Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Fortimanager Provider
  3. API Docs
  4. PackagesPblockFirewallSecuritypolicy
fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev
fortinetdev/terraform-provider-fortimanager

fortimanager.PackagesPblockFirewallSecuritypolicy

Explore with Pulumi AI

fortimanager logo
fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev
fortinetdev/terraform-provider-fortimanager

    Configuring security policy for a policy block.

    This resource is a sub resource for variable firewall_security_policy of resource fortimanager.PackagesPblock. Conflict and overwrite may occur if use both of them.

    Create PackagesPblockFirewallSecuritypolicy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new PackagesPblockFirewallSecuritypolicy(name: string, args: PackagesPblockFirewallSecuritypolicyArgs, opts?: CustomResourceOptions);
    @overload
def PackagesPblockFirewallSecuritypolicy(resource_name: str,
                                         args: PackagesPblockFirewallSecuritypolicyArgs,
                                         opts: Optional[ResourceOptions] = None)

@overload
def PackagesPblockFirewallSecuritypolicy(resource_name: str,
                                         opts: Optional[ResourceOptions] = None,
                                         pblock: Optional[str] = None,
                                         _policy_block: Optional[float] = None,
                                         action: Optional[str] = None,
                                         adom: Optional[str] = None,
                                         app_categories: Optional[Sequence[str]] = None,
                                         app_groups: Optional[Sequence[str]] = None,
                                         application_list: Optional[str] = None,
                                         applications: Optional[Sequence[float]] = None,
                                         av_profile: Optional[str] = None,
                                         casb_profile: Optional[str] = None,
                                         cifs_profile: Optional[str] = None,
                                         comments: Optional[str] = None,
                                         diameter_filter_profile: Optional[str] = None,
                                         dlp_profile: Optional[str] = None,
                                         dlp_sensor: Optional[str] = None,
                                         dnsfilter_profile: Optional[str] = None,
                                         dstaddr4s: Optional[Sequence[str]] = None,
                                         dstaddr6_negate: Optional[str] = None,
                                         dstaddr6s: Optional[Sequence[str]] = None,
                                         dstaddr_negate: Optional[str] = None,
                                         dstaddrs: Optional[Sequence[str]] = None,
                                         dstintfs: Optional[Sequence[str]] = None,
                                         emailfilter_profile: Optional[str] = None,
                                         enforce_default_app_port: Optional[str] = None,
                                         file_filter_profile: Optional[str] = None,
                                         fsso_groups: Optional[Sequence[str]] = None,
                                         global_label: Optional[str] = None,
                                         groups: Optional[Sequence[str]] = None,
                                         icap_profile: Optional[str] = None,
                                         internet_service: Optional[str] = None,
                                         internet_service6: Optional[str] = None,
                                         internet_service6_custom_groups: Optional[Sequence[str]] = None,
                                         internet_service6_customs: Optional[Sequence[str]] = None,
                                         internet_service6_groups: Optional[Sequence[str]] = None,
                                         internet_service6_names: Optional[Sequence[str]] = None,
                                         internet_service6_negate: Optional[str] = None,
                                         internet_service6_src: Optional[str] = None,
                                         internet_service6_src_custom_groups: Optional[Sequence[str]] = None,
                                         internet_service6_src_customs: Optional[Sequence[str]] = None,
                                         internet_service6_src_groups: Optional[Sequence[str]] = None,
                                         internet_service6_src_names: Optional[Sequence[str]] = None,
                                         internet_service6_src_negate: Optional[str] = None,
                                         internet_service_custom_groups: Optional[Sequence[str]] = None,
                                         internet_service_customs: Optional[Sequence[str]] = None,
                                         internet_service_groups: Optional[Sequence[str]] = None,
                                         internet_service_ids: Optional[Sequence[str]] = None,
                                         internet_service_names: Optional[Sequence[str]] = None,
                                         internet_service_negate: Optional[str] = None,
                                         internet_service_src: Optional[str] = None,
                                         internet_service_src_custom_groups: Optional[Sequence[str]] = None,
                                         internet_service_src_customs: Optional[Sequence[str]] = None,
                                         internet_service_src_groups: Optional[Sequence[str]] = None,
                                         internet_service_src_ids: Optional[Sequence[str]] = None,
                                         internet_service_src_names: Optional[Sequence[str]] = None,
                                         internet_service_src_negate: Optional[str] = None,
                                         ips_sensor: Optional[str] = None,
                                         ips_voip_filter: Optional[str] = None,
                                         learning_mode: Optional[str] = None,
                                         logtraffic: Optional[str] = None,
                                         logtraffic_start: Optional[str] = None,
                                         mms_profile: Optional[str] = None,
                                         name: Optional[str] = None,
                                         nat46: Optional[str] = None,
                                         nat64: Optional[str] = None,
                                         packages_pblock_firewall_securitypolicy_id: Optional[str] = None,
                                         policyid: Optional[float] = None,
                                         profile_group: Optional[str] = None,
                                         profile_protocol_options: Optional[str] = None,
                                         profile_type: Optional[str] = None,
                                         schedule: Optional[str] = None,
                                         scopetype: Optional[str] = None,
                                         sctp_filter_profile: Optional[str] = None,
                                         send_deny_packet: Optional[str] = None,
                                         service_negate: Optional[str] = None,
                                         services: Optional[Sequence[str]] = None,
                                         srcaddr4s: Optional[Sequence[str]] = None,
                                         srcaddr6_negate: Optional[str] = None,
                                         srcaddr6s: Optional[Sequence[str]] = None,
                                         srcaddr_negate: Optional[str] = None,
                                         srcaddrs: Optional[Sequence[str]] = None,
                                         srcintfs: Optional[Sequence[str]] = None,
                                         ssh_filter_profile: Optional[str] = None,
                                         ssl_ssh_profile: Optional[str] = None,
                                         status: Optional[str] = None,
                                         url_categories: Optional[Sequence[str]] = None,
                                         users: Optional[Sequence[str]] = None,
                                         utm_status: Optional[str] = None,
                                         uuid: Optional[str] = None,
                                         videofilter_profile: Optional[str] = None,
                                         virtual_patch_profile: Optional[str] = None,
                                         voip_profile: Optional[str] = None,
                                         webfilter_profile: Optional[str] = None)
    func NewPackagesPblockFirewallSecuritypolicy(ctx *Context, name string, args PackagesPblockFirewallSecuritypolicyArgs, opts ...ResourceOption) (*PackagesPblockFirewallSecuritypolicy, error)
    public PackagesPblockFirewallSecuritypolicy(string name, PackagesPblockFirewallSecuritypolicyArgs args, CustomResourceOptions? opts = null)
    public PackagesPblockFirewallSecuritypolicy(String name, PackagesPblockFirewallSecuritypolicyArgs args)
public PackagesPblockFirewallSecuritypolicy(String name, PackagesPblockFirewallSecuritypolicyArgs args, CustomResourceOptions options)

