fortimanager 1.13.0, Mar 13 25

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesPblockFirewallPolicy6

Explore with Pulumi AI

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

Create PackagesPblockFirewallPolicy6 Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PackagesPblockFirewallPolicy6(name: string, args: PackagesPblockFirewallPolicy6Args, opts?: CustomResourceOptions);

@overload
def PackagesPblockFirewallPolicy6(resource_name: str,
                                  args: PackagesPblockFirewallPolicy6Args,
                                  opts: Optional[ResourceOptions] = None)

@overload
def PackagesPblockFirewallPolicy6(resource_name: str,
                                  opts: Optional[ResourceOptions] = None,
                                  pblock: Optional[str] = None,
                                  outbound: Optional[str] = None,
                                  auto_asic_offload: Optional[str] = None,
                                  anti_replay: Optional[str] = None,
                                  _policy_block: Optional[float] = None,
                                  app_groups: Optional[Sequence[str]] = None,
                                  application_list: Optional[str] = None,
                                  applications: Optional[Sequence[float]] = None,
                                  packages_pblock_firewall_policy6_id: Optional[str] = None,
                                  av_profile: Optional[str] = None,
                                  cgn_log_server_grp: Optional[str] = None,
                                  cifs_profile: Optional[str] = None,
                                  comments: Optional[str] = None,
                                  custom_log_fields: Optional[Sequence[str]] = None,
                                  devices: Optional[Sequence[str]] = None,
                                  diffserv_forward: Optional[str] = None,
                                  diffserv_reverse: Optional[str] = None,
                                  diffservcode_forward: Optional[str] = None,
                                  diffservcode_rev: Optional[str] = None,
                                  dlp_sensor: Optional[str] = None,
                                  dnsfilter_profile: Optional[str] = None,
                                  dscp_match: Optional[str] = None,
                                  dscp_negate: Optional[str] = None,
                                  dscp_value: Optional[str] = None,
                                  dsri: Optional[str] = None,
                                  dstaddr_negate: Optional[str] = None,
                                  dstaddrs: Optional[Sequence[str]] = None,
                                  dstintfs: Optional[Sequence[str]] = None,
                                  emailfilter_profile: Optional[str] = None,
                                  firewall_session_dirty: Optional[str] = None,
                                  action: Optional[str] = None,
                                  fsso_groups: Optional[Sequence[str]] = None,
                                  global_label: Optional[str] = None,
                                  groups: Optional[Sequence[str]] = None,
                                  http_policy_redirect: Optional[str] = None,
                                  icap_profile: Optional[str] = None,
                                  inbound: Optional[str] = None,
                                  inspection_mode: Optional[str] = None,
                                  ippool: Optional[str] = None,
                                  ips_sensor: Optional[str] = None,
                                  label: Optional[str] = None,
                                  logtraffic: Optional[str] = None,
                                  logtraffic_start: Optional[str] = None,
                                  mms_profile: Optional[str] = None,
                                  name: Optional[str] = None,
                                  nat: Optional[str] = None,
                                  natinbound: Optional[str] = None,
                                  natoutbound: Optional[str] = None,
                                  np_acceleration: Optional[str] = None,
                                  app_categories: Optional[Sequence[str]] = None,
                                  adom: Optional[str] = None,
                                  fixedport: Optional[str] = None,
                                  per_ip_shaper: Optional[str] = None,
                                  policy_offload: Optional[str] = None,
                                  poolnames: Optional[Sequence[str]] = None,
                                  profile_group: Optional[str] = None,
                                  profile_protocol_options: Optional[str] = None,
                                  profile_type: Optional[str] = None,
                                  replacemsg_override_group: Optional[str] = None,
                                  rsso: Optional[str] = None,
                                  schedule: Optional[str] = None,
                                  scopetype: Optional[str] = None,
                                  send_deny_packet: Optional[str] = None,
                                  service_negate: Optional[str] = None,
                                  services: Optional[Sequence[str]] = None,
                                  session_ttl: Optional[str] = None,
                                  spamfilter_profile: Optional[str] = None,
                                  srcaddr_negate: Optional[str] = None,
                                  srcaddrs: Optional[Sequence[str]] = None,
                                  srcintfs: Optional[Sequence[str]] = None,
                                  ssh_filter_profile: Optional[str] = None,
                                  ssh_policy_redirect: Optional[str] = None,
                                  ssl_mirror: Optional[str] = None,
                                  ssl_mirror_intfs: Optional[Sequence[str]] = None,
                                  ssl_ssh_profile: Optional[str] = None,
                                  status: Optional[str] = None,
                                  tcp_mss_receiver: Optional[float] = None,
                                  tcp_mss_sender: Optional[float] = None,
                                  tcp_session_without_syn: Optional[str] = None,
                                  timeout_send_rst: Optional[str] = None,
                                  tos: Optional[str] = None,
                                  tos_mask: Optional[str] = None,
                                  tos_negate: Optional[str] = None,
                                  traffic_shaper: Optional[str] = None,
                                  traffic_shaper_reverse: Optional[str] = None,
                                  url_categories: Optional[Sequence[str]] = None,
                                  users: Optional[Sequence[str]] = None,
                                  utm_status: Optional[str] = None,
                                  uuid: Optional[str] = None,
                                  vlan_cos_fwd: Optional[float] = None,
                                  vlan_cos_rev: Optional[float] = None,
                                  vlan_filter: Optional[str] = None,
                                  voip_profile: Optional[str] = None,
                                  vpntunnel: Optional[str] = None,
                                  waf_profile: Optional[str] = None,
                                  webcache: Optional[str] = None,
                                  webcache_https: Optional[str] = None,
                                  webfilter_profile: Optional[str] = None,
                                  webproxy_forward_server: Optional[str] = None,
                                  webproxy_profile: Optional[str] = None)

func NewPackagesPblockFirewallPolicy6(ctx *Context, name string, args PackagesPblockFirewallPolicy6Args, opts ...ResourceOption) (*PackagesPblockFirewallPolicy6, error)

public PackagesPblockFirewallPolicy6(string name, PackagesPblockFirewallPolicy6Args args, CustomResourceOptions? opts = null)

public PackagesPblockFirewallPolicy6(String name, PackagesPblockFirewallPolicy6Args args)
public PackagesPblockFirewallPolicy6(String name, PackagesPblockFirewallPolicy6Args args, CustomResourceOptions options)

type: fortimanager:PackagesPblockFirewallPolicy6
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PackagesPblockFirewallPolicy6Args: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PackagesPblockFirewallPolicy6Args: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PackagesPblockFirewallPolicy6Args: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PackagesPblockFirewallPolicy6Args: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PackagesPblockFirewallPolicy6Args: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var packagesPblockFirewallPolicy6Resource = new Fortimanager.PackagesPblockFirewallPolicy6("packagesPblockFirewallPolicy6Resource", new()
{
    Pblock = "string",
    Outbound = "string",
    AutoAsicOffload = "string",
    AntiReplay = "string",
    _policyBlock = 0,
    AppGroups = new[]
    {
        "string",
    },
    ApplicationList = "string",
    Applications = new[]
    {
        0,
    },
    PackagesPblockFirewallPolicy6Id = "string",
    AvProfile = "string",
    CgnLogServerGrp = "string",
    CifsProfile = "string",
    Comments = "string",
    CustomLogFields = new[]
    {
        "string",
    },
    Devices = new[]
    {
        "string",
    },
    DiffservForward = "string",
    DiffservReverse = "string",
    DiffservcodeForward = "string",
    DiffservcodeRev = "string",
    DlpSensor = "string",
    DnsfilterProfile = "string",
    DscpMatch = "string",
    DscpNegate = "string",
    DscpValue = "string",
    Dsri = "string",
    DstaddrNegate = "string",
    Dstaddrs = new[]
    {
        "string",
    },
    Dstintfs = new[]
    {
        "string",
    },
    EmailfilterProfile = "string",
    FirewallSessionDirty = "string",
    Action = "string",
    FssoGroups = new[]
    {
        "string",
    },
    GlobalLabel = "string",
    Groups = new[]
    {
        "string",
    },
    HttpPolicyRedirect = "string",
    IcapProfile = "string",
    Inbound = "string",
    InspectionMode = "string",
    Ippool = "string",
    IpsSensor = "string",
    Label = "string",
    Logtraffic = "string",
    LogtrafficStart = "string",
    MmsProfile = "string",
    Name = "string",
    Nat = "string",
    Natinbound = "string",
    Natoutbound = "string",
    NpAcceleration = "string",
    AppCategories = new[]
    {
        "string",
    },
    Adom = "string",
    Fixedport = "string",
    PerIpShaper = "string",
    PolicyOffload = "string",
    Poolnames = new[]
    {
        "string",
    },
    ProfileGroup = "string",
    ProfileProtocolOptions = "string",
    ProfileType = "string",
    ReplacemsgOverrideGroup = "string",
    Rsso = "string",
    Schedule = "string",
    Scopetype = "string",
    SendDenyPacket = "string",
    ServiceNegate = "string",
    Services = new[]
    {
        "string",
    },
    SessionTtl = "string",
    SpamfilterProfile = "string",
    SrcaddrNegate = "string",
    Srcaddrs = new[]
    {
        "string",
    },
    Srcintfs = new[]
    {
        "string",
    },
    SshFilterProfile = "string",
    SshPolicyRedirect = "string",
    SslMirror = "string",
    SslMirrorIntfs = new[]
    {
        "string",
    },
    SslSshProfile = "string",
    Status = "string",
    TcpMssReceiver = 0,
    TcpMssSender = 0,
    TcpSessionWithoutSyn = "string",
    TimeoutSendRst = "string",
    Tos = "string",
    TosMask = "string",
    TosNegate = "string",
    TrafficShaper = "string",
    TrafficShaperReverse = "string",
    UrlCategories = new[]
    {
        "string",
    },
    Users = new[]
    {
        "string",
    },
    UtmStatus = "string",
    Uuid = "string",
    VlanCosFwd = 0,
    VlanCosRev = 0,
    VlanFilter = "string",
    VoipProfile = "string",
    Vpntunnel = "string",
    WafProfile = "string",
    Webcache = "string",
    WebcacheHttps = "string",
    WebfilterProfile = "string",
    WebproxyForwardServer = "string",
    WebproxyProfile = "string",
});

