fortimanager 1.13.0, Mar 13 25

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesGlobalHeaderPolicy6

Explore with Pulumi AI

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortimanager from "@pulumi/fortimanager";

const labelname = new fortimanager.PackagesGlobalHeaderPolicy6("labelname", {
    action: "accept",
    comments: "terraform-comment",
    dstaddr: "gall",
    dstintf: "any",
    pkg: "default",
    schedule: "galways",
    service: "gALL",
    srcaddr: "gall",
    srcintf: "any",
    status: "disable",
});

import pulumi
import pulumi_fortimanager as fortimanager

labelname = fortimanager.PackagesGlobalHeaderPolicy6("labelname",
    action="accept",
    comments="terraform-comment",
    dstaddr="gall",
    dstintf="any",
    pkg="default",
    schedule="galways",
    service="gALL",
    srcaddr="gall",
    srcintf="any",
    status="disable")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/fortimanager/fortimanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fortimanager.NewPackagesGlobalHeaderPolicy6(ctx, "labelname", &fortimanager.PackagesGlobalHeaderPolicy6Args{
			Action:   pulumi.String("accept"),
			Comments: pulumi.String("terraform-comment"),
			Dstaddr:  pulumi.String("gall"),
			Dstintf:  pulumi.String("any"),
			Pkg:      pulumi.String("default"),
			Schedule: pulumi.String("galways"),
			Service:  pulumi.String("gALL"),
			Srcaddr:  pulumi.String("gall"),
			Srcintf:  pulumi.String("any"),
			Status:   pulumi.String("disable"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortimanager = Pulumi.Fortimanager;

return await Deployment.RunAsync(() => 
{
    var labelname = new Fortimanager.PackagesGlobalHeaderPolicy6("labelname", new()
    {
        Action = "accept",
        Comments = "terraform-comment",
        Dstaddr = "gall",
        Dstintf = "any",
        Pkg = "default",
        Schedule = "galways",
        Service = "gALL",
        Srcaddr = "gall",
        Srcintf = "any",
        Status = "disable",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortimanager.PackagesGlobalHeaderPolicy6;
import com.pulumi.fortimanager.PackagesGlobalHeaderPolicy6Args;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var labelname = new PackagesGlobalHeaderPolicy6("labelname", PackagesGlobalHeaderPolicy6Args.builder()
            .action("accept")
            .comments("terraform-comment")
            .dstaddr("gall")
            .dstintf("any")
            .pkg("default")
            .schedule("galways")
            .service("gALL")
            .srcaddr("gall")
            .srcintf("any")
            .status("disable")
            .build());

    }
}

resources:
  labelname:
    type: fortimanager:PackagesGlobalHeaderPolicy6
    properties:
      action: accept
      comments: terraform-comment
      dstaddr: gall
      dstintf: any
      pkg: default
      schedule: galways
      service: gALL
      srcaddr: gall
      srcintf: any
      status: disable

Create PackagesGlobalHeaderPolicy6 Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PackagesGlobalHeaderPolicy6(name: string, args: PackagesGlobalHeaderPolicy6Args, opts?: CustomResourceOptions);

@overload
def PackagesGlobalHeaderPolicy6(resource_name: str,
                                args: PackagesGlobalHeaderPolicy6Args,
                                opts: Optional[ResourceOptions] = None)

@overload
def PackagesGlobalHeaderPolicy6(resource_name: str,
                                opts: Optional[ResourceOptions] = None,
                                pkg: Optional[str] = None,
                                _policy_block: Optional[float] = None,
                                action: Optional[str] = None,
                                anti_replay: Optional[str] = None,
                                app_category: Optional[str] = None,
                                app_group: Optional[str] = None,
                                application_charts: Optional[Sequence[str]] = None,
                                application_list: Optional[str] = None,
                                applications: Optional[Sequence[float]] = None,
                                auto_asic_offload: Optional[str] = None,
                                av_profile: Optional[str] = None,
                                casi_profile: Optional[str] = None,
                                cgn_log_server_grp: Optional[str] = None,
                                cifs_profile: Optional[str] = None,
                                comments: Optional[str] = None,
                                custom_log_fields: Optional[str] = None,
                                decrypted_traffic_mirror: Optional[str] = None,
                                deep_inspection_options: Optional[str] = None,
                                device_detection_portal: Optional[str] = None,
                                devices: Optional[str] = None,
                                diffserv_forward: Optional[str] = None,
                                diffserv_reverse: Optional[str] = None,
                                diffservcode_forward: Optional[str] = None,
                                diffservcode_rev: Optional[str] = None,
                                dlp_sensor: Optional[str] = None,
                                dnsfilter_profile: Optional[str] = None,
                                dscp_match: Optional[str] = None,
                                dscp_negate: Optional[str] = None,
                                dscp_value: Optional[str] = None,
                                dsri: Optional[str] = None,
                                dstaddr: Optional[str] = None,
                                dstaddr_negate: Optional[str] = None,
                                dstintf: Optional[str] = None,
                                dynamic_profile: Optional[str] = None,
                                dynamic_profile_accesses: Optional[Sequence[str]] = None,
                                dynamic_profile_group: Optional[str] = None,
                                email_collection_portal: Optional[str] = None,
                                emailfilter_profile: Optional[str] = None,
                                file_filter_profile: Optional[str] = None,
                                firewall_session_dirty: Optional[str] = None,
                                fixedport: Optional[str] = None,
                                fsae: Optional[str] = None,
                                fsso_groups: Optional[str] = None,
                                global_label: Optional[str] = None,
                                groups: Optional[str] = None,
                                http_policy_redirect: Optional[str] = None,
                                icap_profile: Optional[str] = None,
                                identity_based: Optional[str] = None,
                                identity_from: Optional[str] = None,
                                inbound: Optional[str] = None,
                                inspection_mode: Optional[str] = None,
                                ippool: Optional[str] = None,
                                ips_sensor: Optional[str] = None,
                                label: Optional[str] = None,
                                logtraffic: Optional[str] = None,
                                logtraffic_start: Optional[str] = None,
                                mms_profile: Optional[str] = None,
                                name: Optional[str] = None,
                                nat: Optional[str] = None,
                                natinbound: Optional[str] = None,
                                natoutbound: Optional[str] = None,
                                np_accelation: Optional[str] = None,
                                np_acceleration: Optional[str] = None,
                                outbound: Optional[str] = None,
                                packages_global_header_policy6_id: Optional[str] = None,
                                per_ip_shaper: Optional[str] = None,
                                pkg_folder_path: Optional[str] = None,
                                policy_offload: Optional[str] = None,
                                policyid: Optional[float] = None,
                                poolname: Optional[str] = None,
                                profile_group: Optional[str] = None,
                                profile_protocol_options: Optional[str] = None,
                                profile_type: Optional[str] = None,
                                replacemsg_group: Optional[str] = None,
                                replacemsg_override_group: Optional[str] = None,
                                rsso: Optional[str] = None,
                                schedule: Optional[str] = None,
                                send_deny_packet: Optional[str] = None,
                                service: Optional[str] = None,
                                service_negate: Optional[str] = None,
                                session_ttl: Optional[str] = None,
                                spamfilter_profile: Optional[str] = None,
                                srcaddr: Optional[str] = None,
                                srcaddr_negate: Optional[str] = None,
                                srcintf: Optional[str] = None,
                                ssh_filter_profile: Optional[str] = None,
                                ssh_policy_redirect: Optional[str] = None,
                                ssl_mirror: Optional[str] = None,
                                ssl_mirror_intf: Optional[str] = None,
                                ssl_ssh_profile: Optional[str] = None,
                                sslvpn_auth: Optional[str] = None,
                                sslvpn_ccert: Optional[str] = None,
                                sslvpn_cipher: Optional[str] = None,
                                status: Optional[str] = None,
                                tags: Optional[str] = None,
                                tcp_mss_receiver: Optional[float] = None,
                                tcp_mss_sender: Optional[float] = None,
                                tcp_session_without_syn: Optional[str] = None,
                                timeout_send_rst: Optional[str] = None,
                                tos: Optional[str] = None,
                                tos_mask: Optional[str] = None,
                                tos_negate: Optional[str] = None,
                                traffic_shaper: Optional[str] = None,
                                traffic_shaper_reverse: Optional[str] = None,
                                url_category: Optional[str] = None,
                                users: Optional[str] = None,
                                utm_inspection_mode: Optional[str] = None,
                                utm_status: Optional[str] = None,
                                uuid: Optional[str] = None,
                                vlan_cos_fwd: Optional[float] = None,
                                vlan_cos_rev: Optional[float] = None,
                                vlan_filter: Optional[str] = None,
                                voip_profile: Optional[str] = None,
                                vpntunnel: Optional[str] = None,
                                waf_profile: Optional[str] = None,
                                webcache: Optional[str] = None,
                                webcache_https: Optional[str] = None,
                                webfilter_profile: Optional[str] = None,
                                webproxy_forward_server: Optional[str] = None,
                                webproxy_profile: Optional[str] = None)

func NewPackagesGlobalHeaderPolicy6(ctx *Context, name string, args PackagesGlobalHeaderPolicy6Args, opts ...ResourceOption) (*PackagesGlobalHeaderPolicy6, error)

public PackagesGlobalHeaderPolicy6(string name, PackagesGlobalHeaderPolicy6Args args, CustomResourceOptions? opts = null)

public PackagesGlobalHeaderPolicy6(String name, PackagesGlobalHeaderPolicy6Args args)
public PackagesGlobalHeaderPolicy6(String name, PackagesGlobalHeaderPolicy6Args args, CustomResourceOptions options)