    type: fortimanager:PackagesPblockFirewallSecuritypolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args PackagesPblockFirewallSecuritypolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args PackagesPblockFirewallSecuritypolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args PackagesPblockFirewallSecuritypolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args PackagesPblockFirewallSecuritypolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args PackagesPblockFirewallSecuritypolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var packagesPblockFirewallSecuritypolicyResource = new Fortimanager.PackagesPblockFirewallSecuritypolicy("packagesPblockFirewallSecuritypolicyResource", new()
{
    Pblock = "string",
    _policyBlock = 0,
    Action = "string",
    Adom = "string",
    AppCategories = new[]
    {
        "string",
    },
    AppGroups = new[]
    {
        "string",
    },
    ApplicationList = "string",
    Applications = new[]
    {
        0,
    },
    AvProfile = "string",
    CasbProfile = "string",
    CifsProfile = "string",
    Comments = "string",
    DiameterFilterProfile = "string",
    DlpProfile = "string",
    DlpSensor = "string",
    DnsfilterProfile = "string",
    Dstaddr4s = new[]
    {
        "string",
    },
    Dstaddr6Negate = "string",
    Dstaddr6s = new[]
    {
        "string",
    },
    DstaddrNegate = "string",
    Dstaddrs = new[]
    {
        "string",
    },
    Dstintfs = new[]
    {
        "string",
    },
    EmailfilterProfile = "string",
    EnforceDefaultAppPort = "string",
    FileFilterProfile = "string",
    FssoGroups = new[]
    {
        "string",
    },
    GlobalLabel = "string",
    Groups = new[]
    {
        "string",
    },
    IcapProfile = "string",
    InternetService = "string",
    InternetService6 = "string",
    InternetService6CustomGroups = new[]
    {
        "string",
    },
    InternetService6Customs = new[]
    {
        "string",
    },
    InternetService6Groups = new[]
    {
        "string",
    },
    InternetService6Names = new[]
    {
        "string",
    },
    InternetService6Negate = "string",
    InternetService6Src = "string",
    InternetService6SrcCustomGroups = new[]
    {
        "string",
    },
    InternetService6SrcCustoms = new[]
    {
        "string",
    },
    InternetService6SrcGroups = new[]
    {
        "string",
    },
    InternetService6SrcNames = new[]
    {
        "string",
    },
    InternetService6SrcNegate = "string",
    InternetServiceCustomGroups = new[]
    {
        "string",
    },
    InternetServiceCustoms = new[]
    {
        "string",
    },
    InternetServiceGroups = new[]
    {
        "string",
    },
    InternetServiceIds = new[]
    {
        "string",
    },
    InternetServiceNames = new[]
    {
        "string",
    },
    InternetServiceNegate = "string",
    InternetServiceSrc = "string",
    InternetServiceSrcCustomGroups = new[]
    {
        "string",
    },
    InternetServiceSrcCustoms = new[]
    {
        "string",
    },
    InternetServiceSrcGroups = new[]
    {
        "string",
    },
    InternetServiceSrcIds = new[]
    {
        "string",
    },
    InternetServiceSrcNames = new[]
    {
        "string",
    },
    InternetServiceSrcNegate = "string",
    IpsSensor = "string",
    IpsVoipFilter = "string",
    LearningMode = "string",
    Logtraffic = "string",
    LogtrafficStart = "string",
    MmsProfile = "string",
    Name = "string",
    Nat46 = "string",
    Nat64 = "string",
    PackagesPblockFirewallSecuritypolicyId = "string",
    Policyid = 0,
    ProfileGroup = "string",
    ProfileProtocolOptions = "string",
    ProfileType = "string",
    Schedule = "string",
    Scopetype = "string",
    SctpFilterProfile = "string",
    SendDenyPacket = "string",
    ServiceNegate = "string",
    Services = new[]
    {
        "string",
    },
    Srcaddr4s = new[]
    {
        "string",
    },
    Srcaddr6Negate = "string",
    Srcaddr6s = new[]
    {
        "string",
    },
    SrcaddrNegate = "string",
    Srcaddrs = new[]
    {
        "string",
    },
    Srcintfs = new[]
    {
        "string",
    },
    SshFilterProfile = "string",
    SslSshProfile = "string",
    Status = "string",
    UrlCategories = new[]
    {
        "string",
    },
    Users = new[]
    {
        "string",
    },
    UtmStatus = "string",
    Uuid = "string",
    VideofilterProfile = "string",
    VirtualPatchProfile = "string",
    VoipProfile = "string",
    WebfilterProfile = "string",
});