example, err := fortimanager.NewPackagesPblockFirewallPolicy6(ctx, "packagesPblockFirewallPolicy6Resource", &fortimanager.PackagesPblockFirewallPolicy6Args{
Pblock: pulumi.String("string"),
Outbound: pulumi.String("string"),
AutoAsicOffload: pulumi.String("string"),
AntiReplay: pulumi.String("string"),
_policyBlock: pulumi.Float64(0),
AppGroups: pulumi.StringArray{
pulumi.String("string"),
},
ApplicationList: pulumi.String("string"),
Applications: pulumi.Float64Array{
pulumi.Float64(0),
},
PackagesPblockFirewallPolicy6Id: pulumi.String("string"),
AvProfile: pulumi.String("string"),
CgnLogServerGrp: pulumi.String("string"),
CifsProfile: pulumi.String("string"),
Comments: pulumi.String("string"),
CustomLogFields: pulumi.StringArray{
pulumi.String("string"),
},
Devices: pulumi.StringArray{
pulumi.String("string"),
},
DiffservForward: pulumi.String("string"),
DiffservReverse: pulumi.String("string"),
DiffservcodeForward: pulumi.String("string"),
DiffservcodeRev: pulumi.String("string"),
DlpSensor: pulumi.String("string"),
DnsfilterProfile: pulumi.String("string"),
DscpMatch: pulumi.String("string"),
DscpNegate: pulumi.String("string"),
DscpValue: pulumi.String("string"),
Dsri: pulumi.String("string"),
DstaddrNegate: pulumi.String("string"),
Dstaddrs: pulumi.StringArray{
pulumi.String("string"),
},
Dstintfs: pulumi.StringArray{
pulumi.String("string"),
},
EmailfilterProfile: pulumi.String("string"),
FirewallSessionDirty: pulumi.String("string"),
Action: pulumi.String("string"),
FssoGroups: pulumi.StringArray{
pulumi.String("string"),
},
GlobalLabel: pulumi.String("string"),
Groups: pulumi.StringArray{
pulumi.String("string"),
},
HttpPolicyRedirect: pulumi.String("string"),
IcapProfile: pulumi.String("string"),
Inbound: pulumi.String("string"),
InspectionMode: pulumi.String("string"),
Ippool: pulumi.String("string"),
IpsSensor: pulumi.String("string"),
Label: pulumi.String("string"),
Logtraffic: pulumi.String("string"),
LogtrafficStart: pulumi.String("string"),
MmsProfile: pulumi.String("string"),
Name: pulumi.String("string"),
Nat: pulumi.String("string"),
Natinbound: pulumi.String("string"),
Natoutbound: pulumi.String("string"),
NpAcceleration: pulumi.String("string"),
AppCategories: pulumi.StringArray{
pulumi.String("string"),
},
Adom: pulumi.String("string"),
Fixedport: pulumi.String("string"),
PerIpShaper: pulumi.String("string"),
PolicyOffload: pulumi.String("string"),
Poolnames: pulumi.StringArray{
pulumi.String("string"),
},
ProfileGroup: pulumi.String("string"),
ProfileProtocolOptions: pulumi.String("string"),
ProfileType: pulumi.String("string"),
ReplacemsgOverrideGroup: pulumi.String("string"),
Rsso: pulumi.String("string"),
Schedule: pulumi.String("string"),
Scopetype: pulumi.String("string"),
SendDenyPacket: pulumi.String("string"),
ServiceNegate: pulumi.String("string"),
Services: pulumi.StringArray{
pulumi.String("string"),
},
SessionTtl: pulumi.String("string"),
SpamfilterProfile: pulumi.String("string"),
SrcaddrNegate: pulumi.String("string"),
Srcaddrs: pulumi.StringArray{
pulumi.String("string"),
},
Srcintfs: pulumi.StringArray{
pulumi.String("string"),
},
SshFilterProfile: pulumi.String("string"),
SshPolicyRedirect: pulumi.String("string"),
SslMirror: pulumi.String("string"),
SslMirrorIntfs: pulumi.StringArray{
pulumi.String("string"),
},
SslSshProfile: pulumi.String("string"),
Status: pulumi.String("string"),
TcpMssReceiver: pulumi.Float64(0),
TcpMssSender: pulumi.Float64(0),
TcpSessionWithoutSyn: pulumi.String("string"),
TimeoutSendRst: pulumi.String("string"),
Tos: pulumi.String("string"),
TosMask: pulumi.String("string"),
TosNegate: pulumi.String("string"),
TrafficShaper: pulumi.String("string"),
TrafficShaperReverse: pulumi.String("string"),
UrlCategories: pulumi.StringArray{
pulumi.String("string"),
},
Users: pulumi.StringArray{
pulumi.String("string"),
},
UtmStatus: pulumi.String("string"),
Uuid: pulumi.String("string"),
VlanCosFwd: pulumi.Float64(0),
VlanCosRev: pulumi.Float64(0),
VlanFilter: pulumi.String("string"),
VoipProfile: pulumi.String("string"),
Vpntunnel: pulumi.String("string"),
WafProfile: pulumi.String("string"),
Webcache: pulumi.String("string"),
WebcacheHttps: pulumi.String("string"),
WebfilterProfile: pulumi.String("string"),
WebproxyForwardServer: pulumi.String("string"),
WebproxyProfile: pulumi.String("string"),
})

var packagesPblockFirewallPolicy6Resource = new PackagesPblockFirewallPolicy6("packagesPblockFirewallPolicy6Resource", PackagesPblockFirewallPolicy6Args.builder()
    .pblock("string")
    .outbound("string")
    .autoAsicOffload("string")
    .antiReplay("string")
    ._policyBlock(0)
    .appGroups("string")
    .applicationList("string")
    .applications(0)
    .packagesPblockFirewallPolicy6Id("string")
    .avProfile("string")
    .cgnLogServerGrp("string")
    .cifsProfile("string")
    .comments("string")
    .customLogFields("string")
    .devices("string")
    .diffservForward("string")
    .diffservReverse("string")
    .diffservcodeForward("string")
    .diffservcodeRev("string")
    .dlpSensor("string")
    .dnsfilterProfile("string")
    .dscpMatch("string")
    .dscpNegate("string")
    .dscpValue("string")
    .dsri("string")
    .dstaddrNegate("string")
    .dstaddrs("string")
    .dstintfs("string")
    .emailfilterProfile("string")
    .firewallSessionDirty("string")
    .action("string")
    .fssoGroups("string")
    .globalLabel("string")
    .groups("string")
    .httpPolicyRedirect("string")
    .icapProfile("string")
    .inbound("string")
    .inspectionMode("string")
    .ippool("string")
    .ipsSensor("string")
    .label("string")
    .logtraffic("string")
    .logtrafficStart("string")
    .mmsProfile("string")
    .name("string")
    .nat("string")
    .natinbound("string")
    .natoutbound("string")
    .npAcceleration("string")
    .appCategories("string")
    .adom("string")
    .fixedport("string")
    .perIpShaper("string")
    .policyOffload("string")
    .poolnames("string")
    .profileGroup("string")
    .profileProtocolOptions("string")
    .profileType("string")
    .replacemsgOverrideGroup("string")
    .rsso("string")
    .schedule("string")
    .scopetype("string")
    .sendDenyPacket("string")
    .serviceNegate("string")
    .services("string")
    .sessionTtl("string")
    .spamfilterProfile("string")
    .srcaddrNegate("string")
    .srcaddrs("string")
    .srcintfs("string")
    .sshFilterProfile("string")
    .sshPolicyRedirect("string")
    .sslMirror("string")
    .sslMirrorIntfs("string")
    .sslSshProfile("string")
    .status("string")
    .tcpMssReceiver(0)
    .tcpMssSender(0)
    .tcpSessionWithoutSyn("string")
    .timeoutSendRst("string")
    .tos("string")
    .tosMask("string")
    .tosNegate("string")
    .trafficShaper("string")
    .trafficShaperReverse("string")
    .urlCategories("string")
    .users("string")
    .utmStatus("string")
    .uuid("string")
    .vlanCosFwd(0)
    .vlanCosRev(0)
    .vlanFilter("string")
    .voipProfile("string")
    .vpntunnel("string")
    .wafProfile("string")
    .webcache("string")
    .webcacheHttps("string")
    .webfilterProfile("string")
    .webproxyForwardServer("string")
    .webproxyProfile("string")
    .build());