type: fortimanager:PackagesGlobalHeaderPolicy6
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PackagesGlobalHeaderPolicy6Args: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PackagesGlobalHeaderPolicy6Args: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PackagesGlobalHeaderPolicy6Args: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PackagesGlobalHeaderPolicy6Args: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PackagesGlobalHeaderPolicy6Args: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var packagesGlobalHeaderPolicy6Resource = new Fortimanager.PackagesGlobalHeaderPolicy6("packagesGlobalHeaderPolicy6Resource", new()
{
    Pkg = "string",
    _policyBlock = 0,
    Action = "string",
    AntiReplay = "string",
    AppCategory = "string",
    AppGroup = "string",
    ApplicationCharts = new[]
    {
        "string",
    },
    ApplicationList = "string",
    Applications = new[]
    {
        0,
    },
    AutoAsicOffload = "string",
    AvProfile = "string",
    CasiProfile = "string",
    CgnLogServerGrp = "string",
    CifsProfile = "string",
    Comments = "string",
    CustomLogFields = "string",
    DecryptedTrafficMirror = "string",
    DeepInspectionOptions = "string",
    DeviceDetectionPortal = "string",
    Devices = "string",
    DiffservForward = "string",
    DiffservReverse = "string",
    DiffservcodeForward = "string",
    DiffservcodeRev = "string",
    DlpSensor = "string",
    DnsfilterProfile = "string",
    DscpMatch = "string",
    DscpNegate = "string",
    DscpValue = "string",
    Dsri = "string",
    Dstaddr = "string",
    DstaddrNegate = "string",
    Dstintf = "string",
    DynamicProfile = "string",
    DynamicProfileAccesses = new[]
    {
        "string",
    },
    DynamicProfileGroup = "string",
    EmailCollectionPortal = "string",
    EmailfilterProfile = "string",
    FileFilterProfile = "string",
    FirewallSessionDirty = "string",
    Fixedport = "string",
    Fsae = "string",
    FssoGroups = "string",
    GlobalLabel = "string",
    Groups = "string",
    HttpPolicyRedirect = "string",
    IcapProfile = "string",
    IdentityBased = "string",
    IdentityFrom = "string",
    Inbound = "string",
    InspectionMode = "string",
    Ippool = "string",
    IpsSensor = "string",
    Label = "string",
    Logtraffic = "string",
    LogtrafficStart = "string",
    MmsProfile = "string",
    Name = "string",
    Nat = "string",
    Natinbound = "string",
    Natoutbound = "string",
    NpAccelation = "string",
    NpAcceleration = "string",
    Outbound = "string",
    PackagesGlobalHeaderPolicy6Id = "string",
    PerIpShaper = "string",
    PkgFolderPath = "string",
    PolicyOffload = "string",
    Policyid = 0,
    Poolname = "string",
    ProfileGroup = "string",
    ProfileProtocolOptions = "string",
    ProfileType = "string",
    ReplacemsgGroup = "string",
    ReplacemsgOverrideGroup = "string",
    Rsso = "string",
    Schedule = "string",
    SendDenyPacket = "string",
    Service = "string",
    ServiceNegate = "string",
    SessionTtl = "string",
    SpamfilterProfile = "string",
    Srcaddr = "string",
    SrcaddrNegate = "string",
    Srcintf = "string",
    SshFilterProfile = "string",
    SshPolicyRedirect = "string",
    SslMirror = "string",
    SslMirrorIntf = "string",
    SslSshProfile = "string",
    SslvpnAuth = "string",
    SslvpnCcert = "string",
    SslvpnCipher = "string",
    Status = "string",
    Tags = "string",
    TcpMssReceiver = 0,
    TcpMssSender = 0,
    TcpSessionWithoutSyn = "string",
    TimeoutSendRst = "string",
    Tos = "string",
    TosMask = "string",
    TosNegate = "string",
    TrafficShaper = "string",
    TrafficShaperReverse = "string",
    UrlCategory = "string",
    Users = "string",
    UtmInspectionMode = "string",
    UtmStatus = "string",
    Uuid = "string",
    VlanCosFwd = 0,
    VlanCosRev = 0,
    VlanFilter = "string",
    VoipProfile = "string",
    Vpntunnel = "string",
    WafProfile = "string",
    Webcache = "string",
    WebcacheHttps = "string",
    WebfilterProfile = "string",
    WebproxyForwardServer = "string",
    WebproxyProfile = "string",
});

example, err := fortimanager.NewPackagesGlobalHeaderPolicy6(ctx, "packagesGlobalHeaderPolicy6Resource", &fortimanager.PackagesGlobalHeaderPolicy6Args{
Pkg: pulumi.String("string"),
_policyBlock: pulumi.Float64(0),
Action: pulumi.String("string"),
AntiReplay: pulumi.String("string"),
AppCategory: pulumi.String("string"),
AppGroup: pulumi.String("string"),
ApplicationCharts: pulumi.StringArray{
pulumi.String("string"),
},
ApplicationList: pulumi.String("string"),
Applications: pulumi.Float64Array{
pulumi.Float64(0),
},
AutoAsicOffload: pulumi.String("string"),
AvProfile: pulumi.String("string"),
CasiProfile: pulumi.String("string"),
CgnLogServerGrp: pulumi.String("string"),
CifsProfile: pulumi.String("string"),
Comments: pulumi.String("string"),
CustomLogFields: pulumi.String("string"),
DecryptedTrafficMirror: pulumi.String("string"),
DeepInspectionOptions: pulumi.String("string"),
DeviceDetectionPortal: pulumi.String("string"),
Devices: pulumi.String("string"),
DiffservForward: pulumi.String("string"),
DiffservReverse: pulumi.String("string"),
DiffservcodeForward: pulumi.String("string"),
DiffservcodeRev: pulumi.String("string"),
DlpSensor: pulumi.String("string"),
DnsfilterProfile: pulumi.String("string"),
DscpMatch: pulumi.String("string"),
DscpNegate: pulumi.String("string"),
DscpValue: pulumi.String("string"),
Dsri: pulumi.String("string"),
Dstaddr: pulumi.String("string"),
DstaddrNegate: pulumi.String("string"),
Dstintf: pulumi.String("string"),
DynamicProfile: pulumi.String("string"),
DynamicProfileAccesses: pulumi.StringArray{
pulumi.String("string"),
},
DynamicProfileGroup: pulumi.String("string"),
EmailCollectionPortal: pulumi.String("string"),
EmailfilterProfile: pulumi.String("string"),
FileFilterProfile: pulumi.String("string"),
FirewallSessionDirty: pulumi.String("string"),
Fixedport: pulumi.String("string"),
Fsae: pulumi.String("string"),
FssoGroups: pulumi.String("string"),
GlobalLabel: pulumi.String("string"),
Groups: pulumi.String("string"),
HttpPolicyRedirect: pulumi.String("string"),
IcapProfile: pulumi.String("string"),
IdentityBased: pulumi.String("string"),
IdentityFrom: pulumi.String("string"),
Inbound: pulumi.String("string"),
InspectionMode: pulumi.String("string"),
Ippool: pulumi.String("string"),
IpsSensor: pulumi.String("string"),
Label: pulumi.String("string"),
Logtraffic: pulumi.String("string"),
LogtrafficStart: pulumi.String("string"),
MmsProfile: pulumi.String("string"),
Name: pulumi.String("string"),
Nat: pulumi.String("string"),
Natinbound: pulumi.String("string"),
Natoutbound: pulumi.String("string"),
NpAccelation: pulumi.String("string"),
NpAcceleration: pulumi.String("string"),
Outbound: pulumi.String("string"),
PackagesGlobalHeaderPolicy6Id: pulumi.String("string"),
PerIpShaper: pulumi.String("string"),
PkgFolderPath: pulumi.String("string"),
PolicyOffload: pulumi.String("string"),
Policyid: pulumi.Float64(0),
Poolname: pulumi.String("string"),
ProfileGroup: pulumi.String("string"),
ProfileProtocolOptions: pulumi.String("string"),
ProfileType: pulumi.String("string"),
ReplacemsgGroup: pulumi.String("string"),
ReplacemsgOverrideGroup: pulumi.String("string"),
Rsso: pulumi.String("string"),
Schedule: pulumi.String("string"),
SendDenyPacket: pulumi.String("string"),
Service: pulumi.String("string"),
ServiceNegate: pulumi.String("string"),
SessionTtl: pulumi.String("string"),
SpamfilterProfile: pulumi.String("string"),
Srcaddr: pulumi.String("string"),
SrcaddrNegate: pulumi.String("string"),
Srcintf: pulumi.String("string"),
SshFilterProfile: pulumi.String("string"),
SshPolicyRedirect: pulumi.String("string"),
SslMirror: pulumi.String("string"),
SslMirrorIntf: pulumi.String("string"),
SslSshProfile: pulumi.String("string"),
SslvpnAuth: pulumi.String("string"),
SslvpnCcert: pulumi.String("string"),
SslvpnCipher: pulumi.String("string"),
Status: pulumi.String("string"),
Tags: pulumi.String("string"),
TcpMssReceiver: pulumi.Float64(0),
TcpMssSender: pulumi.Float64(0),
TcpSessionWithoutSyn: pulumi.String("string"),
TimeoutSendRst: pulumi.String("string"),
Tos: pulumi.String("string"),
TosMask: pulumi.String("string"),
TosNegate: pulumi.String("string"),
TrafficShaper: pulumi.String("string"),
TrafficShaperReverse: pulumi.String("string"),
UrlCategory: pulumi.String("string"),
Users: pulumi.String("string"),
UtmInspectionMode: pulumi.String("string"),
UtmStatus: pulumi.String("string"),
Uuid: pulumi.String("string"),
VlanCosFwd: pulumi.Float64(0),
VlanCosRev: pulumi.Float64(0),
VlanFilter: pulumi.String("string"),
VoipProfile: pulumi.String("string"),
Vpntunnel: pulumi.String("string"),
WafProfile: pulumi.String("string"),
Webcache: pulumi.String("string"),
WebcacheHttps: pulumi.String("string"),
WebfilterProfile: pulumi.String("string"),
WebproxyForwardServer: pulumi.String("string"),
WebproxyProfile: pulumi.String("string"),
})