    example, err := fortimanager.NewPackagesPblockFirewallSecuritypolicy(ctx, "packagesPblockFirewallSecuritypolicyResource", &fortimanager.PackagesPblockFirewallSecuritypolicyArgs{
Pblock: pulumi.String("string"),
_policyBlock: pulumi.Float64(0),
Action: pulumi.String("string"),
Adom: pulumi.String("string"),
AppCategories: pulumi.StringArray{
pulumi.String("string"),
},
AppGroups: pulumi.StringArray{
pulumi.String("string"),
},
ApplicationList: pulumi.String("string"),
Applications: pulumi.Float64Array{
pulumi.Float64(0),
},
AvProfile: pulumi.String("string"),
CasbProfile: pulumi.String("string"),
CifsProfile: pulumi.String("string"),
Comments: pulumi.String("string"),
DiameterFilterProfile: pulumi.String("string"),
DlpProfile: pulumi.String("string"),
DlpSensor: pulumi.String("string"),
DnsfilterProfile: pulumi.String("string"),
Dstaddr4s: pulumi.StringArray{
pulumi.String("string"),
},
Dstaddr6Negate: pulumi.String("string"),
Dstaddr6s: pulumi.StringArray{
pulumi.String("string"),
},
DstaddrNegate: pulumi.String("string"),
Dstaddrs: pulumi.StringArray{
pulumi.String("string"),
},
Dstintfs: pulumi.StringArray{
pulumi.String("string"),
},
EmailfilterProfile: pulumi.String("string"),
EnforceDefaultAppPort: pulumi.String("string"),
FileFilterProfile: pulumi.String("string"),
FssoGroups: pulumi.StringArray{
pulumi.String("string"),
},
GlobalLabel: pulumi.String("string"),
Groups: pulumi.StringArray{
pulumi.String("string"),
},
IcapProfile: pulumi.String("string"),
InternetService: pulumi.String("string"),
InternetService6: pulumi.String("string"),
InternetService6CustomGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Customs: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Groups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Names: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6Negate: pulumi.String("string"),
InternetService6Src: pulumi.String("string"),
InternetService6SrcCustomGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6SrcCustoms: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6SrcGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6SrcNames: pulumi.StringArray{
pulumi.String("string"),
},
InternetService6SrcNegate: pulumi.String("string"),
InternetServiceCustomGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceCustoms: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceIds: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceNames: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceNegate: pulumi.String("string"),
InternetServiceSrc: pulumi.String("string"),
InternetServiceSrcCustomGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceSrcCustoms: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceSrcGroups: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceSrcIds: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceSrcNames: pulumi.StringArray{
pulumi.String("string"),
},
InternetServiceSrcNegate: pulumi.String("string"),
IpsSensor: pulumi.String("string"),
IpsVoipFilter: pulumi.String("string"),
LearningMode: pulumi.String("string"),
Logtraffic: pulumi.String("string"),
LogtrafficStart: pulumi.String("string"),
MmsProfile: pulumi.String("string"),
Name: pulumi.String("string"),
Nat46: pulumi.String("string"),
Nat64: pulumi.String("string"),
PackagesPblockFirewallSecuritypolicyId: pulumi.String("string"),
Policyid: pulumi.Float64(0),
ProfileGroup: pulumi.String("string"),
ProfileProtocolOptions: pulumi.String("string"),
ProfileType: pulumi.String("string"),
Schedule: pulumi.String("string"),
Scopetype: pulumi.String("string"),
SctpFilterProfile: pulumi.String("string"),
SendDenyPacket: pulumi.String("string"),
ServiceNegate: pulumi.String("string"),
Services: pulumi.StringArray{
pulumi.String("string"),
},
Srcaddr4s: pulumi.StringArray{
pulumi.String("string"),
},
Srcaddr6Negate: pulumi.String("string"),
Srcaddr6s: pulumi.StringArray{
pulumi.String("string"),
},
SrcaddrNegate: pulumi.String("string"),
Srcaddrs: pulumi.StringArray{
pulumi.String("string"),
},
Srcintfs: pulumi.StringArray{
pulumi.String("string"),
},
SshFilterProfile: pulumi.String("string"),
SslSshProfile: pulumi.String("string"),
Status: pulumi.String("string"),
UrlCategories: pulumi.StringArray{
pulumi.String("string"),
},
Users: pulumi.StringArray{
pulumi.String("string"),
},
UtmStatus: pulumi.String("string"),
Uuid: pulumi.String("string"),
VideofilterProfile: pulumi.String("string"),
VirtualPatchProfile: pulumi.String("string"),
VoipProfile: pulumi.String("string"),
WebfilterProfile: pulumi.String("string"),
})