packages_pblock_firewall_policy6_resource = fortimanager.PackagesPblockFirewallPolicy6("packagesPblockFirewallPolicy6Resource",
    pblock="string",
    outbound="string",
    auto_asic_offload="string",
    anti_replay="string",
    _policy_block=0,
    app_groups=["string"],
    application_list="string",
    applications=[0],
    packages_pblock_firewall_policy6_id="string",
    av_profile="string",
    cgn_log_server_grp="string",
    cifs_profile="string",
    comments="string",
    custom_log_fields=["string"],
    devices=["string"],
    diffserv_forward="string",
    diffserv_reverse="string",
    diffservcode_forward="string",
    diffservcode_rev="string",
    dlp_sensor="string",
    dnsfilter_profile="string",
    dscp_match="string",
    dscp_negate="string",
    dscp_value="string",
    dsri="string",
    dstaddr_negate="string",
    dstaddrs=["string"],
    dstintfs=["string"],
    emailfilter_profile="string",
    firewall_session_dirty="string",
    action="string",
    fsso_groups=["string"],
    global_label="string",
    groups=["string"],
    http_policy_redirect="string",
    icap_profile="string",
    inbound="string",
    inspection_mode="string",
    ippool="string",
    ips_sensor="string",
    label="string",
    logtraffic="string",
    logtraffic_start="string",
    mms_profile="string",
    name="string",
    nat="string",
    natinbound="string",
    natoutbound="string",
    np_acceleration="string",
    app_categories=["string"],
    adom="string",
    fixedport="string",
    per_ip_shaper="string",
    policy_offload="string",
    poolnames=["string"],
    profile_group="string",
    profile_protocol_options="string",
    profile_type="string",
    replacemsg_override_group="string",
    rsso="string",
    schedule="string",
    scopetype="string",
    send_deny_packet="string",
    service_negate="string",
    services=["string"],
    session_ttl="string",
    spamfilter_profile="string",
    srcaddr_negate="string",
    srcaddrs=["string"],
    srcintfs=["string"],
    ssh_filter_profile="string",
    ssh_policy_redirect="string",
    ssl_mirror="string",
    ssl_mirror_intfs=["string"],
    ssl_ssh_profile="string",
    status="string",
    tcp_mss_receiver=0,
    tcp_mss_sender=0,
    tcp_session_without_syn="string",
    timeout_send_rst="string",
    tos="string",
    tos_mask="string",
    tos_negate="string",
    traffic_shaper="string",
    traffic_shaper_reverse="string",
    url_categories=["string"],
    users=["string"],
    utm_status="string",
    uuid="string",
    vlan_cos_fwd=0,
    vlan_cos_rev=0,
    vlan_filter="string",
    voip_profile="string",
    vpntunnel="string",
    waf_profile="string",
    webcache="string",
    webcache_https="string",
    webfilter_profile="string",
    webproxy_forward_server="string",
    webproxy_profile="string")

const packagesPblockFirewallPolicy6Resource = new fortimanager.PackagesPblockFirewallPolicy6("packagesPblockFirewallPolicy6Resource", {
    pblock: "string",
    outbound: "string",
    autoAsicOffload: "string",
    antiReplay: "string",
    _policyBlock: 0,
    appGroups: ["string"],
    applicationList: "string",
    applications: [0],
    packagesPblockFirewallPolicy6Id: "string",
    avProfile: "string",
    cgnLogServerGrp: "string",
    cifsProfile: "string",
    comments: "string",
    customLogFields: ["string"],
    devices: ["string"],
    diffservForward: "string",
    diffservReverse: "string",
    diffservcodeForward: "string",
    diffservcodeRev: "string",
    dlpSensor: "string",
    dnsfilterProfile: "string",
    dscpMatch: "string",
    dscpNegate: "string",
    dscpValue: "string",
    dsri: "string",
    dstaddrNegate: "string",
    dstaddrs: ["string"],
    dstintfs: ["string"],
    emailfilterProfile: "string",
    firewallSessionDirty: "string",
    action: "string",
    fssoGroups: ["string"],
    globalLabel: "string",
    groups: ["string"],
    httpPolicyRedirect: "string",
    icapProfile: "string",
    inbound: "string",
    inspectionMode: "string",
    ippool: "string",
    ipsSensor: "string",
    label: "string",
    logtraffic: "string",
    logtrafficStart: "string",
    mmsProfile: "string",
    name: "string",
    nat: "string",
    natinbound: "string",
    natoutbound: "string",
    npAcceleration: "string",
    appCategories: ["string"],
    adom: "string",
    fixedport: "string",
    perIpShaper: "string",
    policyOffload: "string",
    poolnames: ["string"],
    profileGroup: "string",
    profileProtocolOptions: "string",
    profileType: "string",
    replacemsgOverrideGroup: "string",
    rsso: "string",
    schedule: "string",
    scopetype: "string",
    sendDenyPacket: "string",
    serviceNegate: "string",
    services: ["string"],
    sessionTtl: "string",
    spamfilterProfile: "string",
    srcaddrNegate: "string",
    srcaddrs: ["string"],
    srcintfs: ["string"],
    sshFilterProfile: "string",
    sshPolicyRedirect: "string",
    sslMirror: "string",
    sslMirrorIntfs: ["string"],
    sslSshProfile: "string",
    status: "string",
    tcpMssReceiver: 0,
    tcpMssSender: 0,
    tcpSessionWithoutSyn: "string",
    timeoutSendRst: "string",
    tos: "string",
    tosMask: "string",
    tosNegate: "string",
    trafficShaper: "string",
    trafficShaperReverse: "string",
    urlCategories: ["string"],
    users: ["string"],
    utmStatus: "string",
    uuid: "string",
    vlanCosFwd: 0,
    vlanCosRev: 0,
    vlanFilter: "string",
    voipProfile: "string",
    vpntunnel: "string",
    wafProfile: "string",
    webcache: "string",
    webcacheHttps: "string",
    webfilterProfile: "string",
    webproxyForwardServer: "string",
    webproxyProfile: "string",
});

type: fortimanager:PackagesPblockFirewallPolicy6
properties:
    _policyBlock: 0
    action: string
    adom: string
    antiReplay: string
    appCategories:
        - string
    appGroups:
        - string
    applicationList: string
    applications:
        - 0
    autoAsicOffload: string
    avProfile: string
    cgnLogServerGrp: string
    cifsProfile: string
    comments: string
    customLogFields:
        - string
    devices:
        - string
    diffservForward: string
    diffservReverse: string
    diffservcodeForward: string
    diffservcodeRev: string
    dlpSensor: string
    dnsfilterProfile: string
    dscpMatch: string
    dscpNegate: string
    dscpValue: string
    dsri: string
    dstaddrNegate: string
    dstaddrs:
        - string
    dstintfs:
        - string
    emailfilterProfile: string
    firewallSessionDirty: string
    fixedport: string
    fssoGroups:
        - string
    globalLabel: string
    groups:
        - string
    httpPolicyRedirect: string
    icapProfile: string
    inbound: string
    inspectionMode: string
    ippool: string
    ipsSensor: string
    label: string
    logtraffic: string
    logtrafficStart: string
    mmsProfile: string
    name: string
    nat: string
    natinbound: string
    natoutbound: string
    npAcceleration: string
    outbound: string
    packagesPblockFirewallPolicy6Id: string
    pblock: string
    perIpShaper: string
    policyOffload: string
    poolnames:
        - string
    profileGroup: string
    profileProtocolOptions: string
    profileType: string
    replacemsgOverrideGroup: string
    rsso: string
    schedule: string
    scopetype: string
    sendDenyPacket: string
    serviceNegate: string
    services:
        - string
    sessionTtl: string
    spamfilterProfile: string
    srcaddrNegate: string
    srcaddrs:
        - string
    srcintfs:
        - string
    sshFilterProfile: string
    sshPolicyRedirect: string
    sslMirror: string
    sslMirrorIntfs:
        - string
    sslSshProfile: string
    status: string
    tcpMssReceiver: 0
    tcpMssSender: 0
    tcpSessionWithoutSyn: string
    timeoutSendRst: string
    tos: string
    tosMask: string
    tosNegate: string
    trafficShaper: string
    trafficShaperReverse: string
    urlCategories:
        - string
    users:
        - string
    utmStatus: string
    uuid: string
    vlanCosFwd: 0
    vlanCosRev: 0
    vlanFilter: string
    voipProfile: string
    vpntunnel: string
    wafProfile: string
    webcache: string
    webcacheHttps: string
    webfilterProfile: string
    webproxyForwardServer: string
    webproxyProfile: string