var packagesGlobalHeaderPolicy6Resource = new PackagesGlobalHeaderPolicy6("packagesGlobalHeaderPolicy6Resource", PackagesGlobalHeaderPolicy6Args.builder()
    .pkg("string")
    ._policyBlock(0)
    .action("string")
    .antiReplay("string")
    .appCategory("string")
    .appGroup("string")
    .applicationCharts("string")
    .applicationList("string")
    .applications(0)
    .autoAsicOffload("string")
    .avProfile("string")
    .casiProfile("string")
    .cgnLogServerGrp("string")
    .cifsProfile("string")
    .comments("string")
    .customLogFields("string")
    .decryptedTrafficMirror("string")
    .deepInspectionOptions("string")
    .deviceDetectionPortal("string")
    .devices("string")
    .diffservForward("string")
    .diffservReverse("string")
    .diffservcodeForward("string")
    .diffservcodeRev("string")
    .dlpSensor("string")
    .dnsfilterProfile("string")
    .dscpMatch("string")
    .dscpNegate("string")
    .dscpValue("string")
    .dsri("string")
    .dstaddr("string")
    .dstaddrNegate("string")
    .dstintf("string")
    .dynamicProfile("string")
    .dynamicProfileAccesses("string")
    .dynamicProfileGroup("string")
    .emailCollectionPortal("string")
    .emailfilterProfile("string")
    .fileFilterProfile("string")
    .firewallSessionDirty("string")
    .fixedport("string")
    .fsae("string")
    .fssoGroups("string")
    .globalLabel("string")
    .groups("string")
    .httpPolicyRedirect("string")
    .icapProfile("string")
    .identityBased("string")
    .identityFrom("string")
    .inbound("string")
    .inspectionMode("string")
    .ippool("string")
    .ipsSensor("string")
    .label("string")
    .logtraffic("string")
    .logtrafficStart("string")
    .mmsProfile("string")
    .name("string")
    .nat("string")
    .natinbound("string")
    .natoutbound("string")
    .npAccelation("string")
    .npAcceleration("string")
    .outbound("string")
    .packagesGlobalHeaderPolicy6Id("string")
    .perIpShaper("string")
    .pkgFolderPath("string")
    .policyOffload("string")
    .policyid(0)
    .poolname("string")
    .profileGroup("string")
    .profileProtocolOptions("string")
    .profileType("string")
    .replacemsgGroup("string")
    .replacemsgOverrideGroup("string")
    .rsso("string")
    .schedule("string")
    .sendDenyPacket("string")
    .service("string")
    .serviceNegate("string")
    .sessionTtl("string")
    .spamfilterProfile("string")
    .srcaddr("string")
    .srcaddrNegate("string")
    .srcintf("string")
    .sshFilterProfile("string")
    .sshPolicyRedirect("string")
    .sslMirror("string")
    .sslMirrorIntf("string")
    .sslSshProfile("string")
    .sslvpnAuth("string")
    .sslvpnCcert("string")
    .sslvpnCipher("string")
    .status("string")
    .tags("string")
    .tcpMssReceiver(0)
    .tcpMssSender(0)
    .tcpSessionWithoutSyn("string")
    .timeoutSendRst("string")
    .tos("string")
    .tosMask("string")
    .tosNegate("string")
    .trafficShaper("string")
    .trafficShaperReverse("string")
    .urlCategory("string")
    .users("string")
    .utmInspectionMode("string")
    .utmStatus("string")
    .uuid("string")
    .vlanCosFwd(0)
    .vlanCosRev(0)
    .vlanFilter("string")
    .voipProfile("string")
    .vpntunnel("string")
    .wafProfile("string")
    .webcache("string")
    .webcacheHttps("string")
    .webfilterProfile("string")
    .webproxyForwardServer("string")
    .webproxyProfile("string")
    .build());

packages_global_header_policy6_resource = fortimanager.PackagesGlobalHeaderPolicy6("packagesGlobalHeaderPolicy6Resource",
    pkg="string",
    _policy_block=0,
    action="string",
    anti_replay="string",
    app_category="string",
    app_group="string",
    application_charts=["string"],
    application_list="string",
    applications=[0],
    auto_asic_offload="string",
    av_profile="string",
    casi_profile="string",
    cgn_log_server_grp="string",
    cifs_profile="string",
    comments="string",
    custom_log_fields="string",
    decrypted_traffic_mirror="string",
    deep_inspection_options="string",
    device_detection_portal="string",
    devices="string",
    diffserv_forward="string",
    diffserv_reverse="string",
    diffservcode_forward="string",
    diffservcode_rev="string",
    dlp_sensor="string",
    dnsfilter_profile="string",
    dscp_match="string",
    dscp_negate="string",
    dscp_value="string",
    dsri="string",
    dstaddr="string",
    dstaddr_negate="string",
    dstintf="string",
    dynamic_profile="string",
    dynamic_profile_accesses=["string"],
    dynamic_profile_group="string",
    email_collection_portal="string",
    emailfilter_profile="string",
    file_filter_profile="string",
    firewall_session_dirty="string",
    fixedport="string",
    fsae="string",
    fsso_groups="string",
    global_label="string",
    groups="string",
    http_policy_redirect="string",
    icap_profile="string",
    identity_based="string",
    identity_from="string",
    inbound="string",
    inspection_mode="string",
    ippool="string",
    ips_sensor="string",
    label="string",
    logtraffic="string",
    logtraffic_start="string",
    mms_profile="string",
    name="string",
    nat="string",
    natinbound="string",
    natoutbound="string",
    np_accelation="string",
    np_acceleration="string",
    outbound="string",
    packages_global_header_policy6_id="string",
    per_ip_shaper="string",
    pkg_folder_path="string",
    policy_offload="string",
    policyid=0,
    poolname="string",
    profile_group="string",
    profile_protocol_options="string",
    profile_type="string",
    replacemsg_group="string",
    replacemsg_override_group="string",
    rsso="string",
    schedule="string",
    send_deny_packet="string",
    service="string",
    service_negate="string",
    session_ttl="string",
    spamfilter_profile="string",
    srcaddr="string",
    srcaddr_negate="string",
    srcintf="string",
    ssh_filter_profile="string",
    ssh_policy_redirect="string",
    ssl_mirror="string",
    ssl_mirror_intf="string",
    ssl_ssh_profile="string",
    sslvpn_auth="string",
    sslvpn_ccert="string",
    sslvpn_cipher="string",
    status="string",
    tags="string",
    tcp_mss_receiver=0,
    tcp_mss_sender=0,
    tcp_session_without_syn="string",
    timeout_send_rst="string",
    tos="string",
    tos_mask="string",
    tos_negate="string",
    traffic_shaper="string",
    traffic_shaper_reverse="string",
    url_category="string",
    users="string",
    utm_inspection_mode="string",
    utm_status="string",
    uuid="string",
    vlan_cos_fwd=0,
    vlan_cos_rev=0,
    vlan_filter="string",
    voip_profile="string",
    vpntunnel="string",
    waf_profile="string",
    webcache="string",
    webcache_https="string",
    webfilter_profile="string",
    webproxy_forward_server="string",
    webproxy_profile="string")

const packagesGlobalHeaderPolicy6Resource = new fortimanager.PackagesGlobalHeaderPolicy6("packagesGlobalHeaderPolicy6Resource", {
    pkg: "string",
    _policyBlock: 0,
    action: "string",
    antiReplay: "string",
    appCategory: "string",
    appGroup: "string",
    applicationCharts: ["string"],
    applicationList: "string",
    applications: [0],
    autoAsicOffload: "string",
    avProfile: "string",
    casiProfile: "string",
    cgnLogServerGrp: "string",
    cifsProfile: "string",
    comments: "string",
    customLogFields: "string",
    decryptedTrafficMirror: "string",
    deepInspectionOptions: "string",
    deviceDetectionPortal: "string",
    devices: "string",
    diffservForward: "string",
    diffservReverse: "string",
    diffservcodeForward: "string",
    diffservcodeRev: "string",
    dlpSensor: "string",
    dnsfilterProfile: "string",
    dscpMatch: "string",
    dscpNegate: "string",
    dscpValue: "string",
    dsri: "string",
    dstaddr: "string",
    dstaddrNegate: "string",
    dstintf: "string",
    dynamicProfile: "string",
    dynamicProfileAccesses: ["string"],
    dynamicProfileGroup: "string",
    emailCollectionPortal: "string",
    emailfilterProfile: "string",
    fileFilterProfile: "string",
    firewallSessionDirty: "string",
    fixedport: "string",
    fsae: "string",
    fssoGroups: "string",
    globalLabel: "string",
    groups: "string",
    httpPolicyRedirect: "string",
    icapProfile: "string",
    identityBased: "string",
    identityFrom: "string",
    inbound: "string",
    inspectionMode: "string",
    ippool: "string",
    ipsSensor: "string",
    label: "string",
    logtraffic: "string",
    logtrafficStart: "string",
    mmsProfile: "string",
    name: "string",
    nat: "string",
    natinbound: "string",
    natoutbound: "string",
    npAccelation: "string",
    npAcceleration: "string",
    outbound: "string",
    packagesGlobalHeaderPolicy6Id: "string",
    perIpShaper: "string",
    pkgFolderPath: "string",
    policyOffload: "string",
    policyid: 0,
    poolname: "string",
    profileGroup: "string",
    profileProtocolOptions: "string",
    profileType: "string",
    replacemsgGroup: "string",
    replacemsgOverrideGroup: "string",
    rsso: "string",
    schedule: "string",
    sendDenyPacket: "string",
    service: "string",
    serviceNegate: "string",
    sessionTtl: "string",
    spamfilterProfile: "string",
    srcaddr: "string",
    srcaddrNegate: "string",
    srcintf: "string",
    sshFilterProfile: "string",
    sshPolicyRedirect: "string",
    sslMirror: "string",
    sslMirrorIntf: "string",
    sslSshProfile: "string",
    sslvpnAuth: "string",
    sslvpnCcert: "string",
    sslvpnCipher: "string",
    status: "string",
    tags: "string",
    tcpMssReceiver: 0,
    tcpMssSender: 0,
    tcpSessionWithoutSyn: "string",
    timeoutSendRst: "string",
    tos: "string",
    tosMask: "string",
    tosNegate: "string",
    trafficShaper: "string",
    trafficShaperReverse: "string",
    urlCategory: "string",
    users: "string",
    utmInspectionMode: "string",
    utmStatus: "string",
    uuid: "string",
    vlanCosFwd: 0,
    vlanCosRev: 0,
    vlanFilter: "string",
    voipProfile: "string",
    vpntunnel: "string",
    wafProfile: "string",
    webcache: "string",
    webcacheHttps: "string",
    webfilterProfile: "string",
    webproxyForwardServer: "string",
    webproxyProfile: "string",
});

type: fortimanager:PackagesGlobalHeaderPolicy6
properties:
    _policyBlock: 0
    action: string
    antiReplay: string
    appCategory: string
    appGroup: string
    applicationCharts:
        - string
    applicationList: string
    applications:
        - 0
    autoAsicOffload: string
    avProfile: string
    casiProfile: string
    cgnLogServerGrp: string
    cifsProfile: string
    comments: string
    customLogFields: string
    decryptedTrafficMirror: string
    deepInspectionOptions: string
    deviceDetectionPortal: string
    devices: string
    diffservForward: string
    diffservReverse: string
    diffservcodeForward: string
    diffservcodeRev: string
    dlpSensor: string
    dnsfilterProfile: string
    dscpMatch: string
    dscpNegate: string
    dscpValue: string
    dsri: string
    dstaddr: string
    dstaddrNegate: string
    dstintf: string
    dynamicProfile: string
    dynamicProfileAccesses:
        - string
    dynamicProfileGroup: string
    emailCollectionPortal: string
    emailfilterProfile: string
    fileFilterProfile: string
    firewallSessionDirty: string
    fixedport: string
    fsae: string
    fssoGroups: string
    globalLabel: string
    groups: string
    httpPolicyRedirect: string
    icapProfile: string
    identityBased: string
    identityFrom: string
    inbound: string
    inspectionMode: string
    ippool: string
    ipsSensor: string
    label: string
    logtraffic: string
    logtrafficStart: string
    mmsProfile: string
    name: string
    nat: string
    natinbound: string
    natoutbound: string
    npAccelation: string
    npAcceleration: string
    outbound: string
    packagesGlobalHeaderPolicy6Id: string
    perIpShaper: string
    pkg: string
    pkgFolderPath: string
    policyOffload: string
    policyid: 0
    poolname: string
    profileGroup: string
    profileProtocolOptions: string
    profileType: string
    replacemsgGroup: string
    replacemsgOverrideGroup: string
    rsso: string
    schedule: string
    sendDenyPacket: string
    service: string
    serviceNegate: string
    sessionTtl: string
    spamfilterProfile: string
    srcaddr: string
    srcaddrNegate: string
    srcintf: string
    sshFilterProfile: string
    sshPolicyRedirect: string
    sslMirror: string
    sslMirrorIntf: string
    sslSshProfile: string
    sslvpnAuth: string
    sslvpnCcert: string
    sslvpnCipher: string
    status: string
    tags: string
    tcpMssReceiver: 0
    tcpMssSender: 0
    tcpSessionWithoutSyn: string
    timeoutSendRst: string
    tos: string
    tosMask: string
    tosNegate: string
    trafficShaper: string
    trafficShaperReverse: string
    urlCategory: string
    users: string
    utmInspectionMode: string
    utmStatus: string
    uuid: string
    vlanCosFwd: 0
    vlanCosRev: 0
    vlanFilter: string
    voipProfile: string
    vpntunnel: string
    wafProfile: string
    webcache: string
    webcacheHttps: string
    webfilterProfile: string
    webproxyForwardServer: string
    webproxyProfile: string