    var packagesPblockFirewallSecuritypolicyResource = new PackagesPblockFirewallSecuritypolicy("packagesPblockFirewallSecuritypolicyResource", PackagesPblockFirewallSecuritypolicyArgs.builder()
    .pblock("string")
    ._policyBlock(0)
    .action("string")
    .adom("string")
    .appCategories("string")
    .appGroups("string")
    .applicationList("string")
    .applications(0)
    .avProfile("string")
    .casbProfile("string")
    .cifsProfile("string")
    .comments("string")
    .diameterFilterProfile("string")
    .dlpProfile("string")
    .dlpSensor("string")
    .dnsfilterProfile("string")
    .dstaddr4s("string")
    .dstaddr6Negate("string")
    .dstaddr6s("string")
    .dstaddrNegate("string")
    .dstaddrs("string")
    .dstintfs("string")
    .emailfilterProfile("string")
    .enforceDefaultAppPort("string")
    .fileFilterProfile("string")
    .fssoGroups("string")
    .globalLabel("string")
    .groups("string")
    .icapProfile("string")
    .internetService("string")
    .internetService6("string")
    .internetService6CustomGroups("string")
    .internetService6Customs("string")
    .internetService6Groups("string")
    .internetService6Names("string")
    .internetService6Negate("string")
    .internetService6Src("string")
    .internetService6SrcCustomGroups("string")
    .internetService6SrcCustoms("string")
    .internetService6SrcGroups("string")
    .internetService6SrcNames("string")
    .internetService6SrcNegate("string")
    .internetServiceCustomGroups("string")
    .internetServiceCustoms("string")
    .internetServiceGroups("string")
    .internetServiceIds("string")
    .internetServiceNames("string")
    .internetServiceNegate("string")
    .internetServiceSrc("string")
    .internetServiceSrcCustomGroups("string")
    .internetServiceSrcCustoms("string")
    .internetServiceSrcGroups("string")
    .internetServiceSrcIds("string")
    .internetServiceSrcNames("string")
    .internetServiceSrcNegate("string")
    .ipsSensor("string")
    .ipsVoipFilter("string")
    .learningMode("string")
    .logtraffic("string")
    .logtrafficStart("string")
    .mmsProfile("string")
    .name("string")
    .nat46("string")
    .nat64("string")
    .packagesPblockFirewallSecuritypolicyId("string")
    .policyid(0)
    .profileGroup("string")
    .profileProtocolOptions("string")
    .profileType("string")
    .schedule("string")
    .scopetype("string")
    .sctpFilterProfile("string")
    .sendDenyPacket("string")
    .serviceNegate("string")
    .services("string")
    .srcaddr4s("string")
    .srcaddr6Negate("string")
    .srcaddr6s("string")
    .srcaddrNegate("string")
    .srcaddrs("string")
    .srcintfs("string")
    .sshFilterProfile("string")
    .sslSshProfile("string")
    .status("string")
    .urlCategories("string")
    .users("string")
    .utmStatus("string")
    .uuid("string")
    .videofilterProfile("string")
    .virtualPatchProfile("string")
    .voipProfile("string")
    .webfilterProfile("string")
    .build());