PackagesPblockFirewallPolicy6 Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PackagesPblockFirewallPolicy6 resource accepts the following input properties:

Pblock string: Pblock.
Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AntiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
AppCategories List<string>: Application category ID list.
AppGroups List<string>: Application group names.
ApplicationList string: Name of an existing Application list.
Applications List<double>: Application ID list.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CgnLogServerGrp string: Cgn-Log-Server-Grp.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
CustomLogFields List<string>: Log field index numbers to append custom log fields to log messages for this policy.
Devices List<string>: Names of devices or device groups that can be matched by the policy.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
DscpMatch string: Enable DSCP check. Valid values: disable, enable.
DscpNegate string: Enable negated DSCP match. Valid values: disable, enable.
DscpValue string: DSCP value.
Dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstaddrs List<string>: Destination address and address group names.
Dstintfs List<string>: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
FirewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
FssoGroups List<string>: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups List<string>: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Label string: Label for the policy that appears when the GUI is in Section View mode.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
Natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
NpAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesPblockFirewallPolicy6Id string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
PolicyOffload string: Policy-Offload. Valid values: disable, enable.
Poolnames List<string>: IP Pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
ReplacemsgOverrideGroup string: Override the default replacement message group for this policy.
Rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
Services List<string>: Service and service group names.
SessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
SpamfilterProfile string: Name of an existing Spam filter profile.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcaddrs List<string>: Source address and address group names.
Srcintfs List<string>: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
SslMirrorIntfs List<string>: SSL mirror interface name.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
TcpMssReceiver double: Receiver TCP maximum segment size (MSS).
TcpMssSender double: Sender TCP maximum segment size (MSS).
TcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
TimeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
Tos string: ToS (Type of Service) value used for comparison.
TosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
TosNegate string: Enable negated TOS match. Valid values: disable, enable.
TrafficShaper string: Reverse traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategories List<string>: URL category ID list.
Users List<string>: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VlanCosFwd double: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanCosRev double: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanFilter string: Set VLAN filters.
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Web proxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

Pblock string: Pblock.
Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AntiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
AppCategories []string: Application category ID list.
AppGroups []string: Application group names.
ApplicationList string: Name of an existing Application list.
Applications []float64: Application ID list.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CgnLogServerGrp string: Cgn-Log-Server-Grp.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
CustomLogFields []string: Log field index numbers to append custom log fields to log messages for this policy.
Devices []string: Names of devices or device groups that can be matched by the policy.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
DscpMatch string: Enable DSCP check. Valid values: disable, enable.
DscpNegate string: Enable negated DSCP match. Valid values: disable, enable.
DscpValue string: DSCP value.
Dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstaddrs []string: Destination address and address group names.
Dstintfs []string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
FirewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
FssoGroups []string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups []string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Label string: Label for the policy that appears when the GUI is in Section View mode.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
Natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
NpAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesPblockFirewallPolicy6Id string: an identifier for the resource with format {{policyid}}.
PerIpShaper string: Per-IP traffic shaper.
PolicyOffload string: Policy-Offload. Valid values: disable, enable.
Poolnames []string: IP Pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
ReplacemsgOverrideGroup string: Override the default replacement message group for this policy.
Rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
Services []string: Service and service group names.
SessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
SpamfilterProfile string: Name of an existing Spam filter profile.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcaddrs []string: Source address and address group names.
Srcintfs []string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
SslMirrorIntfs []string: SSL mirror interface name.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
TcpMssReceiver float64: Receiver TCP maximum segment size (MSS).
TcpMssSender float64: Sender TCP maximum segment size (MSS).
TcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
TimeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
Tos string: ToS (Type of Service) value used for comparison.
TosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
TosNegate string: Enable negated TOS match. Valid values: disable, enable.
TrafficShaper string: Reverse traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategories []string: URL category ID list.
Users []string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VlanCosFwd float64: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanCosRev float64: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanFilter string: Set VLAN filters.
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Web proxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock float64: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

pblock String: Pblock.
_policyBlock Double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
antiReplay String: Enable/disable anti-replay check. Valid values: disable, enable.
appCategories List<String>: Application category ID list.
appGroups List<String>: Application group names.
applicationList String: Name of an existing Application list.
applications List<Double>: Application ID list.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
cgnLogServerGrp String: Cgn-Log-Server-Grp.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
customLogFields List<String>: Log field index numbers to append custom log fields to log messages for this policy.
devices List<String>: Names of devices or device groups that can be matched by the policy.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dscpMatch String: Enable DSCP check. Valid values: disable, enable.
dscpNegate String: Enable negated DSCP match. Valid values: disable, enable.
dscpValue String: DSCP value.
dsri String: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrs List<String>: Destination address and address group names.
dstintfs List<String>: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
firewallSessionDirty String: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups List<String>: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups List<String>: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
label String: Label for the policy that appears when the GUI is in Section View mode.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
natinbound String: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound String: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAcceleration String: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesPblockFirewallPolicy6Id String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
policyOffload String: Policy-Offload. Valid values: disable, enable.
poolnames List<String>: IP Pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgOverrideGroup String: Override the default replacement message group for this policy.
rsso String: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sendDenyPacket String: Enable/disable return of deny-packet. Valid values: disable, enable.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
services List<String>: Service and service group names.
sessionTtl String: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile String: Name of an existing Spam filter profile.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrs List<String>: Source address and address group names.
srcintfs List<String>: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror String: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntfs List<String>: SSL mirror interface name.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver Double: Receiver TCP maximum segment size (MSS).
tcpMssSender Double: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn String: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst String: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos String: ToS (Type of Service) value used for comparison.
tosMask String: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate String: Enable negated TOS match. Valid values: disable, enable.
trafficShaper String: Reverse traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategories List<String>: URL category ID list.
users List<String>: Names of individual users that can authenticate with this policy.
utmStatus String: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd Double: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev Double: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter String: Set VLAN filters.
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Web proxy forward server name.
webproxyProfile String: Webproxy profile name.

pblock string: Pblock.
_policyBlock number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
antiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
appCategories string[]: Application category ID list.
appGroups string[]: Application group names.
applicationList string: Name of an existing Application list.
applications number[]: Application ID list.
autoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile string: Name of an existing Antivirus profile.
cgnLogServerGrp string: Cgn-Log-Server-Grp.
cifsProfile string: Name of an existing CIFS profile.
comments string: Comment.
customLogFields string[]: Log field index numbers to append custom log fields to log messages for this policy.
devices string[]: Names of devices or device groups that can be matched by the policy.
diffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward string: Change packet's DiffServ to this value.
diffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
dlpSensor string: Name of an existing DLP sensor.
dnsfilterProfile string: Name of an existing DNS filter profile.
dscpMatch string: Enable DSCP check. Valid values: disable, enable.
dscpNegate string: Enable negated DSCP match. Valid values: disable, enable.
dscpValue string: DSCP value.
dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrs string[]: Destination address and address group names.
dstintfs string[]: Outgoing (egress) interface.
emailfilterProfile string: Name of an existing email filter profile.
firewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups string[]: Names of FSSO groups.
globalLabel string: Label for the policy that appears when the GUI is in Global View mode.
groups string[]: Names of user groups that can authenticate with this policy.
httpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile string: Name of an existing ICAP profile.
inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor string: Name of an existing IPS sensor.
label string: Label for the policy that appears when the GUI is in Section View mode.
logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
mmsProfile string: Name of an existing MMS profile.
name string: Policy name.
nat string: Enable/disable source NAT. Valid values: disable, enable.
natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesPblockFirewallPolicy6Id string: an identifier for the resource with format {{policyid}}.
perIpShaper string: Per-IP traffic shaper.
policyOffload string: Policy-Offload. Valid values: disable, enable.
poolnames string[]: IP Pool names.
profileGroup string: Name of profile group.
profileProtocolOptions string: Name of an existing Protocol options profile.
profileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgOverrideGroup string: Override the default replacement message group for this policy.
rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule string: Schedule name.
scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
serviceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
services string[]: Service and service group names.
sessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile string: Name of an existing Spam filter profile.
srcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrs string[]: Source address and address group names.
srcintfs string[]: Incoming (ingress) interface.
sshFilterProfile string: Name of an existing SSH filter profile.
sshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntfs string[]: SSL mirror interface name.
sslSshProfile string: Name of an existing SSL SSH profile.
status string: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver number: Receiver TCP maximum segment size (MSS).
tcpMssSender number: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos string: ToS (Type of Service) value used for comparison.
tosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate string: Enable negated TOS match. Valid values: disable, enable.
trafficShaper string: Reverse traffic shaper.
trafficShaperReverse string: Reverse traffic shaper.
urlCategories string[]: URL category ID list.
users string[]: Names of individual users that can authenticate with this policy.
utmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd number: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev number: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter string: Set VLAN filters.
voipProfile string: Name of an existing VoIP profile.
vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile string: Name of an existing Web application firewall profile.
webcache string: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile string: Name of an existing Web filter profile.
webproxyForwardServer string: Web proxy forward server name.
webproxyProfile string: Webproxy profile name.

