
Poolname6 string: IPv6 pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
SessionTtl double: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
Srcaddr4 string: Source IPv4 address name and address group names.
Srcaddr6 string: Source IPv6 address name and address group names.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
TcpMssReceiver double: Receiver TCP maximum segment size (MSS).
TcpMssSender double: Sender TCP maximum segment size (MSS).
TrafficShaper string: Traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategory string: Url-Category.
Users string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Wanopt string: Enable/disable WAN optimization. Valid values: disable, enable.
WanoptDetection string: WAN optimization auto-detection mode. Valid values: active, passive, off.
WanoptPassiveOpt string: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
WanoptPeer string: WAN optimization peer.
WanoptProfile string: WAN optimization profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Webproxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AppCategory string: App-Category.
AppGroup string: App-Group.
ApplicationList string: Name of an existing Application list.
Applications []float64: Application.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CaptivePortalExempt string: Enable exemption of some users from the captive portal. Valid values: disable, enable.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
Dstaddr4 string: Destination IPv4 address name and address group names.
Dstaddr6 string: Destination IPv6 address name and address group names.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
InternetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetServiceCustom string: Custom Internet Service name.
InternetServiceCustomGroup string: Custom Internet Service group name.
InternetServiceGroup string: Internet Service group name.
InternetServiceId string: Internet Service ID.
InternetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetServiceSrcCustom string: Custom Internet Service source name.
InternetServiceSrcCustomGroup string: Custom Internet Service source group name.
InternetServiceSrcGroup string: Internet Service source group name.
InternetServiceSrcId string: Internet Service source ID.
InternetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesFirewallConsolidatedPolicyId string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
Pkg string: Package.
PkgFolderPath string: Pkg Folder Path.
Policyid float64: Policy ID (0 - 4294967294).
Poolname4 string: IPv4 pool names.
Poolname6 string: IPv6 pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
SessionTtl float64: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
Srcaddr4 string: Source IPv4 address name and address group names.
Srcaddr6 string: Source IPv6 address name and address group names.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
TcpMssReceiver float64: Receiver TCP maximum segment size (MSS).
TcpMssSender float64: Sender TCP maximum segment size (MSS).
TrafficShaper string: Traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategory string: Url-Category.
Users string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Wanopt string: Enable/disable WAN optimization. Valid values: disable, enable.
WanoptDetection string: WAN optimization auto-detection mode. Valid values: active, passive, off.
WanoptPassiveOpt string: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
WanoptPeer string: WAN optimization peer.
WanoptProfile string: WAN optimization profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Webproxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock float64: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

_policyBlock Double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory String: App-Category.
appGroup String: App-Group.
applicationList String: Name of an existing Application list.
applications List<Double>: Application.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
captivePortalExempt String: Enable exemption of some users from the captive portal. Valid values: disable, enable.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dstaddr4 String: Destination IPv4 address name and address group names.
dstaddr6 String: Destination IPv6 address name and address group names.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
internetService String: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetServiceCustom String: Custom Internet Service name.
internetServiceCustomGroup String: Custom Internet Service group name.
internetServiceGroup String: Internet Service group name.
internetServiceId String: Internet Service ID.
internetServiceNegate String: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc String: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom String: Custom Internet Service source name.
internetServiceSrcCustomGroup String: Custom Internet Service source group name.
internetServiceSrcGroup String: Internet Service source group name.
internetServiceSrcId String: Internet Service source ID.
internetServiceSrcNegate String: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesFirewallConsolidatedPolicyId String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
pkg String: Package.
pkgFolderPath String: Pkg Folder Path.
policyid Double: Policy ID (0 - 4294967294).
poolname4 String: IPv4 pool names.
poolname6 String: IPv6 pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl Double: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
srcaddr4 String: Source IPv4 address name and address group names.
srcaddr6 String: Source IPv6 address name and address group names.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver Double: Receiver TCP maximum segment size (MSS).
tcpMssSender Double: Sender TCP maximum segment size (MSS).
trafficShaper String: Traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategory String: Url-Category.
users String: Names of individual users that can authenticate with this policy.
utmStatus String: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
wanopt String: Enable/disable WAN optimization. Valid values: disable, enable.
wanoptDetection String: WAN optimization auto-detection mode. Valid values: active, passive, off.
wanoptPassiveOpt String: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
wanoptPeer String: WAN optimization peer.
wanoptProfile String: WAN optimization profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Webproxy forward server name.
webproxyProfile String: Webproxy profile name.