    packages_pblock_firewall_securitypolicy_resource = fortimanager.PackagesPblockFirewallSecuritypolicy("packagesPblockFirewallSecuritypolicyResource",
    pblock="string",
    _policy_block=0,
    action="string",
    adom="string",
    app_categories=["string"],
    app_groups=["string"],
    application_list="string",
    applications=[0],
    av_profile="string",
    casb_profile="string",
    cifs_profile="string",
    comments="string",
    diameter_filter_profile="string",
    dlp_profile="string",
    dlp_sensor="string",
    dnsfilter_profile="string",
    dstaddr4s=["string"],
    dstaddr6_negate="string",
    dstaddr6s=["string"],
    dstaddr_negate="string",
    dstaddrs=["string"],
    dstintfs=["string"],
    emailfilter_profile="string",
    enforce_default_app_port="string",
    file_filter_profile="string",
    fsso_groups=["string"],
    global_label="string",
    groups=["string"],
    icap_profile="string",
    internet_service="string",
    internet_service6="string",
    internet_service6_custom_groups=["string"],
    internet_service6_customs=["string"],
    internet_service6_groups=["string"],
    internet_service6_names=["string"],
    internet_service6_negate="string",
    internet_service6_src="string",
    internet_service6_src_custom_groups=["string"],
    internet_service6_src_customs=["string"],
    internet_service6_src_groups=["string"],
    internet_service6_src_names=["string"],
    internet_service6_src_negate="string",
    internet_service_custom_groups=["string"],
    internet_service_customs=["string"],
    internet_service_groups=["string"],
    internet_service_ids=["string"],
    internet_service_names=["string"],
    internet_service_negate="string",
    internet_service_src="string",
    internet_service_src_custom_groups=["string"],
    internet_service_src_customs=["string"],
    internet_service_src_groups=["string"],
    internet_service_src_ids=["string"],
    internet_service_src_names=["string"],
    internet_service_src_negate="string",
    ips_sensor="string",
    ips_voip_filter="string",
    learning_mode="string",
    logtraffic="string",
    logtraffic_start="string",
    mms_profile="string",
    name="string",
    nat46="string",
    nat64="string",
    packages_pblock_firewall_securitypolicy_id="string",
    policyid=0,
    profile_group="string",
    profile_protocol_options="string",
    profile_type="string",
    schedule="string",
    scopetype="string",
    sctp_filter_profile="string",
    send_deny_packet="string",
    service_negate="string",
    services=["string"],
    srcaddr4s=["string"],
    srcaddr6_negate="string",
    srcaddr6s=["string"],
    srcaddr_negate="string",
    srcaddrs=["string"],
    srcintfs=["string"],
    ssh_filter_profile="string",
    ssl_ssh_profile="string",
    status="string",
    url_categories=["string"],
    users=["string"],
    utm_status="string",
    uuid="string",
    videofilter_profile="string",
    virtual_patch_profile="string",
    voip_profile="string",
    webfilter_profile="string")