pblock str: Pblock.
_policy_block float: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action str: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
anti_replay str: Enable/disable anti-replay check. Valid values: disable, enable.
app_categories Sequence[str]: Application category ID list.
app_groups Sequence[str]: Application group names.
application_list str: Name of an existing Application list.
applications Sequence[float]: Application ID list.
auto_asic_offload str: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
av_profile str: Name of an existing Antivirus profile.
cgn_log_server_grp str: Cgn-Log-Server-Grp.
cifs_profile str: Name of an existing CIFS profile.
comments str: Comment.
custom_log_fields Sequence[str]: Log field index numbers to append custom log fields to log messages for this policy.
devices Sequence[str]: Names of devices or device groups that can be matched by the policy.
diffserv_forward str: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffserv_reverse str: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcode_forward str: Change packet's DiffServ to this value.
diffservcode_rev str: Change packet's reverse (reply) DiffServ to this value.
dlp_sensor str: Name of an existing DLP sensor.
dnsfilter_profile str: Name of an existing DNS filter profile.
dscp_match str: Enable DSCP check. Valid values: disable, enable.
dscp_negate str: Enable negated DSCP match. Valid values: disable, enable.
dscp_value str: DSCP value.
dsri str: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr_negate str: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrs Sequence[str]: Destination address and address group names.
dstintfs Sequence[str]: Outgoing (egress) interface.
emailfilter_profile str: Name of an existing email filter profile.
firewall_session_dirty str: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport str: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsso_groups Sequence[str]: Names of FSSO groups.
global_label str: Label for the policy that appears when the GUI is in Global View mode.
groups Sequence[str]: Names of user groups that can authenticate with this policy.
http_policy_redirect str: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icap_profile str: Name of an existing ICAP profile.
inbound str: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspection_mode str: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool str: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ips_sensor str: Name of an existing IPS sensor.
label str: Label for the policy that appears when the GUI is in Section View mode.
logtraffic str: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtraffic_start str: Record logs when a session starts. Valid values: disable, enable.
mms_profile str: Name of an existing MMS profile.
name str: Policy name.
nat str: Enable/disable source NAT. Valid values: disable, enable.
natinbound str: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound str: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
np_acceleration str: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound str: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packages_pblock_firewall_policy6_id str: an identifier for the resource with format {{policyid}}.
per_ip_shaper str: Per-IP traffic shaper.
policy_offload str: Policy-Offload. Valid values: disable, enable.
poolnames Sequence[str]: IP Pool names.
profile_group str: Name of profile group.
profile_protocol_options str: Name of an existing Protocol options profile.
profile_type str: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsg_override_group str: Override the default replacement message group for this policy.
rsso str: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule str: Schedule name.
scopetype str: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
send_deny_packet str: Enable/disable return of deny-packet. Valid values: disable, enable.
service_negate str: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
services Sequence[str]: Service and service group names.
session_ttl str: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilter_profile str: Name of an existing Spam filter profile.
srcaddr_negate str: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrs Sequence[str]: Source address and address group names.
srcintfs Sequence[str]: Incoming (ingress) interface.
ssh_filter_profile str: Name of an existing SSH filter profile.
ssh_policy_redirect str: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
ssl_mirror str: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
ssl_mirror_intfs Sequence[str]: SSL mirror interface name.
ssl_ssh_profile str: Name of an existing SSL SSH profile.
status str: Enable or disable this policy. Valid values: disable, enable.
tcp_mss_receiver float: Receiver TCP maximum segment size (MSS).
tcp_mss_sender float: Sender TCP maximum segment size (MSS).
tcp_session_without_syn str: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeout_send_rst str: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos str: ToS (Type of Service) value used for comparison.
tos_mask str: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tos_negate str: Enable negated TOS match. Valid values: disable, enable.
traffic_shaper str: Reverse traffic shaper.
traffic_shaper_reverse str: Reverse traffic shaper.
url_categories Sequence[str]: URL category ID list.
users Sequence[str]: Names of individual users that can authenticate with this policy.
utm_status str: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlan_cos_fwd float: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlan_cos_rev float: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlan_filter str: Set VLAN filters.
voip_profile str: Name of an existing VoIP profile.
vpntunnel str: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
waf_profile str: Name of an existing Web application firewall profile.
webcache str: Enable/disable web cache. Valid values: disable, enable.
webcache_https str: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilter_profile str: Name of an existing Web filter profile.
webproxy_forward_server str: Web proxy forward server name.
webproxy_profile str: Webproxy profile name.

pblock String: Pblock.
_policyBlock Number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
antiReplay String: Enable/disable anti-replay check. Valid values: disable, enable.
appCategories List<String>: Application category ID list.
appGroups List<String>: Application group names.
applicationList String: Name of an existing Application list.
applications List<Number>: Application ID list.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
cgnLogServerGrp String: Cgn-Log-Server-Grp.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
customLogFields List<String>: Log field index numbers to append custom log fields to log messages for this policy.
devices List<String>: Names of devices or device groups that can be matched by the policy.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dscpMatch String: Enable DSCP check. Valid values: disable, enable.
dscpNegate String: Enable negated DSCP match. Valid values: disable, enable.
dscpValue String: DSCP value.
dsri String: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrs List<String>: Destination address and address group names.
dstintfs List<String>: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
firewallSessionDirty String: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups List<String>: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups List<String>: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
label String: Label for the policy that appears when the GUI is in Section View mode.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
natinbound String: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound String: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAcceleration String: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesPblockFirewallPolicy6Id String: an identifier for the resource with format {{policyid}}.
perIpShaper String: Per-IP traffic shaper.
policyOffload String: Policy-Offload. Valid values: disable, enable.
poolnames List<String>: IP Pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgOverrideGroup String: Override the default replacement message group for this policy.
rsso String: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sendDenyPacket String: Enable/disable return of deny-packet. Valid values: disable, enable.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
services List<String>: Service and service group names.
sessionTtl String: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile String: Name of an existing Spam filter profile.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrs List<String>: Source address and address group names.
srcintfs List<String>: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror String: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntfs List<String>: SSL mirror interface name.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver Number: Receiver TCP maximum segment size (MSS).
tcpMssSender Number: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn String: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst String: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos String: ToS (Type of Service) value used for comparison.
tosMask String: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate String: Enable negated TOS match. Valid values: disable, enable.
trafficShaper String: Reverse traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategories List<String>: URL category ID list.
users List<String>: Names of individual users that can authenticate with this policy.
utmStatus String: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd Number: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev Number: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter String: Set VLAN filters.
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Web proxy forward server name.
webproxyProfile String: Webproxy profile name.

Outputs

All input properties are implicitly available as output properties. Additionally, the PackagesPblockFirewallPolicy6 resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing PackagesPblockFirewallPolicy6 Resource

Get an existing PackagesPblockFirewallPolicy6 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PackagesPblockFirewallPolicy6State, opts?: CustomResourceOptions): PackagesPblockFirewallPolicy6

