fortimanager 1.13.0, Mar 13 25

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesFirewallSecuritypolicy

Explore with Pulumi AI

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

Create PackagesFirewallSecuritypolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PackagesFirewallSecuritypolicy(name: string, args: PackagesFirewallSecuritypolicyArgs, opts?: CustomResourceOptions);

@overload
def PackagesFirewallSecuritypolicy(resource_name: str,
                                   args: PackagesFirewallSecuritypolicyArgs,
                                   opts: Optional[ResourceOptions] = None)

@overload
def PackagesFirewallSecuritypolicy(resource_name: str,
                                   opts: Optional[ResourceOptions] = None,
                                   pkg: Optional[str] = None,
                                   _policy_block: Optional[float] = None,
                                   action: Optional[str] = None,
                                   adom: Optional[str] = None,
                                   app_category: Optional[str] = None,
                                   app_group: Optional[str] = None,
                                   application_list: Optional[str] = None,
                                   applications: Optional[Sequence[float]] = None,
                                   av_profile: Optional[str] = None,
                                   casb_profile: Optional[str] = None,
                                   cifs_profile: Optional[str] = None,
                                   comments: Optional[str] = None,
                                   diameter_filter_profile: Optional[str] = None,
                                   dlp_profile: Optional[str] = None,
                                   dlp_sensor: Optional[str] = None,
                                   dnsfilter_profile: Optional[str] = None,
                                   dstaddr: Optional[str] = None,
                                   dstaddr4: Optional[str] = None,
                                   dstaddr6: Optional[str] = None,
                                   dstaddr6_negate: Optional[str] = None,
                                   dstaddr_negate: Optional[str] = None,
                                   dstintf: Optional[str] = None,
                                   emailfilter_profile: Optional[str] = None,
                                   enforce_default_app_port: Optional[str] = None,
                                   file_filter_profile: Optional[str] = None,
                                   fsso_groups: Optional[str] = None,
                                   global_label: Optional[str] = None,
                                   groups: Optional[str] = None,
                                   icap_profile: Optional[str] = None,
                                   internet_service: Optional[str] = None,
                                   internet_service6: Optional[str] = None,
                                   internet_service6_custom_groups: Optional[Sequence[str]] = None,
                                   internet_service6_customs: Optional[Sequence[str]] = None,
                                   internet_service6_groups: Optional[Sequence[str]] = None,
                                   internet_service6_names: Optional[Sequence[str]] = None,
                                   internet_service6_negate: Optional[str] = None,
                                   internet_service6_src: Optional[str] = None,
                                   internet_service6_src_custom_groups: Optional[Sequence[str]] = None,
                                   internet_service6_src_customs: Optional[Sequence[str]] = None,
                                   internet_service6_src_groups: Optional[Sequence[str]] = None,
                                   internet_service6_src_names: Optional[Sequence[str]] = None,
                                   internet_service6_src_negate: Optional[str] = None,
                                   internet_service_custom: Optional[str] = None,
                                   internet_service_custom_group: Optional[str] = None,
                                   internet_service_group: Optional[str] = None,
                                   internet_service_id: Optional[str] = None,
                                   internet_service_name: Optional[str] = None,
                                   internet_service_negate: Optional[str] = None,
                                   internet_service_src: Optional[str] = None,
                                   internet_service_src_custom: Optional[str] = None,
                                   internet_service_src_custom_group: Optional[str] = None,
                                   internet_service_src_group: Optional[str] = None,
                                   internet_service_src_id: Optional[str] = None,
                                   internet_service_src_name: Optional[str] = None,
                                   internet_service_src_negate: Optional[str] = None,
                                   ips_sensor: Optional[str] = None,
                                   ips_voip_filter: Optional[str] = None,
                                   learning_mode: Optional[str] = None,
                                   logtraffic: Optional[str] = None,
                                   logtraffic_start: Optional[str] = None,
                                   mms_profile: Optional[str] = None,
                                   name: Optional[str] = None,
                                   nat46: Optional[str] = None,
                                   nat64: Optional[str] = None,
                                   packages_firewall_securitypolicy_id: Optional[str] = None,
                                   pkg_folder_path: Optional[str] = None,
                                   policyid: Optional[float] = None,
                                   profile_group: Optional[str] = None,
                                   profile_protocol_options: Optional[str] = None,
                                   profile_type: Optional[str] = None,
                                   schedule: Optional[str] = None,
                                   scopetype: Optional[str] = None,
                                   sctp_filter_profile: Optional[str] = None,
                                   send_deny_packet: Optional[str] = None,
                                   service: Optional[str] = None,
                                   service_negate: Optional[str] = None,
                                   srcaddr: Optional[str] = None,
                                   srcaddr4: Optional[str] = None,
                                   srcaddr6: Optional[str] = None,
                                   srcaddr6_negate: Optional[str] = None,
                                   srcaddr_negate: Optional[str] = None,
                                   srcintf: Optional[str] = None,
                                   ssh_filter_profile: Optional[str] = None,
                                   ssl_ssh_profile: Optional[str] = None,
                                   status: Optional[str] = None,
                                   url_category: Optional[str] = None,
                                   users: Optional[str] = None,
                                   utm_status: Optional[str] = None,
                                   uuid: Optional[str] = None,
                                   videofilter_profile: Optional[str] = None,
                                   virtual_patch_profile: Optional[str] = None,
                                   voip_profile: Optional[str] = None,
                                   webfilter_profile: Optional[str] = None)

func NewPackagesFirewallSecuritypolicy(ctx *Context, name string, args PackagesFirewallSecuritypolicyArgs, opts ...ResourceOption) (*PackagesFirewallSecuritypolicy, error)

public PackagesFirewallSecuritypolicy(string name, PackagesFirewallSecuritypolicyArgs args, CustomResourceOptions? opts = null)

public PackagesFirewallSecuritypolicy(String name, PackagesFirewallSecuritypolicyArgs args)
public PackagesFirewallSecuritypolicy(String name, PackagesFirewallSecuritypolicyArgs args, CustomResourceOptions options)

type: fortimanager:PackagesFirewallSecuritypolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PackagesFirewallSecuritypolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PackagesFirewallSecuritypolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PackagesFirewallSecuritypolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PackagesFirewallSecuritypolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PackagesFirewallSecuritypolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var packagesFirewallSecuritypolicyResource = new Fortimanager.PackagesFirewallSecuritypolicy("packagesFirewallSecuritypolicyResource", new()
{
    Pkg = "string",
    _policyBlock = 0,
    Action = "string",
    Adom = "string",
    AppCategory = "string",
    AppGroup = "string",
    ApplicationList = "string",
    Applications = new[]
    {
        0,
    },
    AvProfile = "string",
    CasbProfile = "string",
    CifsProfile = "string",
    Comments = "string",
    DiameterFilterProfile = "string",
    DlpProfile = "string",
    DlpSensor = "string",
    DnsfilterProfile = "string",
    Dstaddr = "string",
    Dstaddr4 = "string",
    Dstaddr6 = "string",
    Dstaddr6Negate = "string",
    DstaddrNegate = "string",
    Dstintf = "string",
    EmailfilterProfile = "string",
    EnforceDefaultAppPort = "string",
    FileFilterProfile = "string",
    FssoGroups = "string",
    GlobalLabel = "string",
    Groups = "string",
    IcapProfile = "string",
    InternetService = "string",
    InternetService6 = "string",
    InternetService6CustomGroups = new[]
    {
        "string",
    },
    InternetService6Customs = new[]
    {
        "string",
    },
    InternetService6Groups = new[]
    {
        "string",
    },
    InternetService6Names = new[]
    {
        "string",
    },
    InternetService6Negate = "string",
    InternetService6Src = "string",
    InternetService6SrcCustomGroups = new[]
    {
        "string",
    },
    InternetService6SrcCustoms = new[]
    {
        "string",
    },
    InternetService6SrcGroups = new[]
    {
        "string",
    },
    InternetService6SrcNames = new[]
    {
        "string",
    },
    InternetService6SrcNegate = "string",
    InternetServiceCustom = "string",
    InternetServiceCustomGroup = "string",
    InternetServiceGroup = "string",
    InternetServiceId = "string",
    InternetServiceName = "string",
    InternetServiceNegate = "string",
    InternetServiceSrc = "string",
    InternetServiceSrcCustom = "string",
    InternetServiceSrcCustomGroup = "string",
    InternetServiceSrcGroup = "string",
    InternetServiceSrcId = "string",
    InternetServiceSrcName = "string",
    InternetServiceSrcNegate = "string",
    IpsSensor = "string",
    IpsVoipFilter = "string",
    LearningMode = "string",
    Logtraffic = "string",
    LogtrafficStart = "string",
    MmsProfile = "string",
    Name = "string",
    Nat46 = "string",
    Nat64 = "string",
    PackagesFirewallSecuritypolicyId = "string",
    PkgFolderPath = "string",
    Policyid = 0,
    ProfileGroup = "string",
    ProfileProtocolOptions = "string",
    ProfileType = "string",
    Schedule = "string",
    Scopetype = "string",
    SctpFilterProfile = "string",
    SendDenyPacket = "string",
    Service = "string",
    ServiceNegate = "string",
    Srcaddr = "string",
    Srcaddr4 = "string",
    Srcaddr6 = "string",
    Srcaddr6Negate = "string",
    SrcaddrNegate = "string",
    Srcintf = "string",
    SshFilterProfile = "string",
    SslSshProfile = "string",
    Status = "string",
    UrlCategory = "string",
    Users = "string",
    UtmStatus = "string",
    Uuid = "string",
    VideofilterProfile = "string",
    VirtualPatchProfile = "string",
    VoipProfile = "string",
    WebfilterProfile = "string",
});