    const packagesPblockFirewallSecuritypolicyResource = new fortimanager.PackagesPblockFirewallSecuritypolicy("packagesPblockFirewallSecuritypolicyResource", {
    pblock: "string",
    _policyBlock: 0,
    action: "string",
    adom: "string",
    appCategories: ["string"],
    appGroups: ["string"],
    applicationList: "string",
    applications: [0],
    avProfile: "string",
    casbProfile: "string",
    cifsProfile: "string",
    comments: "string",
    diameterFilterProfile: "string",
    dlpProfile: "string",
    dlpSensor: "string",
    dnsfilterProfile: "string",
    dstaddr4s: ["string"],
    dstaddr6Negate: "string",
    dstaddr6s: ["string"],
    dstaddrNegate: "string",
    dstaddrs: ["string"],
    dstintfs: ["string"],
    emailfilterProfile: "string",
    enforceDefaultAppPort: "string",
    fileFilterProfile: "string",
    fssoGroups: ["string"],
    globalLabel: "string",
    groups: ["string"],
    icapProfile: "string",
    internetService: "string",
    internetService6: "string",
    internetService6CustomGroups: ["string"],
    internetService6Customs: ["string"],
    internetService6Groups: ["string"],
    internetService6Names: ["string"],
    internetService6Negate: "string",
    internetService6Src: "string",
    internetService6SrcCustomGroups: ["string"],
    internetService6SrcCustoms: ["string"],
    internetService6SrcGroups: ["string"],
    internetService6SrcNames: ["string"],
    internetService6SrcNegate: "string",
    internetServiceCustomGroups: ["string"],
    internetServiceCustoms: ["string"],
    internetServiceGroups: ["string"],
    internetServiceIds: ["string"],
    internetServiceNames: ["string"],
    internetServiceNegate: "string",
    internetServiceSrc: "string",
    internetServiceSrcCustomGroups: ["string"],
    internetServiceSrcCustoms: ["string"],
    internetServiceSrcGroups: ["string"],
    internetServiceSrcIds: ["string"],
    internetServiceSrcNames: ["string"],
    internetServiceSrcNegate: "string",
    ipsSensor: "string",
    ipsVoipFilter: "string",
    learningMode: "string",
    logtraffic: "string",
    logtrafficStart: "string",
    mmsProfile: "string",
    name: "string",
    nat46: "string",
    nat64: "string",
    packagesPblockFirewallSecuritypolicyId: "string",
    policyid: 0,
    profileGroup: "string",
    profileProtocolOptions: "string",
    profileType: "string",
    schedule: "string",
    scopetype: "string",
    sctpFilterProfile: "string",
    sendDenyPacket: "string",
    serviceNegate: "string",
    services: ["string"],
    srcaddr4s: ["string"],
    srcaddr6Negate: "string",
    srcaddr6s: ["string"],
    srcaddrNegate: "string",
    srcaddrs: ["string"],
    srcintfs: ["string"],
    sshFilterProfile: "string",
    sslSshProfile: "string",
    status: "string",
    urlCategories: ["string"],
    users: ["string"],
    utmStatus: "string",
    uuid: "string",
    videofilterProfile: "string",
    virtualPatchProfile: "string",
    voipProfile: "string",
    webfilterProfile: "string",
});

    type: fortimanager:PackagesPblockFirewallSecuritypolicy
properties:
    _policyBlock: 0
    action: string
    adom: string
    appCategories:
        - string
    appGroups:
        - string
    applicationList: string
    applications:
        - 0
    avProfile: string
    casbProfile: string
    cifsProfile: string
    comments: string
    diameterFilterProfile: string
    dlpProfile: string
    dlpSensor: string
    dnsfilterProfile: string
    dstaddr4s:
        - string
    dstaddr6Negate: string
    dstaddr6s:
        - string
    dstaddrNegate: string
    dstaddrs:
        - string
    dstintfs:
        - string
    emailfilterProfile: string
    enforceDefaultAppPort: string
    fileFilterProfile: string
    fssoGroups:
        - string
    globalLabel: string
    groups:
        - string
    icapProfile: string
    internetService: string
    internetService6: string
    internetService6CustomGroups:
        - string
    internetService6Customs:
        - string
    internetService6Groups:
        - string
    internetService6Names:
        - string
    internetService6Negate: string
    internetService6Src: string
    internetService6SrcCustomGroups:
        - string
    internetService6SrcCustoms:
        - string
    internetService6SrcGroups:
        - string
    internetService6SrcNames:
        - string
    internetService6SrcNegate: string
    internetServiceCustomGroups:
        - string
    internetServiceCustoms:
        - string
    internetServiceGroups:
        - string
    internetServiceIds:
        - string
    internetServiceNames:
        - string
    internetServiceNegate: string
    internetServiceSrc: string
    internetServiceSrcCustomGroups:
        - string
    internetServiceSrcCustoms:
        - string
    internetServiceSrcGroups:
        - string
    internetServiceSrcIds:
        - string
    internetServiceSrcNames:
        - string
    internetServiceSrcNegate: string
    ipsSensor: string
    ipsVoipFilter: string
    learningMode: string
    logtraffic: string
    logtrafficStart: string
    mmsProfile: string
    name: string
    nat46: string
    nat64: string
    packagesPblockFirewallSecuritypolicyId: string
    pblock: string
    policyid: 0
    profileGroup: string
    profileProtocolOptions: string
    profileType: string
    schedule: string
    scopetype: string
    sctpFilterProfile: string
    sendDenyPacket: string
    serviceNegate: string
    services:
        - string
    srcaddr4s:
        - string
    srcaddr6Negate: string
    srcaddr6s:
        - string
    srcaddrNegate: string
    srcaddrs:
        - string
    srcintfs:
        - string
    sshFilterProfile: string
    sslSshProfile: string
    status: string
    urlCategories:
        - string
    users:
        - string
    utmStatus: string
    uuid: string
    videofilterProfile: string
    virtualPatchProfile: string
    voipProfile: string
    webfilterProfile: string

    PackagesPblockFirewallSecuritypolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The PackagesPblockFirewallSecuritypolicy resource accepts the following input properties:

    Pblock string
    Pblock.
    Action string
    Policy action (accept/deny). Valid values: deny, accept.
    Adom string
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    AppCategories List<string>
    Application category ID list.
    AppGroups List<string>
    Application group names.
    ApplicationList string
    Name of an existing Application list.
    Applications List<double>
    Application ID list.
    AvProfile string
    Name of an existing Antivirus profile.
    CasbProfile string
    Name of an existing CASB profile.
    CifsProfile string
    Name of an existing CIFS profile.
    Comments string
    Comment.
    DiameterFilterProfile string
    Name of an existing Diameter filter profile.
    DlpProfile string
    Name of an existing DLP profile.
    DlpSensor string
    Name of an existing DLP sensor.
    DnsfilterProfile string
    Name of an existing DNS filter profile.
    Dstaddr4s List<string>
    Destination IPv4 address name and address group names.
    Dstaddr6Negate string
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    Dstaddr6s List<string>
    Destination IPv6 address name and address group names.
    DstaddrNegate string
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    Dstaddrs List<string>
    Destination IPv4 address name and address group names.
    Dstintfs List<string>
    Outgoing (egress) interface.
    EmailfilterProfile string
    Name of an existing email filter profile.
    EnforceDefaultAppPort string
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    FileFilterProfile string
    Name of an existing file-filter profile.
    FssoGroups List<string>
    Names of FSSO groups.
    GlobalLabel string
    Label for the policy that appears when the GUI is in Global View mode.
    Groups List<string>
    Names of user groups that can authenticate with this policy.
    IcapProfile string
    Name of an existing ICAP profile.
    InternetService string
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    InternetService6 string
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    InternetService6CustomGroups List<string>
    Custom IPv6 Internet Service group name.
    InternetService6Customs List<string>
    Custom IPv6 Internet Service name.
    InternetService6Groups List<string>
    Internet Service group name.
    InternetService6Names List<string>
    IPv6 Internet Service name.
    InternetService6Negate string
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    InternetService6Src string
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    InternetService6SrcCustomGroups List<string>
    Custom Internet Service6 source group name.
    InternetService6SrcCustoms List<string>
    Custom IPv6 Internet Service source name.
    InternetService6SrcGroups List<string>
    Internet Service6 source group name.
    InternetService6SrcNames List<string>
    IPv6 Internet Service source name.
    InternetService6SrcNegate string
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    InternetServiceCustomGroups List<string>
    Custom Internet Service group name.
    InternetServiceCustoms List<string>
    Custom Internet Service name.
    InternetServiceGroups List<string>
    Internet Service group name.
    InternetServiceIds List<string>
    Internet Service ID.
    InternetServiceNames List<string>
    Internet Service name.
    InternetServiceNegate string
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    InternetServiceSrc string
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    InternetServiceSrcCustomGroups List<string>
    Custom Internet Service source group name.
    InternetServiceSrcCustoms List<string>
    Custom Internet Service source name.
    InternetServiceSrcGroups List<string>
    Internet Service source group name.
    InternetServiceSrcIds List<string>
    Internet Service source ID.
    InternetServiceSrcNames List<string>
    Internet Service source name.
    InternetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    IpsSensor string
    Name of an existing IPS sensor.
    IpsVoipFilter string
    Name of an existing VoIP (ips) profile.
    LearningMode string
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    Logtraffic string
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    LogtrafficStart string
    Record logs when a session starts. Valid values: disable, enable.
    MmsProfile string
    Name of an existing MMS profile.
    Name string
    Policy name.
    Nat46 string
    Enable/disable NAT46. Valid values: disable, enable.
    Nat64 string
    Enable/disable NAT64. Valid values: disable, enable.
    PackagesPblockFirewallSecuritypolicyId string
    an identifier for the resource with format {{policyid}}.
    Policyid double
    Policy ID.
    ProfileGroup string
    Name of profile group.
    ProfileProtocolOptions string
    Name of an existing Protocol options profile.
    ProfileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    Schedule string
    Schedule name.
    Scopetype string
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    SctpFilterProfile string
    Name of an existing SCTP filter profile.
    SendDenyPacket string
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    ServiceNegate string
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    Services List<string>