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _policy_block: Optional[float] = None,
        action: Optional[str] = None,
        adom: Optional[str] = None,
        anti_replay: Optional[str] = None,
        app_categories: Optional[Sequence[str]] = None,
        app_groups: Optional[Sequence[str]] = None,
        application_list: Optional[str] = None,
        applications: Optional[Sequence[float]] = None,
        auto_asic_offload: Optional[str] = None,
        av_profile: Optional[str] = None,
        cgn_log_server_grp: Optional[str] = None,
        cifs_profile: Optional[str] = None,
        comments: Optional[str] = None,
        custom_log_fields: Optional[Sequence[str]] = None,
        devices: Optional[Sequence[str]] = None,
        diffserv_forward: Optional[str] = None,
        diffserv_reverse: Optional[str] = None,
        diffservcode_forward: Optional[str] = None,
        diffservcode_rev: Optional[str] = None,
        dlp_sensor: Optional[str] = None,
        dnsfilter_profile: Optional[str] = None,
        dscp_match: Optional[str] = None,
        dscp_negate: Optional[str] = None,
        dscp_value: Optional[str] = None,
        dsri: Optional[str] = None,
        dstaddr_negate: Optional[str] = None,
        dstaddrs: Optional[Sequence[str]] = None,
        dstintfs: Optional[Sequence[str]] = None,
        emailfilter_profile: Optional[str] = None,
        firewall_session_dirty: Optional[str] = None,
        fixedport: Optional[str] = None,
        fsso_groups: Optional[Sequence[str]] = None,
        global_label: Optional[str] = None,
        groups: Optional[Sequence[str]] = None,
        http_policy_redirect: Optional[str] = None,
        icap_profile: Optional[str] = None,
        inbound: Optional[str] = None,
        inspection_mode: Optional[str] = None,
        ippool: Optional[str] = None,
        ips_sensor: Optional[str] = None,
        label: Optional[str] = None,
        logtraffic: Optional[str] = None,
        logtraffic_start: Optional[str] = None,
        mms_profile: Optional[str] = None,
        name: Optional[str] = None,
        nat: Optional[str] = None,
        natinbound: Optional[str] = None,
        natoutbound: Optional[str] = None,
        np_acceleration: Optional[str] = None,
        outbound: Optional[str] = None,
        packages_pblock_firewall_policy6_id: Optional[str] = None,
        pblock: Optional[str] = None,
        per_ip_shaper: Optional[str] = None,
        policy_offload: Optional[str] = None,
        poolnames: Optional[Sequence[str]] = None,
        profile_group: Optional[str] = None,
        profile_protocol_options: Optional[str] = None,
        profile_type: Optional[str] = None,
        replacemsg_override_group: Optional[str] = None,
        rsso: Optional[str] = None,
        schedule: Optional[str] = None,
        scopetype: Optional[str] = None,
        send_deny_packet: Optional[str] = None,
        service_negate: Optional[str] = None,
        services: Optional[Sequence[str]] = None,
        session_ttl: Optional[str] = None,
        spamfilter_profile: Optional[str] = None,
        srcaddr_negate: Optional[str] = None,
        srcaddrs: Optional[Sequence[str]] = None,
        srcintfs: Optional[Sequence[str]] = None,
        ssh_filter_profile: Optional[str] = None,
        ssh_policy_redirect: Optional[str] = None,
        ssl_mirror: Optional[str] = None,
        ssl_mirror_intfs: Optional[Sequence[str]] = None,
        ssl_ssh_profile: Optional[str] = None,
        status: Optional[str] = None,
        tcp_mss_receiver: Optional[float] = None,
        tcp_mss_sender: Optional[float] = None,
        tcp_session_without_syn: Optional[str] = None,
        timeout_send_rst: Optional[str] = None,
        tos: Optional[str] = None,
        tos_mask: Optional[str] = None,
        tos_negate: Optional[str] = None,
        traffic_shaper: Optional[str] = None,
        traffic_shaper_reverse: Optional[str] = None,
        url_categories: Optional[Sequence[str]] = None,
        users: Optional[Sequence[str]] = None,
        utm_status: Optional[str] = None,
        uuid: Optional[str] = None,
        vlan_cos_fwd: Optional[float] = None,
        vlan_cos_rev: Optional[float] = None,
        vlan_filter: Optional[str] = None,
        voip_profile: Optional[str] = None,
        vpntunnel: Optional[str] = None,
        waf_profile: Optional[str] = None,
        webcache: Optional[str] = None,
        webcache_https: Optional[str] = None,
        webfilter_profile: Optional[str] = None,
        webproxy_forward_server: Optional[str] = None,
        webproxy_profile: Optional[str] = None) -> PackagesPblockFirewallPolicy6

func GetPackagesPblockFirewallPolicy6(ctx *Context, name string, id IDInput, state *PackagesPblockFirewallPolicy6State, opts ...ResourceOption) (*PackagesPblockFirewallPolicy6, error)

public static PackagesPblockFirewallPolicy6 Get(string name, Input<string> id, PackagesPblockFirewallPolicy6State? state, CustomResourceOptions? opts = null)

public static PackagesPblockFirewallPolicy6 get(String name, Output<String> id, PackagesPblockFirewallPolicy6State state, CustomResourceOptions options)

resources:  _:    type: fortimanager:PackagesPblockFirewallPolicy6    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AntiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
AppCategories List<string>: Application category ID list.
AppGroups List<string>: Application group names.
ApplicationList string: Name of an existing Application list.
Applications List<double>: Application ID list.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CgnLogServerGrp string: Cgn-Log-Server-Grp.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
CustomLogFields List<string>: Log field index numbers to append custom log fields to log messages for this policy.
Devices List<string>: Names of devices or device groups that can be matched by the policy.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
DscpMatch string: Enable DSCP check. Valid values: disable, enable.
DscpNegate string: Enable negated DSCP match. Valid values: disable, enable.
DscpValue string: DSCP value.
Dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstaddrs List<string>: Destination address and address group names.
Dstintfs List<string>: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
FirewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
FssoGroups List<string>: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups List<string>: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Label string: Label for the policy that appears when the GUI is in Section View mode.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
Natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
NpAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesPblockFirewallPolicy6Id string: an identifier for the resource with format {{policyid}}.
Pblock string: Pblock.
PerIpShaper string: Per-IP traffic shaper.
PolicyOffload string: Policy-Offload. Valid values: disable, enable.
Poolnames List<string>: IP Pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
ReplacemsgOverrideGroup string: Override the default replacement message group for this policy.
Rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
Services List<string>: Service and service group names.
SessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
SpamfilterProfile string: Name of an existing Spam filter profile.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcaddrs List<string>: Source address and address group names.
Srcintfs List<string>: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
SslMirrorIntfs List<string>: SSL mirror interface name.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
TcpMssReceiver double: Receiver TCP maximum segment size (MSS).
TcpMssSender double: Sender TCP maximum segment size (MSS).
TcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
TimeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
Tos string: ToS (Type of Service) value used for comparison.
TosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
TosNegate string: Enable negated TOS match. Valid values: disable, enable.
TrafficShaper string: Reverse traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategories List<string>: URL category ID list.
Users List<string>: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VlanCosFwd double: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanCosRev double: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanFilter string: Set VLAN filters.
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Web proxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

Action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AntiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
AppCategories []string: Application category ID list.
AppGroups []string: Application group names.
ApplicationList string: Name of an existing Application list.
Applications []float64: Application ID list.
AutoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
AvProfile string: Name of an existing Antivirus profile.
CgnLogServerGrp string: Cgn-Log-Server-Grp.
CifsProfile string: Name of an existing CIFS profile.
Comments string: Comment.
CustomLogFields []string: Log field index numbers to append custom log fields to log messages for this policy.
Devices []string: Names of devices or device groups that can be matched by the policy.
DiffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
DiffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
DiffservcodeForward string: Change packet's DiffServ to this value.
DiffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
DlpSensor string: Name of an existing DLP sensor.
DnsfilterProfile string: Name of an existing DNS filter profile.
DscpMatch string: Enable DSCP check. Valid values: disable, enable.
DscpNegate string: Enable negated DSCP match. Valid values: disable, enable.
DscpValue string: DSCP value.
Dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
DstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
Dstaddrs []string: Destination address and address group names.
Dstintfs []string: Outgoing (egress) interface.
EmailfilterProfile string: Name of an existing email filter profile.
FirewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
Fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
FssoGroups []string: Names of FSSO groups.
GlobalLabel string: Label for the policy that appears when the GUI is in Global View mode.
Groups []string: Names of user groups that can authenticate with this policy.
HttpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
IcapProfile string: Name of an existing ICAP profile.
Inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
InspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
Ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
IpsSensor string: Name of an existing IPS sensor.
Label string: Label for the policy that appears when the GUI is in Section View mode.
Logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
LogtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
MmsProfile string: Name of an existing MMS profile.
Name string: Policy name.
Nat string: Enable/disable source NAT. Valid values: disable, enable.
Natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
Natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
NpAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
Outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
PackagesPblockFirewallPolicy6Id string: an identifier for the resource with format {{policyid}}.
Pblock string: Pblock.
PerIpShaper string: Per-IP traffic shaper.
PolicyOffload string: Policy-Offload. Valid values: disable, enable.
Poolnames []string: IP Pool names.
ProfileGroup string: Name of profile group.
ProfileProtocolOptions string: Name of an existing Protocol options profile.
ProfileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
ReplacemsgOverrideGroup string: Override the default replacement message group for this policy.
Rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
Schedule string: Schedule name.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
ServiceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
Services []string: Service and service group names.
SessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
SpamfilterProfile string: Name of an existing Spam filter profile.
SrcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
Srcaddrs []string: Source address and address group names.
Srcintfs []string: Incoming (ingress) interface.
SshFilterProfile string: Name of an existing SSH filter profile.
SshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
SslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
SslMirrorIntfs []string: SSL mirror interface name.
SslSshProfile string: Name of an existing SSL SSH profile.
Status string: Enable or disable this policy. Valid values: disable, enable.
TcpMssReceiver float64: Receiver TCP maximum segment size (MSS).
TcpMssSender float64: Sender TCP maximum segment size (MSS).
TcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
TimeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
Tos string: ToS (Type of Service) value used for comparison.
TosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
TosNegate string: Enable negated TOS match. Valid values: disable, enable.
TrafficShaper string: Reverse traffic shaper.
TrafficShaperReverse string: Reverse traffic shaper.
UrlCategories []string: URL category ID list.
Users []string: Names of individual users that can authenticate with this policy.
UtmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
Uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
VlanCosFwd float64: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanCosRev float64: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
VlanFilter string: Set VLAN filters.
VoipProfile string: Name of an existing VoIP profile.
Vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
WafProfile string: Name of an existing Web application firewall profile.
Webcache string: Enable/disable web cache. Valid values: disable, enable.
WebcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
WebfilterProfile string: Name of an existing Web filter profile.
WebproxyForwardServer string: Web proxy forward server name.
WebproxyProfile string: Webproxy profile name.
_policyBlock float64: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.