example, err := fortimanager.NewPackagesFirewallSecuritypolicy(ctx, "packagesFirewallSecuritypolicyResource", &fortimanager.PackagesFirewallSecuritypolicyArgs{
Pkg: pulumi.String("string"),
_policyBlock: pulumi.Float64(0),
Action: pulumi.String("string"),
Adom: pulumi.String("string"),
AppCategory: pulumi.String("string"),
AppGroup: pulumi.String("string"),
ApplicationList: pulumi.String("string"),
Applications: pulumi.Float64Array{
pulumi.Float64(0),
},
AvProfile: pulumi.String("string"),
CasbProfile: pulumi.String("string"),
CifsProfile: pulumi.String("string"),
Comments: pulumi.String("string"),
DiameterFilterProfile: pulumi.String("string"),
DlpProfile: pulumi.String("string"),
DlpSensor: pulumi.String("string"),
DnsfilterProfile: pulumi.String("string"),
Dstaddr: pulumi.String("string"),
Dstaddr4: pulumi.String("string"),
Dstaddr6: pulumi.String("string"),
Dstaddr6Negate: pulumi.String("string"),
DstaddrNegate: pulumi.String("string"),
Dstintf: pulumi.String("string"),
EmailfilterProfile: pulumi.String("string"),
EnforceDefaultAppPort: pulumi.String("string"),
FileFilterProfile: pulumi.String("string"),
FssoGroups: pulumi.String("string"),
GlobalLabel: pulumi.String("string"),
Groups: pulumi.String("string"),
IcapProfile: pulumi.String("string"),
InternetService: pulumi.String("string"),
InternetService6: pulumi.String("string"),
InternetService6CustomGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Customs: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Groups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Names: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Negate: pulumi.String("string"),
InternetService6Src: pulumi.String("string"),
InternetService6SrcCustomGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6SrcCustoms: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6SrcGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6SrcNames: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6SrcNegate: pulumi.String("string"),
InternetServiceCustom: pulumi.String("string"),
InternetServiceCustomGroup: pulumi.String("string"),
InternetServiceGroup: pulumi.String("string"),
InternetServiceId: pulumi.String("string"),
InternetServiceName: pulumi.String("string"),
InternetServiceNegate: pulumi.String("string"),
InternetServiceSrc: pulumi.String("string"),
InternetServiceSrcCustom: pulumi.String("string"),
InternetServiceSrcCustomGroup: pulumi.String("string"),
InternetServiceSrcGroup: pulumi.String("string"),
InternetServiceSrcId: pulumi.String("string"),
InternetServiceSrcName: pulumi.String("string"),
InternetServiceSrcNegate: pulumi.String("string"),
IpsSensor: pulumi.String("string"),
IpsVoipFilter: pulumi.String("string"),
LearningMode: pulumi.String("string"),
Logtraffic: pulumi.String("string"),
LogtrafficStart: pulumi.String("string"),
MmsProfile: pulumi.String("string"),
Name: pulumi.String("string"),
Nat46: pulumi.String("string"),
Nat64: pulumi.String("string"),
PackagesFirewallSecuritypolicyId: pulumi.String("string"),
PkgFolderPath: pulumi.String("string"),
Policyid: pulumi.Float64(0),
ProfileGroup: pulumi.String("string"),
ProfileProtocolOptions: pulumi.String("string"),
ProfileType: pulumi.String("string"),
Schedule: pulumi.String("string"),
Scopetype: pulumi.String("string"),
SctpFilterProfile: pulumi.String("string"),
SendDenyPacket: pulumi.String("string"),
Service: pulumi.String("string"),
ServiceNegate: pulumi.String("string"),
Srcaddr: pulumi.String("string"),
Srcaddr4: pulumi.String("string"),
Srcaddr6: pulumi.String("string"),
Srcaddr6Negate: pulumi.String("string"),
SrcaddrNegate: pulumi.String("string"),
Srcintf: pulumi.String("string"),
SshFilterProfile: pulumi.String("string"),
SslSshProfile: pulumi.String("string"),
Status: pulumi.String("string"),
UrlCategory: pulumi.String("string"),
Users: pulumi.String("string"),
UtmStatus: pulumi.String("string"),
Uuid: pulumi.String("string"),
VideofilterProfile: pulumi.String("string"),
VirtualPatchProfile: pulumi.String("string"),
VoipProfile: pulumi.String("string"),
WebfilterProfile: pulumi.String("string"),
})

var packagesFirewallSecuritypolicyResource = new PackagesFirewallSecuritypolicy("packagesFirewallSecuritypolicyResource", PackagesFirewallSecuritypolicyArgs.builder()
    .pkg("string")
    ._policyBlock(0)
    .action("string")
    .adom("string")
    .appCategory("string")
    .appGroup("string")
    .applicationList("string")
    .applications(0)
    .avProfile("string")
    .casbProfile("string")
    .cifsProfile("string")
    .comments("string")
    .diameterFilterProfile("string")
    .dlpProfile("string")
    .dlpSensor("string")
    .dnsfilterProfile("string")
    .dstaddr("string")
    .dstaddr4("string")
    .dstaddr6("string")
    .dstaddr6Negate("string")
    .dstaddrNegate("string")
    .dstintf("string")
    .emailfilterProfile("string")
    .enforceDefaultAppPort("string")
    .fileFilterProfile("string")
    .fssoGroups("string")
    .globalLabel("string")
    .groups("string")
    .icapProfile("string")
    .internetService("string")
    .internetService6("string")
    .internetService6CustomGroups("string")
    .internetService6Customs("string")
    .internetService6Groups("string")
    .internetService6Names("string")
    .internetService6Negate("string")
    .internetService6Src("string")
    .internetService6SrcCustomGroups("string")
    .internetService6SrcCustoms("string")
    .internetService6SrcGroups("string")
    .internetService6SrcNames("string")
    .internetService6SrcNegate("string")
    .internetServiceCustom("string")
    .internetServiceCustomGroup("string")
    .internetServiceGroup("string")
    .internetServiceId("string")
    .internetServiceName("string")
    .internetServiceNegate("string")
    .internetServiceSrc("string")
    .internetServiceSrcCustom("string")
    .internetServiceSrcCustomGroup("string")
    .internetServiceSrcGroup("string")
    .internetServiceSrcId("string")
    .internetServiceSrcName("string")
    .internetServiceSrcNegate("string")
    .ipsSensor("string")
    .ipsVoipFilter("string")
    .learningMode("string")
    .logtraffic("string")
    .logtrafficStart("string")
    .mmsProfile("string")
    .name("string")
    .nat46("string")
    .nat64("string")
    .packagesFirewallSecuritypolicyId("string")
    .pkgFolderPath("string")
    .policyid(0)
    .profileGroup("string")
    .profileProtocolOptions("string")
    .profileType("string")
    .schedule("string")
    .scopetype("string")
    .sctpFilterProfile("string")
    .sendDenyPacket("string")
    .service("string")
    .serviceNegate("string")
    .srcaddr("string")
    .srcaddr4("string")
    .srcaddr6("string")
    .srcaddr6Negate("string")
    .srcaddrNegate("string")
    .srcintf("string")
    .sshFilterProfile("string")
    .sslSshProfile("string")
    .status("string")
    .urlCategory("string")
    .users("string")
    .utmStatus("string")
    .uuid("string")
    .videofilterProfile("string")
    .virtualPatchProfile("string")
    .voipProfile("string")
    .webfilterProfile("string")
    .build());

packages_firewall_securitypolicy_resource = fortimanager.PackagesFirewallSecuritypolicy("packagesFirewallSecuritypolicyResource",
    pkg="string",
    _policy_block=0,
    action="string",
    adom="string",
    app_category="string",
    app_group="string",
    application_list="string",
    applications=[0],
    av_profile="string",
    casb_profile="string",
    cifs_profile="string",
    comments="string",
    diameter_filter_profile="string",
    dlp_profile="string",
    dlp_sensor="string",
    dnsfilter_profile="string",
    dstaddr="string",
    dstaddr4="string",
    dstaddr6="string",
    dstaddr6_negate="string",
    dstaddr_negate="string",
    dstintf="string",
    emailfilter_profile="string",
    enforce_default_app_port="string",
    file_filter_profile="string",
    fsso_groups="string",
    global_label="string",
    groups="string",
    icap_profile="string",
    internet_service="string",
    internet_service6="string",
    internet_service6_custom_groups=["string"],
    internet_service6_customs=["string"],
    internet_service6_groups=["string"],
    internet_service6_names=["string"],
    internet_service6_negate="string",
    internet_service6_src="string",
    internet_service6_src_custom_groups=["string"],
    internet_service6_src_customs=["string"],
    internet_service6_src_groups=["string"],
    internet_service6_src_names=["string"],
    internet_service6_src_negate="string",
    internet_service_custom="string",
    internet_service_custom_group="string",
    internet_service_group="string",
    internet_service_id="string",
    internet_service_name="string",
    internet_service_negate="string",
    internet_service_src="string",
    internet_service_src_custom="string",
    internet_service_src_custom_group="string",
    internet_service_src_group="string",
    internet_service_src_id="string",
    internet_service_src_name="string",
    internet_service_src_negate="string",
    ips_sensor="string",
    ips_voip_filter="string",
    learning_mode="string",
    logtraffic="string",
    logtraffic_start="string",
    mms_profile="string",
    name="string",
    nat46="string",
    nat64="string",
    packages_firewall_securitypolicy_id="string",
    pkg_folder_path="string",
    policyid=0,
    profile_group="string",
    profile_protocol_options="string",
    profile_type="string",
    schedule="string",
    scopetype="string",
    sctp_filter_profile="string",
    send_deny_packet="string",
    service="string",
    service_negate="string",
    srcaddr="string",
    srcaddr4="string",
    srcaddr6="string",
    srcaddr6_negate="string",
    srcaddr_negate="string",
    srcintf="string",
    ssh_filter_profile="string",
    ssl_ssh_profile="string",
    status="string",
    url_category="string",
    users="string",
    utm_status="string",
    uuid="string",
    videofilter_profile="string",
    virtual_patch_profile="string",
    voip_profile="string",
    webfilter_profile="string")