_policyBlock number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory string: App-Category.
appGroup string: App-Group.
applicationList string: Name of an existing Application list.
applications number[]: Application.
autoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile string: Name of an existing Antivirus profile.
captivePortalExempt string: Enable exemption of some users from the captive portal. Valid values: disable, enable.
cifsProfile string: Name of an existing CIFS profile.
comments string: Comment.
diffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward string: Change packet's DiffServ to this value.
diffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
dlpSensor string: Name of an existing DLP sensor.
dnsfilterProfile string: Name of an existing DNS filter profile.
dstaddr4 string: Destination IPv4 address name and address group names.
dstaddr6 string: Destination IPv6 address name and address group names.
dstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf string: Outgoing (egress) interface.
emailfilterProfile string: Name of an existing email filter profile.
fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups string: Names of FSSO groups.
globalLabel string: Label for the policy that appears when the GUI is in Global View mode.
groups string: Names of user groups that can authenticate with this policy.
httpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile string: Name of an existing ICAP profile.
inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
internetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetServiceCustom string: Custom Internet Service name.
internetServiceCustomGroup string: Custom Internet Service group name.
internetServiceGroup string: Internet Service group name.
internetServiceId string: Internet Service ID.
internetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom string: Custom Internet Service source name.
internetServiceSrcCustomGroup string: Custom Internet Service source group name.
internetServiceSrcGroup string: Internet Service source group name.
internetServiceSrcId string: Internet Service source ID.
internetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor string: Name of an existing IPS sensor.
logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
mmsProfile string: Name of an existing MMS profile.
name string: Policy name.
nat string: Enable/disable source NAT. Valid values: disable, enable.
outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesFirewallConsolidatedPolicyId string: an identifier for the resource with format {{policyid}}.
perIpShaper string: Per-IP traffic shaper.
pkg string: Package.
pkgFolderPath string: Pkg Folder Path.
policyid number: Policy ID (0 - 4294967294).
poolname4 string: IPv4 pool names.
poolname6 string: IPv6 pool names.
profileGroup string: Name of profile group.
profileProtocolOptions string: Name of an existing Protocol options profile.
profileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule string: Schedule name.
scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
service string: Service and service group names.
serviceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl number: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
srcaddr4 string: Source IPv4 address name and address group names.
srcaddr6 string: Source IPv6 address name and address group names.
srcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf string: Incoming (ingress) interface.
sshFilterProfile string: Name of an existing SSH filter profile.
sshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile string: Name of an existing SSL SSH profile.
status string: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver number: Receiver TCP maximum segment size (MSS).
tcpMssSender number: Sender TCP maximum segment size (MSS).
trafficShaper string: Traffic shaper.
trafficShaperReverse string: Reverse traffic shaper.
urlCategory string: Url-Category.
users string: Names of individual users that can authenticate with this policy.
utmStatus string: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
voipProfile string: Name of an existing VoIP profile.
vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile string: Name of an existing Web application firewall profile.
wanopt string: Enable/disable WAN optimization. Valid values: disable, enable.
wanoptDetection string: WAN optimization auto-detection mode. Valid values: active, passive, off.
wanoptPassiveOpt string: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
wanoptPeer string: WAN optimization peer.
wanoptProfile string: WAN optimization profile.
webcache string: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile string: Name of an existing Web filter profile.
webproxyForwardServer string: Webproxy forward server name.
webproxyProfile string: Webproxy profile name.