_policyBlock Double: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
antiReplay String: Enable/disable anti-replay check. Valid values: disable, enable.
appCategories List<String>: Application category ID list.
appGroups List<String>: Application group names.
applicationList String: Name of an existing Application list.
applications List<Double>: Application ID list.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
cgnLogServerGrp String: Cgn-Log-Server-Grp.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
customLogFields List<String>: Log field index numbers to append custom log fields to log messages for this policy.
devices List<String>: Names of devices or device groups that can be matched by the policy.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dscpMatch String: Enable DSCP check. Valid values: disable, enable.
dscpNegate String: Enable negated DSCP match. Valid values: disable, enable.
dscpValue String: DSCP value.
dsri String: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrs List<String>: Destination address and address group names.
dstintfs List<String>: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
firewallSessionDirty String: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups List<String>: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups List<String>: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
label String: Label for the policy that appears when the GUI is in Section View mode.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
natinbound String: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound String: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAcceleration String: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesPblockFirewallPolicy6Id String: an identifier for the resource with format {{policyid}}.
pblock String: Pblock.
perIpShaper String: Per-IP traffic shaper.
policyOffload String: Policy-Offload. Valid values: disable, enable.
poolnames List<String>: IP Pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgOverrideGroup String: Override the default replacement message group for this policy.
rsso String: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sendDenyPacket String: Enable/disable return of deny-packet. Valid values: disable, enable.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
services List<String>: Service and service group names.
sessionTtl String: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile String: Name of an existing Spam filter profile.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrs List<String>: Source address and address group names.
srcintfs List<String>: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror String: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntfs List<String>: SSL mirror interface name.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver Double: Receiver TCP maximum segment size (MSS).
tcpMssSender Double: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn String: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst String: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos String: ToS (Type of Service) value used for comparison.
tosMask String: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate String: Enable negated TOS match. Valid values: disable, enable.
trafficShaper String: Reverse traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategories List<String>: URL category ID list.
users List<String>: Names of individual users that can authenticate with this policy.
utmStatus String: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd Double: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev Double: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter String: Set VLAN filters.
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Web proxy forward server name.
webproxyProfile String: Webproxy profile name.

_policyBlock number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action string: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
antiReplay string: Enable/disable anti-replay check. Valid values: disable, enable.
appCategories string[]: Application category ID list.
appGroups string[]: Application group names.
applicationList string: Name of an existing Application list.
applications number[]: Application ID list.
autoAsicOffload string: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile string: Name of an existing Antivirus profile.
cgnLogServerGrp string: Cgn-Log-Server-Grp.
cifsProfile string: Name of an existing CIFS profile.
comments string: Comment.
customLogFields string[]: Log field index numbers to append custom log fields to log messages for this policy.
devices string[]: Names of devices or device groups that can be matched by the policy.
diffservForward string: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse string: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward string: Change packet's DiffServ to this value.
diffservcodeRev string: Change packet's reverse (reply) DiffServ to this value.
dlpSensor string: Name of an existing DLP sensor.
dnsfilterProfile string: Name of an existing DNS filter profile.
dscpMatch string: Enable DSCP check. Valid values: disable, enable.
dscpNegate string: Enable negated DSCP match. Valid values: disable, enable.
dscpValue string: DSCP value.
dsri string: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddrNegate string: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrs string[]: Destination address and address group names.
dstintfs string[]: Outgoing (egress) interface.
emailfilterProfile string: Name of an existing email filter profile.
firewallSessionDirty string: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport string: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups string[]: Names of FSSO groups.
globalLabel string: Label for the policy that appears when the GUI is in Global View mode.
groups string[]: Names of user groups that can authenticate with this policy.
httpPolicyRedirect string: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile string: Name of an existing ICAP profile.
inbound string: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode string: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool string: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor string: Name of an existing IPS sensor.
label string: Label for the policy that appears when the GUI is in Section View mode.
logtraffic string: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart string: Record logs when a session starts. Valid values: disable, enable.
mmsProfile string: Name of an existing MMS profile.
name string: Policy name.
nat string: Enable/disable source NAT. Valid values: disable, enable.
natinbound string: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound string: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAcceleration string: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound string: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesPblockFirewallPolicy6Id string: an identifier for the resource with format {{policyid}}.
pblock string: Pblock.
perIpShaper string: Per-IP traffic shaper.
policyOffload string: Policy-Offload. Valid values: disable, enable.
poolnames string[]: IP Pool names.
profileGroup string: Name of profile group.
profileProtocolOptions string: Name of an existing Protocol options profile.
profileType string: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgOverrideGroup string: Override the default replacement message group for this policy.
rsso string: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule string: Schedule name.
scopetype string: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sendDenyPacket string: Enable/disable return of deny-packet. Valid values: disable, enable.
serviceNegate string: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
services string[]: Service and service group names.
sessionTtl string: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile string: Name of an existing Spam filter profile.
srcaddrNegate string: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrs string[]: Source address and address group names.
srcintfs string[]: Incoming (ingress) interface.
sshFilterProfile string: Name of an existing SSH filter profile.
sshPolicyRedirect string: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror string: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntfs string[]: SSL mirror interface name.
sslSshProfile string: Name of an existing SSL SSH profile.
status string: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver number: Receiver TCP maximum segment size (MSS).
tcpMssSender number: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn string: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst string: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos string: ToS (Type of Service) value used for comparison.
tosMask string: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate string: Enable negated TOS match. Valid values: disable, enable.
trafficShaper string: Reverse traffic shaper.
trafficShaperReverse string: Reverse traffic shaper.
urlCategories string[]: URL category ID list.
users string[]: Names of individual users that can authenticate with this policy.
utmStatus string: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid string: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd number: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev number: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter string: Set VLAN filters.
voipProfile string: Name of an existing VoIP profile.
vpntunnel string: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile string: Name of an existing Web application firewall profile.
webcache string: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps string: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile string: Name of an existing Web filter profile.
webproxyForwardServer string: Web proxy forward server name.
webproxyProfile string: Webproxy profile name.

_policy_block float: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action str: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
anti_replay str: Enable/disable anti-replay check. Valid values: disable, enable.
app_categories Sequence[str]: Application category ID list.
app_groups Sequence[str]: Application group names.
application_list str: Name of an existing Application list.
applications Sequence[float]: Application ID list.
auto_asic_offload str: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
av_profile str: Name of an existing Antivirus profile.
cgn_log_server_grp str: Cgn-Log-Server-Grp.
cifs_profile str: Name of an existing CIFS profile.
comments str: Comment.
custom_log_fields Sequence[str]: Log field index numbers to append custom log fields to log messages for this policy.
devices Sequence[str]: Names of devices or device groups that can be matched by the policy.
diffserv_forward str: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffserv_reverse str: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcode_forward str: Change packet's DiffServ to this value.
diffservcode_rev str: Change packet's reverse (reply) DiffServ to this value.
dlp_sensor str: Name of an existing DLP sensor.
dnsfilter_profile str: Name of an existing DNS filter profile.
dscp_match str: Enable DSCP check. Valid values: disable, enable.
dscp_negate str: Enable negated DSCP match. Valid values: disable, enable.
dscp_value str: DSCP value.
dsri str: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddr_negate str: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrs Sequence[str]: Destination address and address group names.
dstintfs Sequence[str]: Outgoing (egress) interface.
emailfilter_profile str: Name of an existing email filter profile.
firewall_session_dirty str: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport str: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fsso_groups Sequence[str]: Names of FSSO groups.
global_label str: Label for the policy that appears when the GUI is in Global View mode.
groups Sequence[str]: Names of user groups that can authenticate with this policy.
http_policy_redirect str: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icap_profile str: Name of an existing ICAP profile.
inbound str: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspection_mode str: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool str: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ips_sensor str: Name of an existing IPS sensor.
label str: Label for the policy that appears when the GUI is in Section View mode.
logtraffic str: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtraffic_start str: Record logs when a session starts. Valid values: disable, enable.
mms_profile str: Name of an existing MMS profile.
name str: Policy name.
nat str: Enable/disable source NAT. Valid values: disable, enable.
natinbound str: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound str: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
np_acceleration str: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound str: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packages_pblock_firewall_policy6_id str: an identifier for the resource with format {{policyid}}.
pblock str: Pblock.
per_ip_shaper str: Per-IP traffic shaper.
policy_offload str: Policy-Offload. Valid values: disable, enable.
poolnames Sequence[str]: IP Pool names.
profile_group str: Name of profile group.
profile_protocol_options str: Name of an existing Protocol options profile.
profile_type str: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsg_override_group str: Override the default replacement message group for this policy.
rsso str: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule str: Schedule name.
scopetype str: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
send_deny_packet str: Enable/disable return of deny-packet. Valid values: disable, enable.
service_negate str: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
services Sequence[str]: Service and service group names.
session_ttl str: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilter_profile str: Name of an existing Spam filter profile.
srcaddr_negate str: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrs Sequence[str]: Source address and address group names.
srcintfs Sequence[str]: Incoming (ingress) interface.
ssh_filter_profile str: Name of an existing SSH filter profile.
ssh_policy_redirect str: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
ssl_mirror str: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
ssl_mirror_intfs Sequence[str]: SSL mirror interface name.
ssl_ssh_profile str: Name of an existing SSL SSH profile.
status str: Enable or disable this policy. Valid values: disable, enable.
tcp_mss_receiver float: Receiver TCP maximum segment size (MSS).
tcp_mss_sender float: Sender TCP maximum segment size (MSS).
tcp_session_without_syn str: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeout_send_rst str: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos str: ToS (Type of Service) value used for comparison.
tos_mask str: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tos_negate str: Enable negated TOS match. Valid values: disable, enable.
traffic_shaper str: Reverse traffic shaper.
traffic_shaper_reverse str: Reverse traffic shaper.
url_categories Sequence[str]: URL category ID list.
users Sequence[str]: Names of individual users that can authenticate with this policy.
utm_status str: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid str: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlan_cos_fwd float: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlan_cos_rev float: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlan_filter str: Set VLAN filters.
voip_profile str: Name of an existing VoIP profile.
vpntunnel str: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
waf_profile str: Name of an existing Web application firewall profile.
webcache str: Enable/disable web cache. Valid values: disable, enable.
webcache_https str: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilter_profile str: Name of an existing Web filter profile.
webproxy_forward_server str: Web proxy forward server name.
webproxy_profile str: Webproxy profile name.