const packagesFirewallSecuritypolicyResource = new fortimanager.PackagesFirewallSecuritypolicy("packagesFirewallSecuritypolicyResource", {
    pkg: "string",
    _policyBlock: 0,
    action: "string",
    adom: "string",
    appCategory: "string",
    appGroup: "string",
    applicationList: "string",
    applications: [0],
    avProfile: "string",
    casbProfile: "string",
    cifsProfile: "string",
    comments: "string",
    diameterFilterProfile: "string",
    dlpProfile: "string",
    dlpSensor: "string",
    dnsfilterProfile: "string",
    dstaddr: "string",
    dstaddr4: "string",
    dstaddr6: "string",
    dstaddr6Negate: "string",
    dstaddrNegate: "string",
    dstintf: "string",
    emailfilterProfile: "string",
    enforceDefaultAppPort: "string",
    fileFilterProfile: "string",
    fssoGroups: "string",
    globalLabel: "string",
    groups: "string",
    icapProfile: "string",
    internetService: "string",
    internetService6: "string",
    internetService6CustomGroups: ["string"],
    internetService6Customs: ["string"],
    internetService6Groups: ["string"],
    internetService6Names: ["string"],
    internetService6Negate: "string",
    internetService6Src: "string",
    internetService6SrcCustomGroups: ["string"],
    internetService6SrcCustoms: ["string"],
    internetService6SrcGroups: ["string"],
    internetService6SrcNames: ["string"],
    internetService6SrcNegate: "string",
    internetServiceCustom: "string",
    internetServiceCustomGroup: "string",
    internetServiceGroup: "string",
    internetServiceId: "string",
    internetServiceName: "string",
    internetServiceNegate: "string",
    internetServiceSrc: "string",
    internetServiceSrcCustom: "string",
    internetServiceSrcCustomGroup: "string",
    internetServiceSrcGroup: "string",
    internetServiceSrcId: "string",
    internetServiceSrcName: "string",
    internetServiceSrcNegate: "string",
    ipsSensor: "string",
    ipsVoipFilter: "string",
    learningMode: "string",
    logtraffic: "string",
    logtrafficStart: "string",
    mmsProfile: "string",
    name: "string",
    nat46: "string",
    nat64: "string",
    packagesFirewallSecuritypolicyId: "string",
    pkgFolderPath: "string",
    policyid: 0,
    profileGroup: "string",
    profileProtocolOptions: "string",
    profileType: "string",
    schedule: "string",
    scopetype: "string",
    sctpFilterProfile: "string",
    sendDenyPacket: "string",
    service: "string",
    serviceNegate: "string",
    srcaddr: "string",
    srcaddr4: "string",
    srcaddr6: "string",
    srcaddr6Negate: "string",
    srcaddrNegate: "string",
    srcintf: "string",
    sshFilterProfile: "string",
    sslSshProfile: "string",
    status: "string",
    urlCategory: "string",
    users: "string",
    utmStatus: "string",
    uuid: "string",
    videofilterProfile: "string",
    virtualPatchProfile: "string",
    voipProfile: "string",
    webfilterProfile: "string",
});

type: fortimanager:PackagesFirewallSecuritypolicy
properties:
    _policyBlock: 0
    action: string
    adom: string
    appCategory: string
    appGroup: string
    applicationList: string
    applications:
        - 0
    avProfile: string
    casbProfile: string
    cifsProfile: string
    comments: string
    diameterFilterProfile: string
    dlpProfile: string
    dlpSensor: string
    dnsfilterProfile: string
    dstaddr: string
    dstaddr4: string
    dstaddr6: string
    dstaddr6Negate: string
    dstaddrNegate: string
    dstintf: string
    emailfilterProfile: string
    enforceDefaultAppPort: string
    fileFilterProfile: string
    fssoGroups: string
    globalLabel: string
    groups: string
    icapProfile: string
    internetService: string
    internetService6: string
    internetService6CustomGroups:
        - string
    internetService6Customs:
        - string
    internetService6Groups:
        - string
    internetService6Names:
        - string
    internetService6Negate: string
    internetService6Src: string
    internetService6SrcCustomGroups:
        - string
    internetService6SrcCustoms:
        - string
    internetService6SrcGroups:
        - string
    internetService6SrcNames:
        - string
    internetService6SrcNegate: string
    internetServiceCustom: string
    internetServiceCustomGroup: string
    internetServiceGroup: string
    internetServiceId: string
    internetServiceName: string
    internetServiceNegate: string
    internetServiceSrc: string
    internetServiceSrcCustom: string
    internetServiceSrcCustomGroup: string
    internetServiceSrcGroup: string
    internetServiceSrcId: string
    internetServiceSrcName: string
    internetServiceSrcNegate: string
    ipsSensor: string
    ipsVoipFilter: string
    learningMode: string
    logtraffic: string
    logtrafficStart: string
    mmsProfile: string
    name: string
    nat46: string
    nat64: string
    packagesFirewallSecuritypolicyId: string
    pkg: string
    pkgFolderPath: string
    policyid: 0
    profileGroup: string
    profileProtocolOptions: string
    profileType: string
    schedule: string
    scopetype: string
    sctpFilterProfile: string
    sendDenyPacket: string
    service: string
    serviceNegate: string
    srcaddr: string
    srcaddr4: string
    srcaddr6: string
    srcaddr6Negate: string
    srcaddrNegate: string
    srcintf: string
    sshFilterProfile: string
    sslSshProfile: string
    status: string
    urlCategory: string
    users: string
    utmStatus: string
    uuid: string
    videofilterProfile: string
    virtualPatchProfile: string
    voipProfile: string
    webfilterProfile: string

PackagesFirewallSecuritypolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PackagesFirewallSecuritypolicy resource accepts the following input properties:

Pkg string: Package.
Action string: Policy action (accept/deny). Valid values: deny, accept.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AppCategory string: Application category ID list.
AppGroup string: Application group names.
ApplicationList string: Name of an existing Application list.
Applications List<double>: Application ID list.
AvProfile string: Name of an existing Antivirus profile.
CasbProfile string: Name of an existing CASB profile.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
DiameterFilterProfile string: Name of an existing Diameter filter profile.
DlpProfile string: Name of an existing DLP profile.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
Dstaddr string: Destination IPv4 address name and address group names.
Dstaddr4 string: Destination IPv4 address name and address group names.
Dstaddr6 string: Destination IPv6 address name and address group names.
Dstaddr6Negate string: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
DstaddrNegate string: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
EnforceDefaultAppPort string: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
FileFilterProfile string: Name of an existing file-filter profile.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
IcapProfile string: Name of an existing ICAP profile.
InternetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetService6 string: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
InternetService6CustomGroups List<string>: Custom IPv6 Internet Service group name.
InternetService6Customs List<string>: Custom IPv6 Internet Service name.
InternetService6Groups List<string>: Internet Service group name.
InternetService6Names List<string>: IPv6 Internet Service name.
InternetService6Negate string: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
InternetService6Src string: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetService6SrcCustomGroups List<string>: Custom Internet Service6 source group name.
InternetService6SrcCustoms List<string>: Custom IPv6 Internet Service source name.
InternetService6SrcGroups List<string>: Internet Service6 source group name.
InternetService6SrcNames List<string>: IPv6 Internet Service source name.
InternetService6SrcNegate string: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceCustom string: Custom Internet Service name.
InternetServiceCustomGroup string: Custom Internet Service group name.
InternetServiceGroup string: Internet Service group name.
InternetServiceId string: Internet Service ID.
InternetServiceName string: Internet Service name.
InternetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetServiceSrcCustom string: Custom Internet Service source name.
InternetServiceSrcCustomGroup string: Custom Internet Service source group name.
InternetServiceSrcGroup string: Internet Service source group name.
InternetServiceSrcId string: Internet Service source ID.
InternetServiceSrcName string: Internet Service source name.
InternetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
IpsVoipFilter string: Name of an existing VoIP (ips) profile.
LearningMode string: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat46 string: Enable/disable NAT46. Valid values: disable, enable.
Nat64 string: Enable/disable NAT64. Valid values: disable, enable.
PackagesFirewallSecuritypolicyId string: an identifier for the resource with format {{policyid}}.
PkgFolderPath string: Pkg Folder Path.
Policyid double: Policy ID.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SctpFilterProfile string: Name of an existing SCTP filter profile.
SendDenyPacket string: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
Srcaddr string: Source IPv4 address name and address group names.
Srcaddr4 string: Source IPv4 address name and address group names.
Srcaddr6 string: Source IPv6 address name and address group names.
Srcaddr6Negate string: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
SrcaddrNegate string: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
UrlCategory string: URL category ID list.
Users string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable security profiles. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VideofilterProfile string: Name of an existing VideoFilter profile.
VirtualPatchProfile string: Name of an existing virtual-patch profile.
VoipProfile string: Name of an existing VoIP profile.
WebfilterProfile string: Name of an existing Web filter profile.
_policyBlock double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