PackagesGlobalHeaderPolicy6 Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PackagesGlobalHeaderPolicy6 resource accepts the following input properties:

Pkg string: Package.
Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
AntiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
AppCategory string: Application category ID list.
AppGroup string: Application group names.
ApplicationCharts List<string>: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
ApplicationList string: Name of an existing Application list.
Applications List<double>: Application ID list.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CasiProfile string: Casi-Profile.
CgnLogServerGrp string: NP log server group name
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
CustomLogFields string: Log field index numbers to append custom log fields to log messages for this policy.
DecryptedTrafficMirror string: Decrypted-Traffic-Mirror.
DeepInspectionOptions string: Deep-Inspection-Options.
DeviceDetectionPortal string: Device-Detection-Portal. Valid values: disable, enable.
Devices string: Devices.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
DscpMatch string: Dscp-Match. Valid values: disable, enable.
DscpNegate string: Dscp-Negate. Valid values: disable, enable.
DscpValue string: Dscp-Value.
Dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
Dstaddr string: Destination address and address group names.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
DynamicProfile string: Dynamic-Profile. Valid values: disable, enable.
DynamicProfileAccesses List<string>: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
DynamicProfileGroup string: Dynamic-Profile-Group.
EmailCollectionPortal string: Email-Collection-Portal. Valid values: disable, enable.
EmailfilterProfile string: Name of an existing email filter profile.
FileFilterProfile string: File-Filter-Profile.
FirewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
Fsae string: Fsae. Valid values: disable, enable.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
IdentityBased string: Identity-Based. Valid values: disable, enable.
IdentityFrom string: Identity-From. Valid values: auth, device.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Label string: Label for the policy that appears when the GUI is in Section View mode.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
Natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
NpAccelation string: Np-Accelation. Valid values: disable, enable.
NpAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesGlobalHeaderPolicy6Id string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
PkgFolderPath string: Pkg Folder Path.
PolicyOffload string: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
Policyid double: Policy ID (0 - 4294967294).
Poolname string: IP Pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
ReplacemsgGroup string: Replacemsg-Group.
ReplacemsgOverrideGroup string: Override the default replacement message group for this policy.
Rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
Schedule string: Schedule name.
SendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
SessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
SpamfilterProfile string: Spamfilter-Profile.
Srcaddr string: Source address and address group names.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
SslMirrorIntf string: SSL mirror interface name.
SslSshProfile string: Name of an existing SSL SSH profile.
SslvpnAuth string: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
SslvpnCcert string: Sslvpn-Ccert. Valid values: disable, enable.
SslvpnCipher string: Sslvpn-Cipher. Valid values: any, high, medium.
Status string: Enable or disable this policy. Valid values: disable, enable.
Tags string: Tags.
TcpMssReceiver double: Receiver TCP maximum segment size (MSS).
TcpMssSender double: Sender TCP maximum segment size (MSS).
TcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
TimeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
Tos string: ToS (Type of Service) value used for comparison.
TosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
TosNegate string: Enable negated TOS match. Valid values: disable, enable.
TrafficShaper string: Reverse traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategory string: URL category ID list.
Users string: Names of individual users that can authenticate with this policy.
UtmInspectionMode string: Utm-Inspection-Mode. Valid values: proxy, flow.
UtmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VlanCosFwd double: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanCosRev double: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanFilter string: Set VLAN filters.
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Web proxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

Pkg string: Package.
Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
AntiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
AppCategory string: Application category ID list.
AppGroup string: Application group names.
ApplicationCharts []string: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
ApplicationList string: Name of an existing Application list.
Applications []float64: Application ID list.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CasiProfile string: Casi-Profile.
CgnLogServerGrp string: NP log server group name
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
CustomLogFields string: Log field index numbers to append custom log fields to log messages for this policy.
DecryptedTrafficMirror string: Decrypted-Traffic-Mirror.
DeepInspectionOptions string: Deep-Inspection-Options.
DeviceDetectionPortal string: Device-Detection-Portal. Valid values: disable, enable.
Devices string: Devices.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
DscpMatch string: Dscp-Match. Valid values: disable, enable.
DscpNegate string: Dscp-Negate. Valid values: disable, enable.
DscpValue string: Dscp-Value.
Dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
Dstaddr string: Destination address and address group names.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
DynamicProfile string: Dynamic-Profile. Valid values: disable, enable.
DynamicProfileAccesses []string: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
DynamicProfileGroup string: Dynamic-Profile-Group.
EmailCollectionPortal string: Email-Collection-Portal. Valid values: disable, enable.
EmailfilterProfile string: Name of an existing email filter profile.
FileFilterProfile string: File-Filter-Profile.
FirewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
Fsae string: Fsae. Valid values: disable, enable.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
IdentityBased string: Identity-Based. Valid values: disable, enable.
IdentityFrom string: Identity-From. Valid values: auth, device.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Label string: Label for the policy that appears when the GUI is in Section View mode.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
Natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
NpAccelation string: Np-Accelation. Valid values: disable, enable.
NpAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesGlobalHeaderPolicy6Id string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
PkgFolderPath string: Pkg Folder Path.
PolicyOffload string: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
Policyid float64: Policy ID (0 - 4294967294).
Poolname string: IP Pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
ReplacemsgGroup string: Replacemsg-Group.
ReplacemsgOverrideGroup string: Override the default replacement message group for this policy.
Rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
Schedule string: Schedule name.
SendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
SessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
SpamfilterProfile string: Spamfilter-Profile.
Srcaddr string: Source address and address group names.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
SslMirrorIntf string: SSL mirror interface name.
SslSshProfile string: Name of an existing SSL SSH profile.
SslvpnAuth string: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
SslvpnCcert string: Sslvpn-Ccert. Valid values: disable, enable.
SslvpnCipher string: Sslvpn-Cipher. Valid values: any, high, medium.
Status string: Enable or disable this policy. Valid values: disable, enable.
Tags string: Tags.
TcpMssReceiver float64: Receiver TCP maximum segment size (MSS).
TcpMssSender float64: Sender TCP maximum segment size (MSS).
TcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
TimeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
Tos string: ToS (Type of Service) value used for comparison.
TosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
TosNegate string: Enable negated TOS match. Valid values: disable, enable.
TrafficShaper string: Reverse traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategory string: URL category ID list.
Users string: Names of individual users that can authenticate with this policy.
UtmInspectionMode string: Utm-Inspection-Mode. Valid values: proxy, flow.
UtmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VlanCosFwd float64: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanCosRev float64: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanFilter string: Set VLAN filters.
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Web proxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock float64: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

pkg String: Package.
_policyBlock Double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
antiReplay String: Enable/disable anti-replay check. Valid values: disable, enable.
appCategory String: Application category ID list.
appGroup String: Application group names.
applicationCharts List<String>: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
applicationList String: Name of an existing Application list.
applications List<Double>: Application ID list.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
casiProfile String: Casi-Profile.
cgnLogServerGrp String: NP log server group name
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
customLogFields String: Log field index numbers to append custom log fields to log messages for this policy.
decryptedTrafficMirror String: Decrypted-Traffic-Mirror.
deepInspectionOptions String: Deep-Inspection-Options.
deviceDetectionPortal String: Device-Detection-Portal. Valid values: disable, enable.
devices String: Devices.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dscpMatch String: Dscp-Match. Valid values: disable, enable.
dscpNegate String: Dscp-Negate. Valid values: disable, enable.
dscpValue String: Dscp-Value.
dsri String: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr String: Destination address and address group names.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
dynamicProfile String: Dynamic-Profile. Valid values: disable, enable.
dynamicProfileAccesses List<String>: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
dynamicProfileGroup String: Dynamic-Profile-Group.
emailCollectionPortal String: Email-Collection-Portal. Valid values: disable, enable.
emailfilterProfile String: Name of an existing email filter profile.
fileFilterProfile String: File-Filter-Profile.
firewallSessionDirty String: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsae String: Fsae. Valid values: disable, enable.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
identityBased String: Identity-Based. Valid values: disable, enable.
identityFrom String: Identity-From. Valid values: auth, device.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
label String: Label for the policy that appears when the GUI is in Section View mode.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
natinbound String: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound String: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAccelation String: Np-Accelation. Valid values: disable, enable.
npAcceleration String: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesGlobalHeaderPolicy6Id String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
pkgFolderPath String: Pkg Folder Path.
policyOffload String: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
policyid Double: Policy ID (0 - 4294967294).
poolname String: IP Pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgGroup String: Replacemsg-Group.
replacemsgOverrideGroup String: Override the default replacement message group for this policy.
rsso String: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule String: Schedule name.
sendDenyPacket String: Enable/disable return of deny-packet. Valid values: disable, enable.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl String: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile String: Spamfilter-Profile.
srcaddr String: Source address and address group names.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror String: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntf String: SSL mirror interface name.
sslSshProfile String: Name of an existing SSL SSH profile.
sslvpnAuth String: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
sslvpnCcert String: Sslvpn-Ccert. Valid values: disable, enable.
sslvpnCipher String: Sslvpn-Cipher. Valid values: any, high, medium.
status String: Enable or disable this policy. Valid values: disable, enable.
tags String: Tags.
tcpMssReceiver Double: Receiver TCP maximum segment size (MSS).
tcpMssSender Double: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn String: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst String: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos String: ToS (Type of Service) value used for comparison.
tosMask String: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate String: Enable negated TOS match. Valid values: disable, enable.
trafficShaper String: Reverse traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategory String: URL category ID list.
users String: Names of individual users that can authenticate with this policy.
utmInspectionMode String: Utm-Inspection-Mode. Valid values: proxy, flow.
utmStatus String: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd Double: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev Double: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter String: Set VLAN filters.
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Web proxy forward server name.
webproxyProfile String: Webproxy profile name.