_policyBlock Number: Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
action String: Policy action (allow/deny/ipsec). Valid values: deny, accept, ipsec, ssl-vpn.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
antiReplay String: Enable/disable anti-replay check. Valid values: disable, enable.
appCategories List<String>: Application category ID list.
appGroups List<String>: Application group names.
applicationList String: Name of an existing Application list.
applications List<Number>: Application ID list.
autoAsicOffload String: Enable/disable policy traffic ASIC offloading. Valid values: disable, enable.
avProfile String: Name of an existing Antivirus profile.
cgnLogServerGrp String: Cgn-Log-Server-Grp.
cifsProfile String: Name of an existing CIFS profile.
comments String: Comment.
customLogFields List<String>: Log field index numbers to append custom log fields to log messages for this policy.
devices List<String>: Names of devices or device groups that can be matched by the policy.
diffservForward String: Enable to change packet's DiffServ values to the specified diffservcode-forward value. Valid values: disable, enable.
diffservReverse String: Enable to change packet's reverse (reply) DiffServ values to the specified diffservcode-rev value. Valid values: disable, enable.
diffservcodeForward String: Change packet's DiffServ to this value.
diffservcodeRev String: Change packet's reverse (reply) DiffServ to this value.
dlpSensor String: Name of an existing DLP sensor.
dnsfilterProfile String: Name of an existing DNS filter profile.
dscpMatch String: Enable DSCP check. Valid values: disable, enable.
dscpNegate String: Enable negated DSCP match. Valid values: disable, enable.
dscpValue String: DSCP value.
dsri String: Enable DSRI to ignore HTTP server responses. Valid values: disable, enable.
dstaddrNegate String: When enabled dstaddr specifies what the destination address must NOT be. Valid values: disable, enable.
dstaddrs List<String>: Destination address and address group names.
dstintfs List<String>: Outgoing (egress) interface.
emailfilterProfile String: Name of an existing email filter profile.
firewallSessionDirty String: How to handle sessions if the configuration of this firewall policy changes. Valid values: check-all, check-new.
fixedport String: Enable to prevent source NAT from changing a session's source port. Valid values: disable, enable.
fssoGroups List<String>: Names of FSSO groups.
globalLabel String: Label for the policy that appears when the GUI is in Global View mode.
groups List<String>: Names of user groups that can authenticate with this policy.
httpPolicyRedirect String: Redirect HTTP(S) traffic to matching transparent web proxy policy. Valid values: disable, enable.
icapProfile String: Name of an existing ICAP profile.
inbound String: Policy-based IPsec VPN: only traffic from the remote network can initiate a VPN. Valid values: disable, enable.
inspectionMode String: Policy inspection mode (Flow/proxy). Default is Flow mode. Valid values: proxy, flow.
ippool String: Enable to use IP Pools for source NAT. Valid values: disable, enable.
ipsSensor String: Name of an existing IPS sensor.
label String: Label for the policy that appears when the GUI is in Section View mode.
logtraffic String: Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, enable, all, utm.
logtrafficStart String: Record logs when a session starts. Valid values: disable, enable.
mmsProfile String: Name of an existing MMS profile.
name String: Policy name.
nat String: Enable/disable source NAT. Valid values: disable, enable.
natinbound String: Policy-based IPsec VPN: apply destination NAT to inbound traffic. Valid values: disable, enable.
natoutbound String: Policy-based IPsec VPN: apply source NAT to outbound traffic. Valid values: disable, enable.
npAcceleration String: Enable/disable UTM Network Processor acceleration. Valid values: disable, enable.
outbound String: Policy-based IPsec VPN: only traffic from the internal network can initiate a VPN. Valid values: disable, enable.
packagesPblockFirewallPolicy6Id String: an identifier for the resource with format {{policyid}}.
pblock String: Pblock.
perIpShaper String: Per-IP traffic shaper.
policyOffload String: Policy-Offload. Valid values: disable, enable.
poolnames List<String>: IP Pool names.
profileGroup String: Name of profile group.
profileProtocolOptions String: Name of an existing Protocol options profile.
profileType String: Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
replacemsgOverrideGroup String: Override the default replacement message group for this policy.
rsso String: Enable/disable RADIUS single sign-on (RSSO). Valid values: disable, enable.
schedule String: Schedule name.
scopetype String: The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sendDenyPacket String: Enable/disable return of deny-packet. Valid values: disable, enable.
serviceNegate String: When enabled service specifies what the service must NOT be. Valid values: disable, enable.
services List<String>: Service and service group names.
sessionTtl String: Session TTL in seconds for sessions accepted by this policy. 0 means use the system default session TTL.
spamfilterProfile String: Name of an existing Spam filter profile.
srcaddrNegate String: When enabled srcaddr specifies what the source address must NOT be. Valid values: disable, enable.
srcaddrs List<String>: Source address and address group names.
srcintfs List<String>: Incoming (ingress) interface.
sshFilterProfile String: Name of an existing SSH filter profile.
sshPolicyRedirect String: Redirect SSH traffic to matching transparent proxy policy. Valid values: disable, enable.
sslMirror String: Enable to copy decrypted SSL traffic to a FortiGate interface (called SSL mirroring). Valid values: disable, enable.
sslMirrorIntfs List<String>: SSL mirror interface name.
sslSshProfile String: Name of an existing SSL SSH profile.
status String: Enable or disable this policy. Valid values: disable, enable.
tcpMssReceiver Number: Receiver TCP maximum segment size (MSS).
tcpMssSender Number: Sender TCP maximum segment size (MSS).
tcpSessionWithoutSyn String: Enable/disable creation of TCP session without SYN flag. Valid values: all, data-only, disable.
timeoutSendRst String: Enable/disable sending RST packets when TCP sessions expire. Valid values: disable, enable.
tos String: ToS (Type of Service) value used for comparison.
tosMask String: Non-zero bit positions are used for comparison while zero bit positions are ignored.
tosNegate String: Enable negated TOS match. Valid values: disable, enable.
trafficShaper String: Reverse traffic shaper.
trafficShaperReverse String: Reverse traffic shaper.
urlCategories List<String>: URL category ID list.
users List<String>: Names of individual users that can authenticate with this policy.
utmStatus String: Enable AV/web/ips protection profile. Valid values: disable, enable.
uuid String: Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
vlanCosFwd Number: VLAN forward direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanCosRev Number: VLAN reverse direction user priority: 255 passthrough, 0 lowest, 7 highest
vlanFilter String: Set VLAN filters.
voipProfile String: Name of an existing VoIP profile.
vpntunnel String: Policy-based IPsec VPN: name of the IPsec VPN Phase 1.
wafProfile String: Name of an existing Web application firewall profile.
webcache String: Enable/disable web cache. Valid values: disable, enable.
webcacheHttps String: Enable/disable web cache for HTTPS. Valid values: disable, enable.
webfilterProfile String: Name of an existing Web filter profile.
webproxyForwardServer String: Web proxy forward server name.
webproxyProfile String: Webproxy profile name.

Import

Packages PblockFirewallPolicy6 can be imported using any of these accepted formats:

Set import_options = [“pblock=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/packagesPblockFirewallPolicy6:PackagesPblockFirewallPolicy6 labelname {{policyid}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesPblockFirewallPolicy6

On this page

On this page

Create PackagesPblockFirewallPolicy6 Resource

Constructor syntax

Parameters

Constructor example

PackagesPblockFirewallPolicy6 Resource Properties

Inputs

Outputs

Look up Existing PackagesPblockFirewallPolicy6 Resource

Import

Package Details

On this page

On this page