Pkg string: Package.
Action string: Policy action (accept/deny). Valid values: deny, accept.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AppCategory string: Application category ID list.
AppGroup string: Application group names.
ApplicationList string: Name of an existing Application list.
Applications []float64: Application ID list.
AvProfile string: Name of an existing Antivirus profile.
CasbProfile string: Name of an existing CASB profile.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
DiameterFilterProfile string: Name of an existing Diameter filter profile.
DlpProfile string: Name of an existing DLP profile.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
Dstaddr string: Destination IPv4 address name and address group names.
Dstaddr4 string: Destination IPv4 address name and address group names.
Dstaddr6 string: Destination IPv6 address name and address group names.
Dstaddr6Negate string: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
DstaddrNegate string: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
EnforceDefaultAppPort string: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
FileFilterProfile string: Name of an existing file-filter profile.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
IcapProfile string: Name of an existing ICAP profile.
InternetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetService6 string: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
InternetService6CustomGroups []string: Custom IPv6 Internet Service group name.
InternetService6Customs []string: Custom IPv6 Internet Service name.
InternetService6Groups []string: Internet Service group name.
InternetService6Names []string: IPv6 Internet Service name.
InternetService6Negate string: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
InternetService6Src string: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetService6SrcCustomGroups []string: Custom Internet Service6 source group name.
InternetService6SrcCustoms []string: Custom IPv6 Internet Service source name.
InternetService6SrcGroups []string: Internet Service6 source group name.
InternetService6SrcNames []string: IPv6 Internet Service source name.
InternetService6SrcNegate string: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceCustom string: Custom Internet Service name.
InternetServiceCustomGroup string: Custom Internet Service group name.
InternetServiceGroup string: Internet Service group name.
InternetServiceId string: Internet Service ID.
InternetServiceName string: Internet Service name.
InternetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetServiceSrcCustom string: Custom Internet Service source name.
InternetServiceSrcCustomGroup string: Custom Internet Service source group name.
InternetServiceSrcGroup string: Internet Service source group name.
InternetServiceSrcId string: Internet Service source ID.
InternetServiceSrcName string: Internet Service source name.
InternetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
IpsVoipFilter string: Name of an existing VoIP (ips) profile.
LearningMode string: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat46 string: Enable/disable NAT46. Valid values: disable, enable.
Nat64 string: Enable/disable NAT64. Valid values: disable, enable.
PackagesFirewallSecuritypolicyId string: an identifier for the resource with format {{policyid}}.
PkgFolderPath string: Pkg Folder Path.
Policyid float64: Policy ID.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SctpFilterProfile string: Name of an existing SCTP filter profile.
SendDenyPacket string: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
Srcaddr string: Source IPv4 address name and address group names.
Srcaddr4 string: Source IPv4 address name and address group names.
Srcaddr6 string: Source IPv6 address name and address group names.
Srcaddr6Negate string: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
SrcaddrNegate string: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
UrlCategory string: URL category ID list.
Users string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable security profiles. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VideofilterProfile string: Name of an existing VideoFilter profile.
VirtualPatchProfile string: Name of an existing virtual-patch profile.
VoipProfile string: Name of an existing VoIP profile.
WebfilterProfile string: Name of an existing Web filter profile.
_policyBlock float64: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

pkg String: Package.
_policyBlock Double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (accept/deny). Valid values: deny, accept.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory String: Application category ID list.
appGroup String: Application group names.
applicationList String: Name of an existing Application list.
applications List<Double>: Application ID list.
avProfile String: Name of an existing Antivirus profile.
casbProfile String: Name of an existing CASB profile.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
diameterFilterProfile String: Name of an existing Diameter filter profile.
dlpProfile String: Name of an existing DLP profile.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dstaddr String: Destination IPv4 address name and address group names.
dstaddr4 String: Destination IPv4 address name and address group names.
dstaddr6 String: Destination IPv6 address name and address group names.
dstaddr6Negate String: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrNegate String: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
enforceDefaultAppPort String: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
fileFilterProfile String: Name of an existing file-filter profile.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
icapProfile String: Name of an existing ICAP profile.
internetService String: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 String: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
internetService6CustomGroups List<String>: Custom IPv6 Internet Service group name.
internetService6Customs List<String>: Custom IPv6 Internet Service name.
internetService6Groups List<String>: Internet Service group name.
internetService6Names List<String>: IPv6 Internet Service name.
internetService6Negate String: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
internetService6Src String: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetService6SrcCustomGroups List<String>: Custom Internet Service6 source group name.
internetService6SrcCustoms List<String>: Custom IPv6 Internet Service source name.
internetService6SrcGroups List<String>: Internet Service6 source group name.
internetService6SrcNames List<String>: IPv6 Internet Service source name.
internetService6SrcNegate String: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
internetServiceCustom String: Custom Internet Service name.
internetServiceCustomGroup String: Custom Internet Service group name.
internetServiceGroup String: Internet Service group name.
internetServiceId String: Internet Service ID.
internetServiceName String: Internet Service name.
internetServiceNegate String: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc String: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom String: Custom Internet Service source name.
internetServiceSrcCustomGroup String: Custom Internet Service source group name.
internetServiceSrcGroup String: Internet Service source group name.
internetServiceSrcId String: Internet Service source ID.
internetServiceSrcName String: Internet Service source name.
internetServiceSrcNegate String: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
ipsVoipFilter String: Name of an existing VoIP (ips) profile.
learningMode String: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat46 String: Enable/disable NAT46. Valid values: disable, enable.
nat64 String: Enable/disable NAT64. Valid values: disable, enable.
packagesFirewallSecuritypolicyId String: an identifier for the resource with format {{policyid}}.
pkgFolderPath String: Pkg Folder Path.
policyid Double: Policy ID.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile String: Name of an existing SCTP filter profile.
sendDenyPacket String: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
srcaddr String: Source IPv4 address name and address group names.
srcaddr4 String: Source IPv4 address name and address group names.
srcaddr6 String: Source IPv6 address name and address group names.
srcaddr6Negate String: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrNegate String: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
urlCategory String: URL category ID list.
users String: Names of individual users that can authenticate with this policy.
utmStatus String: Enable security profiles. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile String: Name of an existing VideoFilter profile.
virtualPatchProfile String: Name of an existing virtual-patch profile.
voipProfile String: Name of an existing VoIP profile.
webfilterProfile String: Name of an existing Web filter profile.