pkg string: Package.
_policyBlock number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
antiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
appCategory string: Application category ID list.
appGroup string: Application group names.
applicationCharts string[]: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
applicationList string: Name of an existing Application list.
applications number[]: Application ID list.
autoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile string: Name of an existing Antivirus profile.
casiProfile string: Casi-Profile.
cgnLogServerGrp string: NP log server group name
cifsProfile string: Name of an existing CIFS profile.
comments string: Comment.
customLogFields string: Log field index numbers to append custom log fields to log messages for this policy.
decryptedTrafficMirror string: Decrypted-Traffic-Mirror.
deepInspectionOptions string: Deep-Inspection-Options.
deviceDetectionPortal string: Device-Detection-Portal. Valid values: disable, enable.
devices string: Devices.
diffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward string: Change packet's DiffServ to this value.
diffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
dlpSensor string: Name of an existing DLP sensor.
dnsfilterProfile string: Name of an existing DNS filter profile.
dscpMatch string: Dscp-Match. Valid values: disable, enable.
dscpNegate string: Dscp-Negate. Valid values: disable, enable.
dscpValue string: Dscp-Value.
dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr string: Destination address and address group names.
dstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf string: Outgoing (egress) interface.
dynamicProfile string: Dynamic-Profile. Valid values: disable, enable.
dynamicProfileAccesses string[]: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
dynamicProfileGroup string: Dynamic-Profile-Group.
emailCollectionPortal string: Email-Collection-Portal. Valid values: disable, enable.
emailfilterProfile string: Name of an existing email filter profile.
fileFilterProfile string: File-Filter-Profile.
firewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsae string: Fsae. Valid values: disable, enable.
fssoGroups string: Names of FSSO groups.
globalLabel string: Label for the policy that appears when the GUI is in Global View mode.
groups string: Names of user groups that can authenticate with this policy.
httpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile string: Name of an existing ICAP profile.
identityBased string: Identity-Based. Valid values: disable, enable.
identityFrom string: Identity-From. Valid values: auth, device.
inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor string: Name of an existing IPS sensor.
label string: Label for the policy that appears when the GUI is in Section View mode.
logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
mmsProfile string: Name of an existing MMS profile.
name string: Policy name.
nat string: Enable/disable source NAT. Valid values: disable, enable.
natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAccelation string: Np-Accelation. Valid values: disable, enable.
npAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesGlobalHeaderPolicy6Id string: an identifier for the resource with format {{policyid}}.
perIpShaper string: Per-IP traffic shaper.
pkgFolderPath string: Pkg Folder Path.
policyOffload string: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
policyid number: Policy ID (0 - 4294967294).
poolname string: IP Pool names.
profileGroup string: Name of profile group.
profileProtocolOptions string: Name of an existing Protocol options profile.
profileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgGroup string: Replacemsg-Group.
replacemsgOverrideGroup string: Override the default replacement message group for this policy.
rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule string: Schedule name.
sendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
service string: Service and service group names.
serviceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile string: Spamfilter-Profile.
srcaddr string: Source address and address group names.
srcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf string: Incoming (ingress) interface.
sshFilterProfile string: Name of an existing SSH filter profile.
sshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntf string: SSL mirror interface name.
sslSshProfile string: Name of an existing SSL SSH profile.
sslvpnAuth string: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
sslvpnCcert string: Sslvpn-Ccert. Valid values: disable, enable.
sslvpnCipher string: Sslvpn-Cipher. Valid values: any, high, medium.
status string: Enable or disable this policy. Valid values: disable, enable.
tags string: Tags.
tcpMssReceiver number: Receiver TCP maximum segment size (MSS).
tcpMssSender number: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos string: ToS (Type of Service) value used for comparison.
tosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate string: Enable negated TOS match. Valid values: disable, enable.
trafficShaper string: Reverse traffic shaper.
trafficShaperReverse string: Reverse traffic shaper.
urlCategory string: URL category ID list.
users string: Names of individual users that can authenticate with this policy.
utmInspectionMode string: Utm-Inspection-Mode. Valid values: proxy, flow.
utmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd number: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev number: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter string: Set VLAN filters.
voipProfile string: Name of an existing VoIP profile.
vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile string: Name of an existing Web application firewall profile.
webcache string: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile string: Name of an existing Web filter profile.
webproxyForwardServer string: Web proxy forward server name.
webproxyProfile string: Webproxy profile name.

pkg str: Package.
_policy_block float: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action str: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
anti_replay str: Enable/disable anti-replay check. Valid values: disable, enable.
app_category str: Application category ID list.
app_group str: Application group names.
application_charts Sequence[str]: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
application_list str: Name of an existing Application list.
applications Sequence[float]: Application ID list.
auto_asic_offload str: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
av_profile str: Name of an existing Antivirus profile.
casi_profile str: Casi-Profile.
cgn_log_server_grp str: NP log server group name
cifs_profile str: Name of an existing CIFS profile.
comments str: Comment.
custom_log_fields str: Log field index numbers to append custom log fields to log messages for this policy.
decrypted_traffic_mirror str: Decrypted-Traffic-Mirror.
deep_inspection_options str: Deep-Inspection-Options.
device_detection_portal str: Device-Detection-Portal. Valid values: disable, enable.
devices str: Devices.
diffserv_forward str: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffserv_reverse str: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcode_forward str: Change packet's DiffServ to this value.
diffservcode_rev str: Change packet's reverse (reply) DiffServ to this value.
dlp_sensor str: Name of an existing DLP sensor.
dnsfilter_profile str: Name of an existing DNS filter profile.
dscp_match str: Dscp-Match. Valid values: disable, enable.
dscp_negate str: Dscp-Negate. Valid values: disable, enable.
dscp_value str: Dscp-Value.
dsri str: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr str: Destination address and address group names.
dstaddr_negate str: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf str: Outgoing (egress) interface.
dynamic_profile str: Dynamic-Profile. Valid values: disable, enable.
dynamic_profile_accesses Sequence[str]: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
dynamic_profile_group str: Dynamic-Profile-Group.
email_collection_portal str: Email-Collection-Portal. Valid values: disable, enable.
emailfilter_profile str: Name of an existing email filter profile.
file_filter_profile str: File-Filter-Profile.
firewall_session_dirty str: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport str: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsae str: Fsae. Valid values: disable, enable.
fsso_groups str: Names of FSSO groups.
global_label str: Label for the policy that appears when the GUI is in Global View mode.
groups str: Names of user groups that can authenticate with this policy.
http_policy_redirect str: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icap_profile str: Name of an existing ICAP profile.
identity_based str: Identity-Based. Valid values: disable, enable.
identity_from str: Identity-From. Valid values: auth, device.
inbound str: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspection_mode str: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool str: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ips_sensor str: Name of an existing IPS sensor.
label str: Label for the policy that appears when the GUI is in Section View mode.
logtraffic str: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtraffic_start str: Record logs when a session starts. Valid values: disable, enable.
mms_profile str: Name of an existing MMS profile.
name str: Policy name.
nat str: Enable/disable source NAT. Valid values: disable, enable.
natinbound str: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound str: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
np_accelation str: Np-Accelation. Valid values: disable, enable.
np_acceleration str: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound str: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packages_global_header_policy6_id str: an identifier for the resource with format {{policyid}}.
per_ip_shaper str: Per-IP traffic shaper.
pkg_folder_path str: Pkg Folder Path.
policy_offload str: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
policyid float: Policy ID (0 - 4294967294).
poolname str: IP Pool names.
profile_group str: Name of profile group.
profile_protocol_options str: Name of an existing Protocol options profile.
profile_type str: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsg_group str: Replacemsg-Group.
replacemsg_override_group str: Override the default replacement message group for this policy.
rsso str: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule str: Schedule name.
send_deny_packet str: Enable/disable return of deny-packet. Valid values: disable, enable.
service str: Service and service group names.
service_negate str: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
session_ttl str: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilter_profile str: Spamfilter-Profile.
srcaddr str: Source address and address group names.
srcaddr_negate str: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf str: Incoming (ingress) interface.
ssh_filter_profile str: Name of an existing SSH filter profile.
ssh_policy_redirect str: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
ssl_mirror str: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
ssl_mirror_intf str: SSL mirror interface name.
ssl_ssh_profile str: Name of an existing SSL SSH profile.
sslvpn_auth str: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
sslvpn_ccert str: Sslvpn-Ccert. Valid values: disable, enable.
sslvpn_cipher str: Sslvpn-Cipher. Valid values: any, high, medium.
status str: Enable or disable this policy. Valid values: disable, enable.
tags str: Tags.
tcp_mss_receiver float: Receiver TCP maximum segment size (MSS).
tcp_mss_sender float: Sender TCP maximum segment size (MSS).
tcp_session_without_syn str: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeout_send_rst str: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos str: ToS (Type of Service) value used for comparison.
tos_mask str: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tos_negate str: Enable negated TOS match. Valid values: disable, enable.
traffic_shaper str: Reverse traffic shaper.
traffic_shaper_reverse str: Reverse traffic shaper.
url_category str: URL category ID list.
users str: Names of individual users that can authenticate with this policy.
utm_inspection_mode str: Utm-Inspection-Mode. Valid values: proxy, flow.
utm_status str: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlan_cos_fwd float: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlan_cos_rev float: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlan_filter str: Set VLAN filters.
voip_profile str: Name of an existing VoIP profile.
vpntunnel str: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
waf_profile str: Name of an existing Web application firewall profile.
webcache str: Enable/disable web cache. Valid values: disable, enable.
webcache_https str: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilter_profile str: Name of an existing Web filter profile.
webproxy_forward_server str: Web proxy forward server name.
webproxy_profile str: Webproxy profile name.