_policy_block float: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action str: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
app_category str: App-Category.
app_group str: App-Group.
application_list str: Name of an existing Application list.
applications Sequence[float]: Application.
auto_asic_offload str: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
av_profile str: Name of an existing Antivirus profile.
captive_portal_exempt str: Enable exemption of some users from the captive portal. Valid values: disable, enable.
cifs_profile str: Name of an existing CIFS profile.
comments str: Comment.
diffserv_forward str: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffserv_reverse str: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcode_forward str: Change packet's DiffServ to this value.
diffservcode_rev str: Change packet's reverse (reply) DiffServ to this value.
dlp_sensor str: Name of an existing DLP sensor.
dnsfilter_profile str: Name of an existing DNS filter profile.
dstaddr4 str: Destination IPv4 address name and address group names.
dstaddr6 str: Destination IPv6 address name and address group names.
dstaddr_negate str: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf str: Outgoing (egress) interface.
emailfilter_profile str: Name of an existing email filter profile.
fixedport str: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsso_groups str: Names of FSSO groups.
global_label str: Label for the policy that appears when the GUI is in Global View mode.
groups str: Names of user groups that can authenticate with this policy.
http_policy_redirect str: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icap_profile str: Name of an existing ICAP profile.
inbound str: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspection_mode str: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
internet_service str: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internet_service_custom str: Custom Internet Service name.
internet_service_custom_group str: Custom Internet Service group name.
internet_service_group str: Internet Service group name.
internet_service_id str: Internet Service ID.
internet_service_negate str: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internet_service_src str: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internet_service_src_custom str: Custom Internet Service source name.
internet_service_src_custom_group str: Custom Internet Service source group name.
internet_service_src_group str: Internet Service source group name.
internet_service_src_id str: Internet Service source ID.
internet_service_src_negate str: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ippool str: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ips_sensor str: Name of an existing IPS sensor.
logtraffic str: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtraffic_start str: Record logs when a session starts. Valid values: disable, enable.
mms_profile str: Name of an existing MMS profile.
name str: Policy name.
nat str: Enable/disable source NAT. Valid values: disable, enable.
outbound str: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packages_firewall_consolidated_policy_id str: an identifier for the resource with format {{policyid}}.
per_ip_shaper str: Per-IP traffic shaper.
pkg str: Package.
pkg_folder_path str: Pkg Folder Path.
policyid float: Policy ID (0 - 4294967294).
poolname4 str: IPv4 pool names.
poolname6 str: IPv6 pool names.
profile_group str: Name of profile group.
profile_protocol_options str: Name of an existing Protocol options profile.
profile_type str: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule str: Schedule name.
scopetype str: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
service str: Service and service group names.
service_negate str: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
session_ttl float: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
srcaddr4 str: Source IPv4 address name and address group names.
srcaddr6 str: Source IPv6 address name and address group names.
srcaddr_negate str: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf str: Incoming (ingress) interface.
ssh_filter_profile str: Name of an existing SSH filter profile.
ssh_policy_redirect str: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
ssl_ssh_profile str: Name of an existing SSL SSH profile.
status str: Enable or disable this policy. Valid values: disable, enable.
tcp_mss_receiver float: Receiver TCP maximum segment size (MSS).
tcp_mss_sender float: Sender TCP maximum segment size (MSS).
traffic_shaper str: Traffic shaper.
traffic_shaper_reverse str: Reverse traffic shaper.
url_category str: Url-Category.
users str: Names of individual users that can authenticate with this policy.
utm_status str: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
voip_profile str: Name of an existing VoIP profile.
vpntunnel str: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
waf_profile str: Name of an existing Web application firewall profile.
wanopt str: Enable/disable WAN optimization. Valid values: disable, enable.
wanopt_detection str: WAN optimization auto-detection mode. Valid values: active, passive, off.
wanopt_passive_opt str: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
wanopt_peer str: WAN optimization peer.
wanopt_profile str: WAN optimization profile.
webcache str: Enable/disable web cache. Valid values: disable, enable.
webcache_https str: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilter_profile str: Name of an existing Web filter profile.
webproxy_forward_server str: Webproxy forward server name.
webproxy_profile str: Webproxy profile name.

_policyBlock Number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory String: App-Category.
appGroup String: App-Group.
applicationList String: Name of an existing Application list.
applications List<Number>: Application.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
captivePortalExempt String: Enable exemption of some users from the captive portal. Valid values: disable, enable.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dstaddr4 String: Destination IPv4 address name and address group names.
dstaddr6 String: Destination IPv6 address name and address group names.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
internetService String: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetServiceCustom String: Custom Internet Service name.
internetServiceCustomGroup String: Custom Internet Service group name.
internetServiceGroup String: Internet Service group name.
internetServiceId String: Internet Service ID.
internetServiceNegate String: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc String: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom String: Custom Internet Service source name.
internetServiceSrcCustomGroup String: Custom Internet Service source group name.
internetServiceSrcGroup String: Internet Service source group name.
internetServiceSrcId String: Internet Service source ID.
internetServiceSrcNegate String: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesFirewallConsolidatedPolicyId String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
pkg String: Package.
pkgFolderPath String: Pkg Folder Path.
policyid Number: Policy ID (0 - 4294967294).
poolname4 String: IPv4 pool names.
poolname6 String: IPv6 pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl Number: TTL in seconds for sessions accepted by this policy (0 means use the system default session TTL).
srcaddr4 String: Source IPv4 address name and address group names.
srcaddr6 String: Source IPv6 address name and address group names.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver Number: Receiver TCP maximum segment size (MSS).
tcpMssSender Number: Sender TCP maximum segment size (MSS).
trafficShaper String: Traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategory String: Url-Category.
users String: Names of individual users that can authenticate with this policy.
utmStatus String: Enable to add one or more security profiles (AV, IPS, etc.) to the firewall policy. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
wanopt String: Enable/disable WAN optimization. Valid values: disable, enable.
wanoptDetection String: WAN optimization auto-detection mode. Valid values: active, passive, off.
wanoptPassiveOpt String: WAN optimization passive mode options. This option decides what IP address will be used to connect to server. Valid values: default, transparent, non-transparent.
wanoptPeer String: WAN optimization peer.
wanoptProfile String: WAN optimization profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Webproxy forward server name.
webproxyProfile String: Webproxy profile name.

Import

Packages FirewallConsolidatedPolicy can be imported using any of these accepted formats:

Set import_options = [“pkg_folder_path=YOUR_VALUE”, “pkg=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/packagesFirewallConsolidatedPolicy:PackagesFirewallConsolidatedPolicy labelname {{policyid}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesFirewallConsolidatedPolicy

On this page

On this page

Create PackagesFirewallConsolidatedPolicy Resource

Constructor syntax

Parameters

Constructor example

PackagesFirewallConsolidatedPolicy Resource Properties

Inputs

Outputs

Look up Existing PackagesFirewallConsolidatedPolicy Resource

Import

Package Details

On this page

On this page