pkg string: Package.
_policyBlock number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action string: Policy action (accept/deny). Valid values: deny, accept.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory string: Application category ID list.
appGroup string: Application group names.
applicationList string: Name of an existing Application list.
applications number[]: Application ID list.
avProfile string: Name of an existing Antivirus profile.
casbProfile string: Name of an existing CASB profile.
cifsProfile string: Name of an existing CIFS profile.
comments string: Comment.
diameterFilterProfile string: Name of an existing Diameter filter profile.
dlpProfile string: Name of an existing DLP profile.
dlpSensor string: Name of an existing DLP sensor.
dnsfilterProfile string: Name of an existing DNS filter profile.
dstaddr string: Destination IPv4 address name and address group names.
dstaddr4 string: Destination IPv4 address name and address group names.
dstaddr6 string: Destination IPv6 address name and address group names.
dstaddr6Negate string: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrNegate string: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf string: Outgoing (egress) interface.
emailfilterProfile string: Name of an existing email filter profile.
enforceDefaultAppPort string: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
fileFilterProfile string: Name of an existing file-filter profile.
fssoGroups string: Names of FSSO groups.
globalLabel string: Label for the policy that appears when the GUI is in Global View mode.
groups string: Names of user groups that can authenticate with this policy.
icapProfile string: Name of an existing ICAP profile.
internetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 string: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
internetService6CustomGroups string[]: Custom IPv6 Internet Service group name.
internetService6Customs string[]: Custom IPv6 Internet Service name.
internetService6Groups string[]: Internet Service group name.
internetService6Names string[]: IPv6 Internet Service name.
internetService6Negate string: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
internetService6Src string: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetService6SrcCustomGroups string[]: Custom Internet Service6 source group name.
internetService6SrcCustoms string[]: Custom IPv6 Internet Service source name.
internetService6SrcGroups string[]: Internet Service6 source group name.
internetService6SrcNames string[]: IPv6 Internet Service source name.
internetService6SrcNegate string: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
internetServiceCustom string: Custom Internet Service name.
internetServiceCustomGroup string: Custom Internet Service group name.
internetServiceGroup string: Internet Service group name.
internetServiceId string: Internet Service ID.
internetServiceName string: Internet Service name.
internetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom string: Custom Internet Service source name.
internetServiceSrcCustomGroup string: Custom Internet Service source group name.
internetServiceSrcGroup string: Internet Service source group name.
internetServiceSrcId string: Internet Service source ID.
internetServiceSrcName string: Internet Service source name.
internetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ipsSensor string: Name of an existing IPS sensor.
ipsVoipFilter string: Name of an existing VoIP (ips) profile.
learningMode string: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
mmsProfile string: Name of an existing MMS profile.
name string: Policy name.
nat46 string: Enable/disable NAT46. Valid values: disable, enable.
nat64 string: Enable/disable NAT64. Valid values: disable, enable.
packagesFirewallSecuritypolicyId string: an identifier for the resource with format {{policyid}}.
pkgFolderPath string: Pkg Folder Path.
policyid number: Policy ID.
profileGroup string: Name of profile group.
profileProtocolOptions string: Name of an existing Protocol options profile.
profileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule string: Schedule name.
scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile string: Name of an existing SCTP filter profile.
sendDenyPacket string: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
service string: Service and service group names.
serviceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
srcaddr string: Source IPv4 address name and address group names.
srcaddr4 string: Source IPv4 address name and address group names.
srcaddr6 string: Source IPv6 address name and address group names.
srcaddr6Negate string: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrNegate string: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcintf string: Incoming (ingress) interface.
sshFilterProfile string: Name of an existing SSH filter profile.
sslSshProfile string: Name of an existing SSL SSH profile.
status string: Enable or disable this policy. Valid values: disable, enable.
urlCategory string: URL category ID list.
users string: Names of individual users that can authenticate with this policy.
utmStatus string: Enable security profiles. Valid values: disable, enable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile string: Name of an existing VideoFilter profile.
virtualPatchProfile string: Name of an existing virtual-patch profile.
voipProfile string: Name of an existing VoIP profile.
webfilterProfile string: Name of an existing Web filter profile.

pkg str: Package.
_policy_block float: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action str: Policy action (accept/deny). Valid values: deny, accept.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
app_category str: Application category ID list.
app_group str: Application group names.
application_list str: Name of an existing Application list.
applications Sequence[float]: Application ID list.
av_profile str: Name of an existing Antivirus profile.
casb_profile str: Name of an existing CASB profile.
cifs_profile str: Name of an existing CIFS profile.
comments str: Comment.
diameter_filter_profile str: Name of an existing Diameter filter profile.
dlp_profile str: Name of an existing DLP profile.
dlp_sensor str: Name of an existing DLP sensor.
dnsfilter_profile str: Name of an existing DNS filter profile.
dstaddr str: Destination IPv4 address name and address group names.
dstaddr4 str: Destination IPv4 address name and address group names.
dstaddr6 str: Destination IPv6 address name and address group names.
dstaddr6_negate str: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddr_negate str: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf str: Outgoing (egress) interface.
emailfilter_profile str: Name of an existing email filter profile.
enforce_default_app_port str: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
file_filter_profile str: Name of an existing file-filter profile.
fsso_groups str: Names of FSSO groups.
global_label str: Label for the policy that appears when the GUI is in Global View mode.
groups str: Names of user groups that can authenticate with this policy.
icap_profile str: Name of an existing ICAP profile.
internet_service str: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internet_service6 str: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
internet_service6_custom_groups Sequence[str]: Custom IPv6 Internet Service group name.
internet_service6_customs Sequence[str]: Custom IPv6 Internet Service name.
internet_service6_groups Sequence[str]: Internet Service group name.
internet_service6_names Sequence[str]: IPv6 Internet Service name.
internet_service6_negate str: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
internet_service6_src str: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internet_service6_src_custom_groups Sequence[str]: Custom Internet Service6 source group name.
internet_service6_src_customs Sequence[str]: Custom IPv6 Internet Service source name.
internet_service6_src_groups Sequence[str]: Internet Service6 source group name.
internet_service6_src_names Sequence[str]: IPv6 Internet Service source name.
internet_service6_src_negate str: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
internet_service_custom str: Custom Internet Service name.
internet_service_custom_group str: Custom Internet Service group name.
internet_service_group str: Internet Service group name.
internet_service_id str: Internet Service ID.
internet_service_name str: Internet Service name.
internet_service_negate str: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internet_service_src str: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internet_service_src_custom str: Custom Internet Service source name.
internet_service_src_custom_group str: Custom Internet Service source group name.
internet_service_src_group str: Internet Service source group name.
internet_service_src_id str: Internet Service source ID.
internet_service_src_name str: Internet Service source name.
internet_service_src_negate str: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ips_sensor str: Name of an existing IPS sensor.
ips_voip_filter str: Name of an existing VoIP (ips) profile.
learning_mode str: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
logtraffic str: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtraffic_start str: Record logs when a session starts. Valid values: disable, enable.
mms_profile str: Name of an existing MMS profile.
name str: Policy name.
nat46 str: Enable/disable NAT46. Valid values: disable, enable.
nat64 str: Enable/disable NAT64. Valid values: disable, enable.
packages_firewall_securitypolicy_id str: an identifier for the resource with format {{policyid}}.
pkg_folder_path str: Pkg Folder Path.
policyid float: Policy ID.
profile_group str: Name of profile group.
profile_protocol_options str: Name of an existing Protocol options profile.
profile_type str: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule str: Schedule name.
scopetype str: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctp_filter_profile str: Name of an existing SCTP filter profile.
send_deny_packet str: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
service str: Service and service group names.
service_negate str: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
srcaddr str: Source IPv4 address name and address group names.
srcaddr4 str: Source IPv4 address name and address group names.
srcaddr6 str: Source IPv6 address name and address group names.
srcaddr6_negate str: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcaddr_negate str: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcintf str: Incoming (ingress) interface.
ssh_filter_profile str: Name of an existing SSH filter profile.
ssl_ssh_profile str: Name of an existing SSL SSH profile.
status str: Enable or disable this policy. Valid values: disable, enable.
url_category str: URL category ID list.
users str: Names of individual users that can authenticate with this policy.
utm_status str: Enable security profiles. Valid values: disable, enable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilter_profile str: Name of an existing VideoFilter profile.
virtual_patch_profile str: Name of an existing virtual-patch profile.
voip_profile str: Name of an existing VoIP profile.
webfilter_profile str: Name of an existing Web filter profile.

pkg String: Package.
_policyBlock Number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (accept/deny). Valid values: deny, accept.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory String: Application category ID list.
appGroup String: Application group names.
applicationList String: Name of an existing Application list.
applications List<Number>: Application ID list.
avProfile String: Name of an existing Antivirus profile.
casbProfile String: Name of an existing CASB profile.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
diameterFilterProfile String: Name of an existing Diameter filter profile.
dlpProfile String: Name of an existing DLP profile.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dstaddr String: Destination IPv4 address name and address group names.
dstaddr4 String: Destination IPv4 address name and address group names.
dstaddr6 String: Destination IPv6 address name and address group names.
dstaddr6Negate String: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrNegate String: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
enforceDefaultAppPort String: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
fileFilterProfile String: Name of an existing file-filter profile.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
icapProfile String: Name of an existing ICAP profile.
internetService String: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 String: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
internetService6CustomGroups List<String>: Custom IPv6 Internet Service group name.
internetService6Customs List<String>: Custom IPv6 Internet Service name.
internetService6Groups List<String>: Internet Service group name.
internetService6Names List<String>: IPv6 Internet Service name.
internetService6Negate String: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
internetService6Src String: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetService6SrcCustomGroups List<String>: Custom Internet Service6 source group name.
internetService6SrcCustoms List<String>: Custom IPv6 Internet Service source name.
internetService6SrcGroups List<String>: Internet Service6 source group name.
internetService6SrcNames List<String>: IPv6 Internet Service source name.
internetService6SrcNegate String: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
internetServiceCustom String: Custom Internet Service name.
internetServiceCustomGroup String: Custom Internet Service group name.
internetServiceGroup String: Internet Service group name.
internetServiceId String: Internet Service ID.
internetServiceName String: Internet Service name.
internetServiceNegate String: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc String: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom String: Custom Internet Service source name.
internetServiceSrcCustomGroup String: Custom Internet Service source group name.
internetServiceSrcGroup String: Internet Service source group name.
internetServiceSrcId String: Internet Service source ID.
internetServiceSrcName String: Internet Service source name.
internetServiceSrcNegate String: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
ipsVoipFilter String: Name of an existing VoIP (ips) profile.
learningMode String: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat46 String: Enable/disable NAT46. Valid values: disable, enable.
nat64 String: Enable/disable NAT64. Valid values: disable, enable.
packagesFirewallSecuritypolicyId String: an identifier for the resource with format {{policyid}}.
pkgFolderPath String: Pkg Folder Path.
policyid Number: Policy ID.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile String: Name of an existing SCTP filter profile.
sendDenyPacket String: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
srcaddr String: Source IPv4 address name and address group names.
srcaddr4 String: Source IPv4 address name and address group names.
srcaddr6 String: Source IPv6 address name and address group names.
srcaddr6Negate String: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrNegate String: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
urlCategory String: URL category ID list.
users String: Names of individual users that can authenticate with this policy.
utmStatus String: Enable security profiles. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile String: Name of an existing VideoFilter profile.
virtualPatchProfile String: Name of an existing virtual-patch profile.
voipProfile String: Name of an existing VoIP profile.
webfilterProfile String: Name of an existing Web filter profile.