pkg String: Package.
_policyBlock Number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
antiReplay String: Enable/disable anti-replay check. Valid values: disable, enable.
appCategory String: Application category ID list.
appGroup String: Application group names.
applicationCharts List<String>: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
applicationList String: Name of an existing Application list.
applications List<Number>: Application ID list.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
casiProfile String: Casi-Profile.
cgnLogServerGrp String: NP log server group name
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
customLogFields String: Log field index numbers to append custom log fields to log messages for this policy.
decryptedTrafficMirror String: Decrypted-Traffic-Mirror.
deepInspectionOptions String: Deep-Inspection-Options.
deviceDetectionPortal String: Device-Detection-Portal. Valid values: disable, enable.
devices String: Devices.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dscpMatch String: Dscp-Match. Valid values: disable, enable.
dscpNegate String: Dscp-Negate. Valid values: disable, enable.
dscpValue String: Dscp-Value.
dsri String: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr String: Destination address and address group names.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
dynamicProfile String: Dynamic-Profile. Valid values: disable, enable.
dynamicProfileAccesses List<String>: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
dynamicProfileGroup String: Dynamic-Profile-Group.
emailCollectionPortal String: Email-Collection-Portal. Valid values: disable, enable.
emailfilterProfile String: Name of an existing email filter profile.
fileFilterProfile String: File-Filter-Profile.
firewallSessionDirty String: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsae String: Fsae. Valid values: disable, enable.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
identityBased String: Identity-Based. Valid values: disable, enable.
identityFrom String: Identity-From. Valid values: auth, device.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
label String: Label for the policy that appears when the GUI is in Section View mode.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
natinbound String: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound String: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAccelation String: Np-Accelation. Valid values: disable, enable.
npAcceleration String: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesGlobalHeaderPolicy6Id String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
pkgFolderPath String: Pkg Folder Path.
policyOffload String: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
policyid Number: Policy ID (0 - 4294967294).
poolname String: IP Pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgGroup String: Replacemsg-Group.
replacemsgOverrideGroup String: Override the default replacement message group for this policy.
rsso String: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule String: Schedule name.
sendDenyPacket String: Enable/disable return of deny-packet. Valid values: disable, enable.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl String: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile String: Spamfilter-Profile.
srcaddr String: Source address and address group names.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror String: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntf String: SSL mirror interface name.
sslSshProfile String: Name of an existing SSL SSH profile.
sslvpnAuth String: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
sslvpnCcert String: Sslvpn-Ccert. Valid values: disable, enable.
sslvpnCipher String: Sslvpn-Cipher. Valid values: any, high, medium.
status String: Enable or disable this policy. Valid values: disable, enable.
tags String: Tags.
tcpMssReceiver Number: Receiver TCP maximum segment size (MSS).
tcpMssSender Number: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn String: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst String: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos String: ToS (Type of Service) value used for comparison.
tosMask String: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate String: Enable negated TOS match. Valid values: disable, enable.
trafficShaper String: Reverse traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategory String: URL category ID list.
users String: Names of individual users that can authenticate with this policy.
utmInspectionMode String: Utm-Inspection-Mode. Valid values: proxy, flow.
utmStatus String: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd Number: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev Number: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter String: Set VLAN filters.
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Web proxy forward server name.
webproxyProfile String: Webproxy profile name.

Outputs

All input properties are implicitly available as output properties. Additionally, the PackagesGlobalHeaderPolicy6 resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing PackagesGlobalHeaderPolicy6 Resource

Get an existing PackagesGlobalHeaderPolicy6 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PackagesGlobalHeaderPolicy6State, opts?: CustomResourceOptions): PackagesGlobalHeaderPolicy6

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _policy_block: Optional[float] = None,
        action: Optional[str] = None,
        anti_replay: Optional[str] = None,
        app_category: Optional[str] = None,
        app_group: Optional[str] = None,
        application_charts: Optional[Sequence[str]] = None,
        application_list: Optional[str] = None,
        applications: Optional[Sequence[float]] = None,
        auto_asic_offload: Optional[str] = None,
        av_profile: Optional[str] = None,
        casi_profile: Optional[str] = None,
        cgn_log_server_grp: Optional[str] = None,
        cifs_profile: Optional[str] = None,
        comments: Optional[str] = None,
        custom_log_fields: Optional[str] = None,
        decrypted_traffic_mirror: Optional[str] = None,
        deep_inspection_options: Optional[str] = None,
        device_detection_portal: Optional[str] = None,
        devices: Optional[str] = None,
        diffserv_forward: Optional[str] = None,
        diffserv_reverse: Optional[str] = None,
        diffservcode_forward: Optional[str] = None,
        diffservcode_rev: Optional[str] = None,
        dlp_sensor: Optional[str] = None,
        dnsfilter_profile: Optional[str] = None,
        dscp_match: Optional[str] = None,
        dscp_negate: Optional[str] = None,
        dscp_value: Optional[str] = None,
        dsri: Optional[str] = None,
        dstaddr: Optional[str] = None,
        dstaddr_negate: Optional[str] = None,
        dstintf: Optional[str] = None,
        dynamic_profile: Optional[str] = None,
        dynamic_profile_accesses: Optional[Sequence[str]] = None,
        dynamic_profile_group: Optional[str] = None,
        email_collection_portal: Optional[str] = None,
        emailfilter_profile: Optional[str] = None,
        file_filter_profile: Optional[str] = None,
        firewall_session_dirty: Optional[str] = None,
        fixedport: Optional[str] = None,
        fsae: Optional[str] = None,
        fsso_groups: Optional[str] = None,
        global_label: Optional[str] = None,
        groups: Optional[str] = None,
        http_policy_redirect: Optional[str] = None,
        icap_profile: Optional[str] = None,
        identity_based: Optional[str] = None,
        identity_from: Optional[str] = None,
        inbound: Optional[str] = None,
        inspection_mode: Optional[str] = None,
        ippool: Optional[str] = None,
        ips_sensor: Optional[str] = None,
        label: Optional[str] = None,
        logtraffic: Optional[str] = None,
        logtraffic_start: Optional[str] = None,
        mms_profile: Optional[str] = None,
        name: Optional[str] = None,
        nat: Optional[str] = None,
        natinbound: Optional[str] = None,
        natoutbound: Optional[str] = None,
        np_accelation: Optional[str] = None,
        np_acceleration: Optional[str] = None,
        outbound: Optional[str] = None,
        packages_global_header_policy6_id: Optional[str] = None,
        per_ip_shaper: Optional[str] = None,
        pkg: Optional[str] = None,
        pkg_folder_path: Optional[str] = None,
        policy_offload: Optional[str] = None,
        policyid: Optional[float] = None,
        poolname: Optional[str] = None,
        profile_group: Optional[str] = None,
        profile_protocol_options: Optional[str] = None,
        profile_type: Optional[str] = None,
        replacemsg_group: Optional[str] = None,
        replacemsg_override_group: Optional[str] = None,
        rsso: Optional[str] = None,
        schedule: Optional[str] = None,
        send_deny_packet: Optional[str] = None,
        service: Optional[str] = None,
        service_negate: Optional[str] = None,
        session_ttl: Optional[str] = None,
        spamfilter_profile: Optional[str] = None,
        srcaddr: Optional[str] = None,
        srcaddr_negate: Optional[str] = None,
        srcintf: Optional[str] = None,
        ssh_filter_profile: Optional[str] = None,
        ssh_policy_redirect: Optional[str] = None,
        ssl_mirror: Optional[str] = None,
        ssl_mirror_intf: Optional[str] = None,
        ssl_ssh_profile: Optional[str] = None,
        sslvpn_auth: Optional[str] = None,
        sslvpn_ccert: Optional[str] = None,
        sslvpn_cipher: Optional[str] = None,
        status: Optional[str] = None,
        tags: Optional[str] = None,
        tcp_mss_receiver: Optional[float] = None,
        tcp_mss_sender: Optional[float] = None,
        tcp_session_without_syn: Optional[str] = None,
        timeout_send_rst: Optional[str] = None,
        tos: Optional[str] = None,
        tos_mask: Optional[str] = None,
        tos_negate: Optional[str] = None,
        traffic_shaper: Optional[str] = None,
        traffic_shaper_reverse: Optional[str] = None,
        url_category: Optional[str] = None,
        users: Optional[str] = None,
        utm_inspection_mode: Optional[str] = None,
        utm_status: Optional[str] = None,
        uuid: Optional[str] = None,
        vlan_cos_fwd: Optional[float] = None,
        vlan_cos_rev: Optional[float] = None,
        vlan_filter: Optional[str] = None,
        voip_profile: Optional[str] = None,
        vpntunnel: Optional[str] = None,
        waf_profile: Optional[str] = None,
        webcache: Optional[str] = None,
        webcache_https: Optional[str] = None,
        webfilter_profile: Optional[str] = None,
        webproxy_forward_server: Optional[str] = None,
        webproxy_profile: Optional[str] = None) -> PackagesGlobalHeaderPolicy6

func GetPackagesGlobalHeaderPolicy6(ctx *Context, name string, id IDInput, state *PackagesGlobalHeaderPolicy6State, opts ...ResourceOption) (*PackagesGlobalHeaderPolicy6, error)

public static PackagesGlobalHeaderPolicy6 Get(string name, Input<string> id, PackagesGlobalHeaderPolicy6State? state, CustomResourceOptions? opts = null)

public static PackagesGlobalHeaderPolicy6 get(String name, Output<String> id, PackagesGlobalHeaderPolicy6State state, CustomResourceOptions options)