Outputs

All input properties are implicitly available as output properties. Additionally, the PackagesFirewallSecuritypolicy resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing PackagesFirewallSecuritypolicy Resource

Get an existing PackagesFirewallSecuritypolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PackagesFirewallSecuritypolicyState, opts?: CustomResourceOptions): PackagesFirewallSecuritypolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _policy_block: Optional[float] = None,
        action: Optional[str] = None,
        adom: Optional[str] = None,
        app_category: Optional[str] = None,
        app_group: Optional[str] = None,
        application_list: Optional[str] = None,
        applications: Optional[Sequence[float]] = None,
        av_profile: Optional[str] = None,
        casb_profile: Optional[str] = None,
        cifs_profile: Optional[str] = None,
        comments: Optional[str] = None,
        diameter_filter_profile: Optional[str] = None,
        dlp_profile: Optional[str] = None,
        dlp_sensor: Optional[str] = None,
        dnsfilter_profile: Optional[str] = None,
        dstaddr: Optional[str] = None,
        dstaddr4: Optional[str] = None,
        dstaddr6: Optional[str] = None,
        dstaddr6_negate: Optional[str] = None,
        dstaddr_negate: Optional[str] = None,
        dstintf: Optional[str] = None,
        emailfilter_profile: Optional[str] = None,
        enforce_default_app_port: Optional[str] = None,
        file_filter_profile: Optional[str] = None,
        fsso_groups: Optional[str] = None,
        global_label: Optional[str] = None,
        groups: Optional[str] = None,
        icap_profile: Optional[str] = None,
        internet_service: Optional[str] = None,
        internet_service6: Optional[str] = None,
        internet_service6_custom_groups: Optional[Sequence[str]] = None,
        internet_service6_customs: Optional[Sequence[str]] = None,
        internet_service6_groups: Optional[Sequence[str]] = None,
        internet_service6_names: Optional[Sequence[str]] = None,
        internet_service6_negate: Optional[str] = None,
        internet_service6_src: Optional[str] = None,
        internet_service6_src_custom_groups: Optional[Sequence[str]] = None,
        internet_service6_src_customs: Optional[Sequence[str]] = None,
        internet_service6_src_groups: Optional[Sequence[str]] = None,
        internet_service6_src_names: Optional[Sequence[str]] = None,
        internet_service6_src_negate: Optional[str] = None,
        internet_service_custom: Optional[str] = None,
        internet_service_custom_group: Optional[str] = None,
        internet_service_group: Optional[str] = None,
        internet_service_id: Optional[str] = None,
        internet_service_name: Optional[str] = None,
        internet_service_negate: Optional[str] = None,
        internet_service_src: Optional[str] = None,
        internet_service_src_custom: Optional[str] = None,
        internet_service_src_custom_group: Optional[str] = None,
        internet_service_src_group: Optional[str] = None,
        internet_service_src_id: Optional[str] = None,
        internet_service_src_name: Optional[str] = None,
        internet_service_src_negate: Optional[str] = None,
        ips_sensor: Optional[str] = None,
        ips_voip_filter: Optional[str] = None,
        learning_mode: Optional[str] = None,
        logtraffic: Optional[str] = None,
        logtraffic_start: Optional[str] = None,
        mms_profile: Optional[str] = None,
        name: Optional[str] = None,
        nat46: Optional[str] = None,
        nat64: Optional[str] = None,
        packages_firewall_securitypolicy_id: Optional[str] = None,
        pkg: Optional[str] = None,
        pkg_folder_path: Optional[str] = None,
        policyid: Optional[float] = None,
        profile_group: Optional[str] = None,
        profile_protocol_options: Optional[str] = None,
        profile_type: Optional[str] = None,
        schedule: Optional[str] = None,
        scopetype: Optional[str] = None,
        sctp_filter_profile: Optional[str] = None,
        send_deny_packet: Optional[str] = None,
        service: Optional[str] = None,
        service_negate: Optional[str] = None,
        srcaddr: Optional[str] = None,
        srcaddr4: Optional[str] = None,
        srcaddr6: Optional[str] = None,
        srcaddr6_negate: Optional[str] = None,
        srcaddr_negate: Optional[str] = None,
        srcintf: Optional[str] = None,
        ssh_filter_profile: Optional[str] = None,
        ssl_ssh_profile: Optional[str] = None,
        status: Optional[str] = None,
        url_category: Optional[str] = None,
        users: Optional[str] = None,
        utm_status: Optional[str] = None,
        uuid: Optional[str] = None,
        videofilter_profile: Optional[str] = None,
        virtual_patch_profile: Optional[str] = None,
        voip_profile: Optional[str] = None,
        webfilter_profile: Optional[str] = None) -> PackagesFirewallSecuritypolicy

func GetPackagesFirewallSecuritypolicy(ctx *Context, name string, id IDInput, state *PackagesFirewallSecuritypolicyState, opts ...ResourceOption) (*PackagesFirewallSecuritypolicy, error)

public static PackagesFirewallSecuritypolicy Get(string name, Input<string> id, PackagesFirewallSecuritypolicyState? state, CustomResourceOptions? opts = null)

public static PackagesFirewallSecuritypolicy get(String name, Output<String> id, PackagesFirewallSecuritypolicyState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:PackagesFirewallSecuritypolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Action string: Policy action (accept/deny). Valid values: deny, accept.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AppCategory string: Application category ID list.
AppGroup string: Application group names.
ApplicationList string: Name of an existing Application list.
Applications List<double>: Application ID list.
AvProfile string: Name of an existing Antivirus profile.
CasbProfile string: Name of an existing CASB profile.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
DiameterFilterProfile string: Name of an existing Diameter filter profile.
DlpProfile string: Name of an existing DLP profile.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
Dstaddr string: Destination IPv4 address name and address group names.
Dstaddr4 string: Destination IPv4 address name and address group names.
Dstaddr6 string: Destination IPv6 address name and address group names.
Dstaddr6Negate string: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
DstaddrNegate string: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
EnforceDefaultAppPort string: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
FileFilterProfile string: Name of an existing file-filter profile.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
IcapProfile string: Name of an existing ICAP profile.
InternetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetService6 string: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
InternetService6CustomGroups List<string>: Custom IPv6 Internet Service group name.
InternetService6Customs List<string>: Custom IPv6 Internet Service name.
InternetService6Groups List<string>: Internet Service group name.
InternetService6Names List<string>: IPv6 Internet Service name.
InternetService6Negate string: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
InternetService6Src string: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetService6SrcCustomGroups List<string>: Custom Internet Service6 source group name.
InternetService6SrcCustoms List<string>: Custom IPv6 Internet Service source name.
InternetService6SrcGroups List<string>: Internet Service6 source group name.
InternetService6SrcNames List<string>: IPv6 Internet Service source name.
InternetService6SrcNegate string: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceCustom string: Custom Internet Service name.
InternetServiceCustomGroup string: Custom Internet Service group name.
InternetServiceGroup string: Internet Service group name.
InternetServiceId string: Internet Service ID.
InternetServiceName string: Internet Service name.
InternetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetServiceSrcCustom string: Custom Internet Service source name.
InternetServiceSrcCustomGroup string: Custom Internet Service source group name.
InternetServiceSrcGroup string: Internet Service source group name.
InternetServiceSrcId string: Internet Service source ID.
InternetServiceSrcName string: Internet Service source name.
InternetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
IpsVoipFilter string: Name of an existing VoIP (ips) profile.
LearningMode string: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat46 string: Enable/disable NAT46. Valid values: disable, enable.
Nat64 string: Enable/disable NAT64. Valid values: disable, enable.
PackagesFirewallSecuritypolicyId string: an identifier for the resource with format {{policyid}}.
Pkg string: Package.
PkgFolderPath string: Pkg Folder Path.
Policyid double: Policy ID.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SctpFilterProfile string: Name of an existing SCTP filter profile.
SendDenyPacket string: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
Srcaddr string: Source IPv4 address name and address group names.
Srcaddr4 string: Source IPv4 address name and address group names.
Srcaddr6 string: Source IPv6 address name and address group names.
Srcaddr6Negate string: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
SrcaddrNegate string: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
UrlCategory string: URL category ID list.
Users string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable security profiles. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VideofilterProfile string: Name of an existing VideoFilter profile.
VirtualPatchProfile string: Name of an existing virtual-patch profile.
VoipProfile string: Name of an existing VoIP profile.
WebfilterProfile string: Name of an existing Web filter profile.
_policyBlock double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