resources:  _:    type: fortimanager:PackagesGlobalHeaderPolicy6    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
AntiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
AppCategory string: Application category ID list.
AppGroup string: Application group names.
ApplicationCharts List<string>: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
ApplicationList string: Name of an existing Application list.
Applications List<double>: Application ID list.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CasiProfile string: Casi-Profile.
CgnLogServerGrp string: NP log server group name
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
CustomLogFields string: Log field index numbers to append custom log fields to log messages for this policy.
DecryptedTrafficMirror string: Decrypted-Traffic-Mirror.
DeepInspectionOptions string: Deep-Inspection-Options.
DeviceDetectionPortal string: Device-Detection-Portal. Valid values: disable, enable.
Devices string: Devices.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
DscpMatch string: Dscp-Match. Valid values: disable, enable.
DscpNegate string: Dscp-Negate. Valid values: disable, enable.
DscpValue string: Dscp-Value.
Dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
Dstaddr string: Destination address and address group names.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
DynamicProfile string: Dynamic-Profile. Valid values: disable, enable.
DynamicProfileAccesses List<string>: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
DynamicProfileGroup string: Dynamic-Profile-Group.
EmailCollectionPortal string: Email-Collection-Portal. Valid values: disable, enable.
EmailfilterProfile string: Name of an existing email filter profile.
FileFilterProfile string: File-Filter-Profile.
FirewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
Fsae string: Fsae. Valid values: disable, enable.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
IdentityBased string: Identity-Based. Valid values: disable, enable.
IdentityFrom string: Identity-From. Valid values: auth, device.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Label string: Label for the policy that appears when the GUI is in Section View mode.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
Natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
NpAccelation string: Np-Accelation. Valid values: disable, enable.
NpAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesGlobalHeaderPolicy6Id string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
Pkg string: Package.
PkgFolderPath string: Pkg Folder Path.
PolicyOffload string: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
Policyid double: Policy ID (0 - 4294967294).
Poolname string: IP Pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
ReplacemsgGroup string: Replacemsg-Group.
ReplacemsgOverrideGroup string: Override the default replacement message group for this policy.
Rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
Schedule string: Schedule name.
SendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
SessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
SpamfilterProfile string: Spamfilter-Profile.
Srcaddr string: Source address and address group names.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
SslMirrorIntf string: SSL mirror interface name.
SslSshProfile string: Name of an existing SSL SSH profile.
SslvpnAuth string: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
SslvpnCcert string: Sslvpn-Ccert. Valid values: disable, enable.
SslvpnCipher string: Sslvpn-Cipher. Valid values: any, high, medium.
Status string: Enable or disable this policy. Valid values: disable, enable.
Tags string: Tags.
TcpMssReceiver double: Receiver TCP maximum segment size (MSS).
TcpMssSender double: Sender TCP maximum segment size (MSS).
TcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
TimeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
Tos string: ToS (Type of Service) value used for comparison.
TosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
TosNegate string: Enable negated TOS match. Valid values: disable, enable.
TrafficShaper string: Reverse traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategory string: URL category ID list.
Users string: Names of individual users that can authenticate with this policy.
UtmInspectionMode string: Utm-Inspection-Mode. Valid values: proxy, flow.
UtmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VlanCosFwd double: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanCosRev double: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanFilter string: Set VLAN filters.
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Web proxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
AntiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
AppCategory string: Application category ID list.
AppGroup string: Application group names.
ApplicationCharts []string: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
ApplicationList string: Name of an existing Application list.
Applications []float64: Application ID list.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CasiProfile string: Casi-Profile.
CgnLogServerGrp string: NP log server group name
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
CustomLogFields string: Log field index numbers to append custom log fields to log messages for this policy.
DecryptedTrafficMirror string: Decrypted-Traffic-Mirror.
DeepInspectionOptions string: Deep-Inspection-Options.
DeviceDetectionPortal string: Device-Detection-Portal. Valid values: disable, enable.
Devices string: Devices.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
DscpMatch string: Dscp-Match. Valid values: disable, enable.
DscpNegate string: Dscp-Negate. Valid values: disable, enable.
DscpValue string: Dscp-Value.
Dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
Dstaddr string: Destination address and address group names.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstintf string: Outgoing (egress) interface.
DynamicProfile string: Dynamic-Profile. Valid values: disable, enable.
DynamicProfileAccesses []string: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
DynamicProfileGroup string: Dynamic-Profile-Group.
EmailCollectionPortal string: Email-Collection-Portal. Valid values: disable, enable.
EmailfilterProfile string: Name of an existing email filter profile.
FileFilterProfile string: File-Filter-Profile.
FirewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
Fsae string: Fsae. Valid values: disable, enable.
FssoGroups string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
IdentityBased string: Identity-Based. Valid values: disable, enable.
IdentityFrom string: Identity-From. Valid values: auth, device.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Label string: Label for the policy that appears when the GUI is in Section View mode.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
Natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
NpAccelation string: Np-Accelation. Valid values: disable, enable.
NpAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesGlobalHeaderPolicy6Id string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
Pkg string: Package.
PkgFolderPath string: Pkg Folder Path.
PolicyOffload string: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
Policyid float64: Policy ID (0 - 4294967294).
Poolname string: IP Pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
ReplacemsgGroup string: Replacemsg-Group.
ReplacemsgOverrideGroup string: Override the default replacement message group for this policy.
Rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
Schedule string: Schedule name.
SendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
Service string: Service and service group names.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
SessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
SpamfilterProfile string: Spamfilter-Profile.
Srcaddr string: Source address and address group names.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcintf string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
SslMirrorIntf string: SSL mirror interface name.
SslSshProfile string: Name of an existing SSL SSH profile.
SslvpnAuth string: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
SslvpnCcert string: Sslvpn-Ccert. Valid values: disable, enable.
SslvpnCipher string: Sslvpn-Cipher. Valid values: any, high, medium.
Status string: Enable or disable this policy. Valid values: disable, enable.
Tags string: Tags.
TcpMssReceiver float64: Receiver TCP maximum segment size (MSS).
TcpMssSender float64: Sender TCP maximum segment size (MSS).
TcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
TimeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
Tos string: ToS (Type of Service) value used for comparison.
TosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
TosNegate string: Enable negated TOS match. Valid values: disable, enable.
TrafficShaper string: Reverse traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategory string: URL category ID list.
Users string: Names of individual users that can authenticate with this policy.
UtmInspectionMode string: Utm-Inspection-Mode. Valid values: proxy, flow.
UtmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VlanCosFwd float64: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanCosRev float64: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanFilter string: Set VLAN filters.
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Web proxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock float64: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

_policyBlock Double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
antiReplay String: Enable/disable anti-replay check. Valid values: disable, enable.
appCategory String: Application category ID list.
appGroup String: Application group names.
applicationCharts List<String>: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
applicationList String: Name of an existing Application list.
applications List<Double>: Application ID list.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
casiProfile String: Casi-Profile.
cgnLogServerGrp String: NP log server group name
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
customLogFields String: Log field index numbers to append custom log fields to log messages for this policy.
decryptedTrafficMirror String: Decrypted-Traffic-Mirror.
deepInspectionOptions String: Deep-Inspection-Options.
deviceDetectionPortal String: Device-Detection-Portal. Valid values: disable, enable.
devices String: Devices.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dscpMatch String: Dscp-Match. Valid values: disable, enable.
dscpNegate String: Dscp-Negate. Valid values: disable, enable.
dscpValue String: Dscp-Value.
dsri String: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr String: Destination address and address group names.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
dynamicProfile String: Dynamic-Profile. Valid values: disable, enable.
dynamicProfileAccesses List<String>: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
dynamicProfileGroup String: Dynamic-Profile-Group.
emailCollectionPortal String: Email-Collection-Portal. Valid values: disable, enable.
emailfilterProfile String: Name of an existing email filter profile.
fileFilterProfile String: File-Filter-Profile.
firewallSessionDirty String: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsae String: Fsae. Valid values: disable, enable.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
identityBased String: Identity-Based. Valid values: disable, enable.
identityFrom String: Identity-From. Valid values: auth, device.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
label String: Label for the policy that appears when the GUI is in Section View mode.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
natinbound String: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound String: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAccelation String: Np-Accelation. Valid values: disable, enable.
npAcceleration String: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesGlobalHeaderPolicy6Id String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
pkg String: Package.
pkgFolderPath String: Pkg Folder Path.
policyOffload String: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
policyid Double: Policy ID (0 - 4294967294).
poolname String: IP Pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgGroup String: Replacemsg-Group.
replacemsgOverrideGroup String: Override the default replacement message group for this policy.
rsso String: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule String: Schedule name.
sendDenyPacket String: Enable/disable return of deny-packet. Valid values: disable, enable.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl String: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile String: Spamfilter-Profile.
srcaddr String: Source address and address group names.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror String: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntf String: SSL mirror interface name.
sslSshProfile String: Name of an existing SSL SSH profile.
sslvpnAuth String: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
sslvpnCcert String: Sslvpn-Ccert. Valid values: disable, enable.
sslvpnCipher String: Sslvpn-Cipher. Valid values: any, high, medium.
status String: Enable or disable this policy. Valid values: disable, enable.
tags String: Tags.
tcpMssReceiver Double: Receiver TCP maximum segment size (MSS).
tcpMssSender Double: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn String: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst String: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos String: ToS (Type of Service) value used for comparison.
tosMask String: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate String: Enable negated TOS match. Valid values: disable, enable.
trafficShaper String: Reverse traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategory String: URL category ID list.
users String: Names of individual users that can authenticate with this policy.
utmInspectionMode String: Utm-Inspection-Mode. Valid values: proxy, flow.
utmStatus String: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd Double: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev Double: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter String: Set VLAN filters.
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Web proxy forward server name.
webproxyProfile String: Webproxy profile name.

_policyBlock number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
antiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
appCategory string: Application category ID list.
appGroup string: Application group names.
applicationCharts string[]: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
applicationList string: Name of an existing Application list.
applications number[]: Application ID list.
autoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile string: Name of an existing Antivirus profile.
casiProfile string: Casi-Profile.
cgnLogServerGrp string: NP log server group name
cifsProfile string: Name of an existing CIFS profile.
comments string: Comment.
customLogFields string: Log field index numbers to append custom log fields to log messages for this policy.
decryptedTrafficMirror string: Decrypted-Traffic-Mirror.
deepInspectionOptions string: Deep-Inspection-Options.
deviceDetectionPortal string: Device-Detection-Portal. Valid values: disable, enable.
devices string: Devices.
diffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward string: Change packet's DiffServ to this value.
diffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
dlpSensor string: Name of an existing DLP sensor.
dnsfilterProfile string: Name of an existing DNS filter profile.
dscpMatch string: Dscp-Match. Valid values: disable, enable.
dscpNegate string: Dscp-Negate. Valid values: disable, enable.
dscpValue string: Dscp-Value.
dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr string: Destination address and address group names.
dstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf string: Outgoing (egress) interface.
dynamicProfile string: Dynamic-Profile. Valid values: disable, enable.
dynamicProfileAccesses string[]: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
dynamicProfileGroup string: Dynamic-Profile-Group.
emailCollectionPortal string: Email-Collection-Portal. Valid values: disable, enable.
emailfilterProfile string: Name of an existing email filter profile.
fileFilterProfile string: File-Filter-Profile.
firewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsae string: Fsae. Valid values: disable, enable.
fssoGroups string: Names of FSSO groups.
globalLabel string: Label for the policy that appears when the GUI is in Global View mode.
groups string: Names of user groups that can authenticate with this policy.
httpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile string: Name of an existing ICAP profile.
identityBased string: Identity-Based. Valid values: disable, enable.
identityFrom string: Identity-From. Valid values: auth, device.
inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor string: Name of an existing IPS sensor.
label string: Label for the policy that appears when the GUI is in Section View mode.
logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
mmsProfile string: Name of an existing MMS profile.
name string: Policy name.
nat string: Enable/disable source NAT. Valid values: disable, enable.
natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAccelation string: Np-Accelation. Valid values: disable, enable.
npAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesGlobalHeaderPolicy6Id string: an identifier for the resource with format {{policyid}}.
perIpShaper string: Per-IP traffic shaper.
pkg string: Package.
pkgFolderPath string: Pkg Folder Path.
policyOffload string: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
policyid number: Policy ID (0 - 4294967294).
poolname string: IP Pool names.
profileGroup string: Name of profile group.
profileProtocolOptions string: Name of an existing Protocol options profile.
profileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgGroup string: Replacemsg-Group.
replacemsgOverrideGroup string: Override the default replacement message group for this policy.
rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule string: Schedule name.
sendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
service string: Service and service group names.
serviceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile string: Spamfilter-Profile.
srcaddr string: Source address and address group names.
srcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf string: Incoming (ingress) interface.
sshFilterProfile string: Name of an existing SSH filter profile.
sshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntf string: SSL mirror interface name.
sslSshProfile string: Name of an existing SSL SSH profile.
sslvpnAuth string: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
sslvpnCcert string: Sslvpn-Ccert. Valid values: disable, enable.
sslvpnCipher string: Sslvpn-Cipher. Valid values: any, high, medium.
status string: Enable or disable this policy. Valid values: disable, enable.
tags string: Tags.
tcpMssReceiver number: Receiver TCP maximum segment size (MSS).
tcpMssSender number: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos string: ToS (Type of Service) value used for comparison.
tosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate string: Enable negated TOS match. Valid values: disable, enable.
trafficShaper string: Reverse traffic shaper.
trafficShaperReverse string: Reverse traffic shaper.
urlCategory string: URL category ID list.
users string: Names of individual users that can authenticate with this policy.
utmInspectionMode string: Utm-Inspection-Mode. Valid values: proxy, flow.
utmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd number: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev number: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter string: Set VLAN filters.
voipProfile string: Name of an existing VoIP profile.
vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile string: Name of an existing Web application firewall profile.
webcache string: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile string: Name of an existing Web filter profile.
webproxyForwardServer string: Web proxy forward server name.
webproxyProfile string: Webproxy profile name.

_policy_block float: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action str: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
anti_replay str: Enable/disable anti-replay check. Valid values: disable, enable.
app_category str: Application category ID list.
app_group str: Application group names.
application_charts Sequence[str]: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
application_list str: Name of an existing Application list.
applications Sequence[float]: Application ID list.
auto_asic_offload str: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
av_profile str: Name of an existing Antivirus profile.
casi_profile str: Casi-Profile.
cgn_log_server_grp str: NP log server group name
cifs_profile str: Name of an existing CIFS profile.
comments str: Comment.
custom_log_fields str: Log field index numbers to append custom log fields to log messages for this policy.
decrypted_traffic_mirror str: Decrypted-Traffic-Mirror.
deep_inspection_options str: Deep-Inspection-Options.
device_detection_portal str: Device-Detection-Portal. Valid values: disable, enable.
devices str: Devices.
diffserv_forward str: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffserv_reverse str: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcode_forward str: Change packet's DiffServ to this value.
diffservcode_rev str: Change packet's reverse (reply) DiffServ to this value.
dlp_sensor str: Name of an existing DLP sensor.
dnsfilter_profile str: Name of an existing DNS filter profile.
dscp_match str: Dscp-Match. Valid values: disable, enable.
dscp_negate str: Dscp-Negate. Valid values: disable, enable.
dscp_value str: Dscp-Value.
dsri str: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr str: Destination address and address group names.
dstaddr_negate str: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf str: Outgoing (egress) interface.
dynamic_profile str: Dynamic-Profile. Valid values: disable, enable.
dynamic_profile_accesses Sequence[str]: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
dynamic_profile_group str: Dynamic-Profile-Group.
email_collection_portal str: Email-Collection-Portal. Valid values: disable, enable.
emailfilter_profile str: Name of an existing email filter profile.
file_filter_profile str: File-Filter-Profile.
firewall_session_dirty str: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport str: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsae str: Fsae. Valid values: disable, enable.
fsso_groups str: Names of FSSO groups.
global_label str: Label for the policy that appears when the GUI is in Global View mode.
groups str: Names of user groups that can authenticate with this policy.
http_policy_redirect str: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icap_profile str: Name of an existing ICAP profile.
identity_based str: Identity-Based. Valid values: disable, enable.
identity_from str: Identity-From. Valid values: auth, device.
inbound str: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspection_mode str: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool str: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ips_sensor str: Name of an existing IPS sensor.
label str: Label for the policy that appears when the GUI is in Section View mode.
logtraffic str: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtraffic_start str: Record logs when a session starts. Valid values: disable, enable.
mms_profile str: Name of an existing MMS profile.
name str: Policy name.
nat str: Enable/disable source NAT. Valid values: disable, enable.
natinbound str: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound str: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
np_accelation str: Np-Accelation. Valid values: disable, enable.
np_acceleration str: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound str: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packages_global_header_policy6_id str: an identifier for the resource with format {{policyid}}.
per_ip_shaper str: Per-IP traffic shaper.
pkg str: Package.
pkg_folder_path str: Pkg Folder Path.
policy_offload str: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
policyid float: Policy ID (0 - 4294967294).
poolname str: IP Pool names.
profile_group str: Name of profile group.
profile_protocol_options str: Name of an existing Protocol options profile.
profile_type str: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsg_group str: Replacemsg-Group.
replacemsg_override_group str: Override the default replacement message group for this policy.
rsso str: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule str: Schedule name.
send_deny_packet str: Enable/disable return of deny-packet. Valid values: disable, enable.
service str: Service and service group names.
service_negate str: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
session_ttl str: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilter_profile str: Spamfilter-Profile.
srcaddr str: Source address and address group names.
srcaddr_negate str: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf str: Incoming (ingress) interface.
ssh_filter_profile str: Name of an existing SSH filter profile.
ssh_policy_redirect str: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
ssl_mirror str: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
ssl_mirror_intf str: SSL mirror interface name.
ssl_ssh_profile str: Name of an existing SSL SSH profile.
sslvpn_auth str: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
sslvpn_ccert str: Sslvpn-Ccert. Valid values: disable, enable.
sslvpn_cipher str: Sslvpn-Cipher. Valid values: any, high, medium.
status str: Enable or disable this policy. Valid values: disable, enable.
tags str: Tags.
tcp_mss_receiver float: Receiver TCP maximum segment size (MSS).
tcp_mss_sender float: Sender TCP maximum segment size (MSS).
tcp_session_without_syn str: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeout_send_rst str: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos str: ToS (Type of Service) value used for comparison.
tos_mask str: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tos_negate str: Enable negated TOS match. Valid values: disable, enable.
traffic_shaper str: Reverse traffic shaper.
traffic_shaper_reverse str: Reverse traffic shaper.
url_category str: URL category ID list.
users str: Names of individual users that can authenticate with this policy.
utm_inspection_mode str: Utm-Inspection-Mode. Valid values: proxy, flow.
utm_status str: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlan_cos_fwd float: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlan_cos_rev float: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlan_filter str: Set VLAN filters.
voip_profile str: Name of an existing VoIP profile.
vpntunnel str: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
waf_profile str: Name of an existing Web application firewall profile.
webcache str: Enable/disable web cache. Valid values: disable, enable.
webcache_https str: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilter_profile str: Name of an existing Web filter profile.
webproxy_forward_server str: Web proxy forward server name.
webproxy_profile str: Webproxy profile name.

_policyBlock Number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
antiReplay String: Enable/disable anti-replay check. Valid values: disable, enable.
appCategory String: Application category ID list.
appGroup String: Application group names.
applicationCharts List<String>: Application-Charts. Valid values: top10-app, top10-p2p-user, top10-media-user.
applicationList String: Name of an existing Application list.
applications List<Number>: Application ID list.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
casiProfile String: Casi-Profile.
cgnLogServerGrp String: NP log server group name
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
customLogFields String: Log field index numbers to append custom log fields to log messages for this policy.
decryptedTrafficMirror String: Decrypted-Traffic-Mirror.
deepInspectionOptions String: Deep-Inspection-Options.
deviceDetectionPortal String: Device-Detection-Portal. Valid values: disable, enable.
devices String: Devices.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dscpMatch String: Dscp-Match. Valid values: disable, enable.
dscpNegate String: Dscp-Negate. Valid values: disable, enable.
dscpValue String: Dscp-Value.
dsri String: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr String: Destination address and address group names.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstintf String: Outgoing (egress) interface.
dynamicProfile String: Dynamic-Profile. Valid values: disable, enable.
dynamicProfileAccesses List<String>: Dynamic-Profile-Access. Valid values: imap, smtp, pop3, http, ftp, im, nntp, imaps, smtps, pop3s, https, ftps.
dynamicProfileGroup String: Dynamic-Profile-Group.
emailCollectionPortal String: Email-Collection-Portal. Valid values: disable, enable.
emailfilterProfile String: Name of an existing email filter profile.
fileFilterProfile String: File-Filter-Profile.
firewallSessionDirty String: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsae String: Fsae. Valid values: disable, enable.
fssoGroups String: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups String: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
identityBased String: Identity-Based. Valid values: disable, enable.
identityFrom String: Identity-From. Valid values: auth, device.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
label String: Label for the policy that appears when the GUI is in Section View mode.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
natinbound String: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound String: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAccelation String: Np-Accelation. Valid values: disable, enable.
npAcceleration String: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesGlobalHeaderPolicy6Id String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
pkg String: Package.
pkgFolderPath String: Pkg Folder Path.
policyOffload String: Enable/disable offloading policy configuration to CP processors. Valid values: disable, enable.
policyid Number: Policy ID (0 - 4294967294).
poolname String: IP Pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgGroup String: Replacemsg-Group.
replacemsgOverrideGroup String: Override the default replacement message group for this policy.
rsso String: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule String: Schedule name.
sendDenyPacket String: Enable/disable return of deny-packet. Valid values: disable, enable.
service String: Service and service group names.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
sessionTtl String: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile String: Spamfilter-Profile.
srcaddr String: Source address and address group names.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcintf String: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror String: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntf String: SSL mirror interface name.
sslSshProfile String: Name of an existing SSL SSH profile.
sslvpnAuth String: Sslvpn-Auth. Valid values: any, local, radius, ldap, tacacs+.
sslvpnCcert String: Sslvpn-Ccert. Valid values: disable, enable.
sslvpnCipher String: Sslvpn-Cipher. Valid values: any, high, medium.
status String: Enable or disable this policy. Valid values: disable, enable.
tags String: Tags.
tcpMssReceiver Number: Receiver TCP maximum segment size (MSS).
tcpMssSender Number: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn String: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst String: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos String: ToS (Type of Service) value used for comparison.
tosMask String: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate String: Enable negated TOS match. Valid values: disable, enable.
trafficShaper String: Reverse traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategory String: URL category ID list.
users String: Names of individual users that can authenticate with this policy.
utmInspectionMode String: Utm-Inspection-Mode. Valid values: proxy, flow.
utmStatus String: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd Number: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev Number: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter String: Set VLAN filters.
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Web proxy forward server name.
webproxyProfile String: Webproxy profile name.

Import

Packages GlobalHeaderPolicy6 can be imported using any of these accepted formats:

Set import_options = [“pkg_folder_path=YOUR_VALUE”, “pkg=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/packagesGlobalHeaderPolicy6:PackagesGlobalHeaderPolicy6 labelname {{policyid}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesGlobalHeaderPolicy6

On this page

On this page

Example Usage

Create PackagesGlobalHeaderPolicy6 Resource

Constructor syntax

Parameters

Constructor example

PackagesGlobalHeaderPolicy6 Resource Properties

Inputs

Outputs

Look up Existing PackagesGlobalHeaderPolicy6 Resource

Import

Package Details

On this page

On this page