Action string: Policy action (accept/deny). Valid values: deny, accept.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AppCategory string: Application category ID list.
AppGroup string: Application group names.
ApplicationList string: Name of an existing Application list.
Applications []float64: Application ID list.
AvProfile string: Name of an existing Antivirus profile.
CasbProfile string: Name of an existing CASB profile.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
DiameterFilterProfile string: Name of an existing Diameter filter profile.
DlpProfile string: Name of an existing DLP profile.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
Dstaddr string: Destination IPv4 address name and address group names.
Dstaddr4 string: Destination IPv4 address name and address group names.
Dstaddr6 string: Destination IPv6 address name and address group names.
Dstaddr6Negate string: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
DstaddrNegate string: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
EnforceDefaultAppPort string: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
FileFilterProfile string: Name of an existing file-filter profile.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
IcapProfile string: Name of an existing ICAP profile.
InternetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
InternetService6 string: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
InternetService6CustomGroups []string: Custom IPv6 Internet Service group name.
InternetService6Customs []string: Custom IPv6 Internet Service name.
InternetService6Groups []string: Internet Service group name.
InternetService6Names []string: IPv6 Internet Service name.
InternetService6Negate string: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
InternetService6Src string: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetService6SrcCustomGroups []string: Custom Internet Service6 source group name.
InternetService6SrcCustoms []string: Custom IPv6 Internet Service source name.
InternetService6SrcGroups []string: Internet Service6 source group name.
InternetService6SrcNames []string: IPv6 Internet Service source name.
InternetService6SrcNegate string: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceCustom string: Custom Internet Service name.
InternetServiceCustomGroup string: Custom Internet Service group name.
InternetServiceGroup string: Internet Service group name.
InternetServiceId string: Internet Service ID.
InternetServiceName string: Internet Service name.
InternetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
InternetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
InternetServiceSrcCustom string: Custom Internet Service source name.
InternetServiceSrcCustomGroup string: Custom Internet Service source group name.
InternetServiceSrcGroup string: Internet Service source group name.
InternetServiceSrcId string: Internet Service source ID.
InternetServiceSrcName string: Internet Service source name.
InternetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
IpsVoipFilter string: Name of an existing VoIP (ips) profile.
LearningMode string: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat46 string: Enable/disable NAT46. Valid values: disable, enable.
Nat64 string: Enable/disable NAT64. Valid values: disable, enable.
PackagesFirewallSecuritypolicyId string: an identifier for the resource with format {{policyid}}.
Pkg string: Package.
PkgFolderPath string: Pkg Folder Path.
Policyid float64: Policy ID.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SctpFilterProfile string: Name of an existing SCTP filter profile.
SendDenyPacket string: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
Srcaddr string: Source IPv4 address name and address group names.
Srcaddr4 string: Source IPv4 address name and address group names.
Srcaddr6 string: Source IPv6 address name and address group names.
Srcaddr6Negate string: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
SrcaddrNegate string: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
UrlCategory string: URL category ID list.
Users string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable security profiles. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VideofilterProfile string: Name of an existing VideoFilter profile.
VirtualPatchProfile string: Name of an existing virtual-patch profile.
VoipProfile string: Name of an existing VoIP profile.
WebfilterProfile string: Name of an existing Web filter profile.
_policyBlock float64: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

_policyBlock Double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (accept/deny). Valid values: deny, accept.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory String: Application category ID list.
appGroup String: Application group names.
applicationList String: Name of an existing Application list.
applications List<Double>: Application ID list.
avProfile String: Name of an existing Antivirus profile.
casbProfile String: Name of an existing CASB profile.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
diameterFilterProfile String: Name of an existing Diameter filter profile.
dlpProfile String: Name of an existing DLP profile.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dstaddr String: Destination IPv4 address name and address group names.
dstaddr4 String: Destination IPv4 address name and address group names.
dstaddr6 String: Destination IPv6 address name and address group names.
dstaddr6Negate String: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrNegate String: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
enforceDefaultAppPort String: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
fileFilterProfile String: Name of an existing file-filter profile.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
icapProfile String: Name of an existing ICAP profile.
internetService String: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 String: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
internetService6CustomGroups List<String>: Custom IPv6 Internet Service group name.
internetService6Customs List<String>: Custom IPv6 Internet Service name.
internetService6Groups List<String>: Internet Service group name.
internetService6Names List<String>: IPv6 Internet Service name.
internetService6Negate String: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
internetService6Src String: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetService6SrcCustomGroups List<String>: Custom Internet Service6 source group name.
internetService6SrcCustoms List<String>: Custom IPv6 Internet Service source name.
internetService6SrcGroups List<String>: Internet Service6 source group name.
internetService6SrcNames List<String>: IPv6 Internet Service source name.
internetService6SrcNegate String: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
internetServiceCustom String: Custom Internet Service name.
internetServiceCustomGroup String: Custom Internet Service group name.
internetServiceGroup String: Internet Service group name.
internetServiceId String: Internet Service ID.
internetServiceName String: Internet Service name.
internetServiceNegate String: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc String: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom String: Custom Internet Service source name.
internetServiceSrcCustomGroup String: Custom Internet Service source group name.
internetServiceSrcGroup String: Internet Service source group name.
internetServiceSrcId String: Internet Service source ID.
internetServiceSrcName String: Internet Service source name.
internetServiceSrcNegate String: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
ipsVoipFilter String: Name of an existing VoIP (ips) profile.
learningMode String: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat46 String: Enable/disable NAT46. Valid values: disable, enable.
nat64 String: Enable/disable NAT64. Valid values: disable, enable.
packagesFirewallSecuritypolicyId String: an identifier for the resource with format {{policyid}}.
pkg String: Package.
pkgFolderPath String: Pkg Folder Path.
policyid Double: Policy ID.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile String: Name of an existing SCTP filter profile.
sendDenyPacket String: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
srcaddr String: Source IPv4 address name and address group names.
srcaddr4 String: Source IPv4 address name and address group names.
srcaddr6 String: Source IPv6 address name and address group names.
srcaddr6Negate String: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrNegate String: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
urlCategory String: URL category ID list.
users String: Names of individual users that can authenticate with this policy.
utmStatus String: Enable security profiles. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile String: Name of an existing VideoFilter profile.
virtualPatchProfile String: Name of an existing virtual-patch profile.
voipProfile String: Name of an existing VoIP profile.
webfilterProfile String: Name of an existing Web filter profile.

_policyBlock number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action string: Policy action (accept/deny). Valid values: deny, accept.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory string: Application category ID list.
appGroup string: Application group names.
applicationList string: Name of an existing Application list.
applications number[]: Application ID list.
avProfile string: Name of an existing Antivirus profile.
casbProfile string: Name of an existing CASB profile.
cifsProfile string: Name of an existing CIFS profile.
comments string: Comment.
diameterFilterProfile string: Name of an existing Diameter filter profile.
dlpProfile string: Name of an existing DLP profile.
dlpSensor string: Name of an existing DLP sensor.
dnsfilterProfile string: Name of an existing DNS filter profile.
dstaddr string: Destination IPv4 address name and address group names.
dstaddr4 string: Destination IPv4 address name and address group names.
dstaddr6 string: Destination IPv6 address name and address group names.
dstaddr6Negate string: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrNegate string: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf string: Outgoing (egress) interface.
emailfilterProfile string: Name of an existing email filter profile.
enforceDefaultAppPort string: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
fileFilterProfile string: Name of an existing file-filter profile.
fssoGroups string: Names of FSSO groups.
globalLabel string: Label for the policy that appears when the GUI is in Global View mode.
groups string: Names of user groups that can authenticate with this policy.
icapProfile string: Name of an existing ICAP profile.
internetService string: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 string: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
internetService6CustomGroups string[]: Custom IPv6 Internet Service group name.
internetService6Customs string[]: Custom IPv6 Internet Service name.
internetService6Groups string[]: Internet Service group name.
internetService6Names string[]: IPv6 Internet Service name.
internetService6Negate string: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
internetService6Src string: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetService6SrcCustomGroups string[]: Custom Internet Service6 source group name.
internetService6SrcCustoms string[]: Custom IPv6 Internet Service source name.
internetService6SrcGroups string[]: Internet Service6 source group name.
internetService6SrcNames string[]: IPv6 Internet Service source name.
internetService6SrcNegate string: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
internetServiceCustom string: Custom Internet Service name.
internetServiceCustomGroup string: Custom Internet Service group name.
internetServiceGroup string: Internet Service group name.
internetServiceId string: Internet Service ID.
internetServiceName string: Internet Service name.
internetServiceNegate string: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc string: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom string: Custom Internet Service source name.
internetServiceSrcCustomGroup string: Custom Internet Service source group name.
internetServiceSrcGroup string: Internet Service source group name.
internetServiceSrcId string: Internet Service source ID.
internetServiceSrcName string: Internet Service source name.
internetServiceSrcNegate string: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ipsSensor string: Name of an existing IPS sensor.
ipsVoipFilter string: Name of an existing VoIP (ips) profile.
learningMode string: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
mmsProfile string: Name of an existing MMS profile.
name string: Policy name.
nat46 string: Enable/disable NAT46. Valid values: disable, enable.
nat64 string: Enable/disable NAT64. Valid values: disable, enable.
packagesFirewallSecuritypolicyId string: an identifier for the resource with format {{policyid}}.
pkg string: Package.
pkgFolderPath string: Pkg Folder Path.
policyid number: Policy ID.
profileGroup string: Name of profile group.
profileProtocolOptions string: Name of an existing Protocol options profile.
profileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule string: Schedule name.
scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile string: Name of an existing SCTP filter profile.
sendDenyPacket string: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
service string: Service and service group names.
serviceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
srcaddr string: Source IPv4 address name and address group names.
srcaddr4 string: Source IPv4 address name and address group names.
srcaddr6 string: Source IPv6 address name and address group names.
srcaddr6Negate string: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrNegate string: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcintf string: Incoming (ingress) interface.
sshFilterProfile string: Name of an existing SSH filter profile.
sslSshProfile string: Name of an existing SSL SSH profile.
status string: Enable or disable this policy. Valid values: disable, enable.
urlCategory string: URL category ID list.
users string: Names of individual users that can authenticate with this policy.
utmStatus string: Enable security profiles. Valid values: disable, enable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile string: Name of an existing VideoFilter profile.
virtualPatchProfile string: Name of an existing virtual-patch profile.
voipProfile string: Name of an existing VoIP profile.
webfilterProfile string: Name of an existing Web filter profile.

_policy_block float: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action str: Policy action (accept/deny). Valid values: deny, accept.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
app_category str: Application category ID list.
app_group str: Application group names.
application_list str: Name of an existing Application list.
applications Sequence[float]: Application ID list.
av_profile str: Name of an existing Antivirus profile.
casb_profile str: Name of an existing CASB profile.
cifs_profile str: Name of an existing CIFS profile.
comments str: Comment.
diameter_filter_profile str: Name of an existing Diameter filter profile.
dlp_profile str: Name of an existing DLP profile.
dlp_sensor str: Name of an existing DLP sensor.
dnsfilter_profile str: Name of an existing DNS filter profile.
dstaddr str: Destination IPv4 address name and address group names.
dstaddr4 str: Destination IPv4 address name and address group names.
dstaddr6 str: Destination IPv6 address name and address group names.
dstaddr6_negate str: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddr_negate str: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf str: Outgoing (egress) interface.
emailfilter_profile str: Name of an existing email filter profile.
enforce_default_app_port str: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
file_filter_profile str: Name of an existing file-filter profile.
fsso_groups str: Names of FSSO groups.
global_label str: Label for the policy that appears when the GUI is in Global View mode.
groups str: Names of user groups that can authenticate with this policy.
icap_profile str: Name of an existing ICAP profile.
internet_service str: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internet_service6 str: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
internet_service6_custom_groups Sequence[str]: Custom IPv6 Internet Service group name.
internet_service6_customs Sequence[str]: Custom IPv6 Internet Service name.
internet_service6_groups Sequence[str]: Internet Service group name.
internet_service6_names Sequence[str]: IPv6 Internet Service name.
internet_service6_negate str: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
internet_service6_src str: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internet_service6_src_custom_groups Sequence[str]: Custom Internet Service6 source group name.
internet_service6_src_customs Sequence[str]: Custom IPv6 Internet Service source name.
internet_service6_src_groups Sequence[str]: Internet Service6 source group name.
internet_service6_src_names Sequence[str]: IPv6 Internet Service source name.
internet_service6_src_negate str: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
internet_service_custom str: Custom Internet Service name.
internet_service_custom_group str: Custom Internet Service group name.
internet_service_group str: Internet Service group name.
internet_service_id str: Internet Service ID.
internet_service_name str: Internet Service name.
internet_service_negate str: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internet_service_src str: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internet_service_src_custom str: Custom Internet Service source name.
internet_service_src_custom_group str: Custom Internet Service source group name.
internet_service_src_group str: Internet Service source group name.
internet_service_src_id str: Internet Service source ID.
internet_service_src_name str: Internet Service source name.
internet_service_src_negate str: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ips_sensor str: Name of an existing IPS sensor.
ips_voip_filter str: Name of an existing VoIP (ips) profile.
learning_mode str: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
logtraffic str: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtraffic_start str: Record logs when a session starts. Valid values: disable, enable.
mms_profile str: Name of an existing MMS profile.
name str: Policy name.
nat46 str: Enable/disable NAT46. Valid values: disable, enable.
nat64 str: Enable/disable NAT64. Valid values: disable, enable.
packages_firewall_securitypolicy_id str: an identifier for the resource with format {{policyid}}.
pkg str: Package.
pkg_folder_path str: Pkg Folder Path.
policyid float: Policy ID.
profile_group str: Name of profile group.
profile_protocol_options str: Name of an existing Protocol options profile.
profile_type str: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule str: Schedule name.
scopetype str: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctp_filter_profile str: Name of an existing SCTP filter profile.
send_deny_packet str: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
service str: Service and service group names.
service_negate str: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
srcaddr str: Source IPv4 address name and address group names.
srcaddr4 str: Source IPv4 address name and address group names.
srcaddr6 str: Source IPv6 address name and address group names.
srcaddr6_negate str: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcaddr_negate str: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcintf str: Incoming (ingress) interface.
ssh_filter_profile str: Name of an existing SSH filter profile.
ssl_ssh_profile str: Name of an existing SSL SSH profile.
status str: Enable or disable this policy. Valid values: disable, enable.
url_category str: URL category ID list.
users str: Names of individual users that can authenticate with this policy.
utm_status str: Enable security profiles. Valid values: disable, enable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilter_profile str: Name of an existing VideoFilter profile.
virtual_patch_profile str: Name of an existing virtual-patch profile.
voip_profile str: Name of an existing VoIP profile.
webfilter_profile str: Name of an existing Web filter profile.

_policyBlock Number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (accept/deny). Valid values: deny, accept.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
appCategory String: Application category ID list.
appGroup String: Application group names.
applicationList String: Name of an existing Application list.
applications List<Number>: Application ID list.
avProfile String: Name of an existing Antivirus profile.
casbProfile String: Name of an existing CASB profile.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
diameterFilterProfile String: Name of an existing Diameter filter profile.
dlpProfile String: Name of an existing DLP profile.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dstaddr String: Destination IPv4 address name and address group names.
dstaddr4 String: Destination IPv4 address name and address group names.
dstaddr6 String: Destination IPv6 address name and address group names.
dstaddr6Negate String: When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrNegate String: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
enforceDefaultAppPort String: Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
fileFilterProfile String: Name of an existing file-filter profile.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
icapProfile String: Name of an existing ICAP profile.
internetService String: Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
internetService6 String: Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
internetService6CustomGroups List<String>: Custom IPv6 Internet Service group name.
internetService6Customs List<String>: Custom IPv6 Internet Service name.
internetService6Groups List<String>: Internet Service group name.
internetService6Names List<String>: IPv6 Internet Service name.
internetService6Negate String: When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
internetService6Src String: Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetService6SrcCustomGroups List<String>: Custom Internet Service6 source group name.
internetService6SrcCustoms List<String>: Custom IPv6 Internet Service source name.
internetService6SrcGroups List<String>: Internet Service6 source group name.
internetService6SrcNames List<String>: IPv6 Internet Service source name.
internetService6SrcNegate String: When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
internetServiceCustom String: Custom Internet Service name.
internetServiceCustomGroup String: Custom Internet Service group name.
internetServiceGroup String: Internet Service group name.
internetServiceId String: Internet Service ID.
internetServiceName String: Internet Service name.
internetServiceNegate String: When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
internetServiceSrc String: Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
internetServiceSrcCustom String: Custom Internet Service source name.
internetServiceSrcCustomGroup String: Custom Internet Service source group name.
internetServiceSrcGroup String: Internet Service source group name.
internetServiceSrcId String: Internet Service source ID.
internetServiceSrcName String: Internet Service source name.
internetServiceSrcNegate String: When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
ipsVoipFilter String: Name of an existing VoIP (ips) profile.
learningMode String: Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat46 String: Enable/disable NAT46. Valid values: disable, enable.
nat64 String: Enable/disable NAT64. Valid values: disable, enable.
packagesFirewallSecuritypolicyId String: an identifier for the resource with format {{policyid}}.
pkg String: Package.
pkgFolderPath String: Pkg Folder Path.
policyid Number: Policy ID.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sctpFilterProfile String: Name of an existing SCTP filter profile.
sendDenyPacket String: Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
srcaddr String: Source IPv4 address name and address group names.
srcaddr4 String: Source IPv4 address name and address group names.
srcaddr6 String: Source IPv6 address name and address group names.
srcaddr6Negate String: When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrNegate String: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
urlCategory String: URL category ID list.
users String: Names of individual users that can authenticate with this policy.
utmStatus String: Enable security profiles. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
videofilterProfile String: Name of an existing VideoFilter profile.
virtualPatchProfile String: Name of an existing virtual-patch profile.
voipProfile String: Name of an existing VoIP profile.
webfilterProfile String: Name of an existing Web filter profile.

Import

Packages FirewallSecurityPolicy can be imported using any of these accepted formats:

Set import_options = [“pkg_folder_path=YOUR_VALUE”, “pkg=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/packagesFirewallSecuritypolicy:PackagesFirewallSecuritypolicy labelname {{policyid}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesFirewallSecuritypolicy

On this page

On this page

Create PackagesFirewallSecuritypolicy Resource

Constructor syntax

Parameters

Constructor example

PackagesFirewallSecuritypolicy Resource Properties

Inputs

Outputs

Look up Existing PackagesFirewallSecuritypolicy Resource

Import

Package Details

On this page

On this page