    Service and service group names.
    Srcaddr4s List<string>
    Source IPv4 address name and address group names.
    Srcaddr6Negate string
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    Srcaddr6s List<string>
    Source IPv6 address name and address group names.
    SrcaddrNegate string
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    Srcaddrs List<string>
    Source IPv4 address name and address group names.
    Srcintfs List<string>
    Incoming (ingress) interface.
    SshFilterProfile string
    Name of an existing SSH filter profile.
    SslSshProfile string
    Name of an existing SSL SSH profile.
    Status string
    Enable or disable this policy. Valid values: disable, enable.
    UrlCategories List<string>
    URL category ID list.
    Users List<string>
    Names of individual users that can authenticate with this policy.
    UtmStatus string
    Enable security profiles. Valid values: disable, enable.
    Uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    VideofilterProfile string
    Name of an existing VideoFilter profile.
    VirtualPatchProfile string
    Name of an existing virtual-patch profile.
    VoipProfile string
    Name of an existing VoIP profile.
    WebfilterProfile string
    Name of an existing Web filter profile.
    _policyBlock double
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    Pblock string
    Pblock.
    Action string
    Policy action (accept/deny). Valid values: deny, accept.
    Adom string
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    AppCategories []string
    Application category ID list.
    AppGroups []string
    Application group names.
    ApplicationList string
    Name of an existing Application list.
    Applications []float64
    Application ID list.
    AvProfile string
    Name of an existing Antivirus profile.
    CasbProfile string
    Name of an existing CASB profile.
    CifsProfile string
    Name of an existing CIFS profile.
    Comments string
    Comment.
    DiameterFilterProfile string
    Name of an existing Diameter filter profile.
    DlpProfile string
    Name of an existing DLP profile.
    DlpSensor string
    Name of an existing DLP sensor.
    DnsfilterProfile string
    Name of an existing DNS filter profile.
    Dstaddr4s []string
    Destination IPv4 address name and address group names.
    Dstaddr6Negate string
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    Dstaddr6s []string
    Destination IPv6 address name and address group names.
    DstaddrNegate string
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    Dstaddrs []string
    Destination IPv4 address name and address group names.
    Dstintfs []string
    Outgoing (egress) interface.
    EmailfilterProfile string
    Name of an existing email filter profile.
    EnforceDefaultAppPort string
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    FileFilterProfile string
    Name of an existing file-filter profile.
    FssoGroups []string
    Names of FSSO groups.
    GlobalLabel string
    Label for the policy that appears when the GUI is in Global View mode.
    Groups []string
    Names of user groups that can authenticate with this policy.
    IcapProfile string
    Name of an existing ICAP profile.
    InternetService string
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    InternetService6 string
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    InternetService6CustomGroups []string
    Custom IPv6 Internet Service group name.
    InternetService6Customs []string
    Custom IPv6 Internet Service name.
    InternetService6Groups []string
    Internet Service group name.
    InternetService6Names []string
    IPv6 Internet Service name.
    InternetService6Negate string
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    InternetService6Src string
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    InternetService6SrcCustomGroups []string
    Custom Internet Service6 source group name.
    InternetService6SrcCustoms []string
    Custom IPv6 Internet Service source name.
    InternetService6SrcGroups []string
    Internet Service6 source group name.
    InternetService6SrcNames []string
    IPv6 Internet Service source name.
    InternetService6SrcNegate string
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    InternetServiceCustomGroups []string
    Custom Internet Service group name.
    InternetServiceCustoms []string
    Custom Internet Service name.
    InternetServiceGroups []string
    Internet Service group name.
    InternetServiceIds []string
    Internet Service ID.
    InternetServiceNames []string
    Internet Service name.
    InternetServiceNegate string
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    InternetServiceSrc string
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    InternetServiceSrcCustomGroups []string
    Custom Internet Service source group name.
    InternetServiceSrcCustoms []string
    Custom Internet Service source name.
    InternetServiceSrcGroups []string
    Internet Service source group name.
    InternetServiceSrcIds []string
    Internet Service source ID.
    InternetServiceSrcNames []string
    Internet Service source name.
    InternetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    IpsSensor string
    Name of an existing IPS sensor.
    IpsVoipFilter string
    Name of an existing VoIP (ips) profile.
    LearningMode string
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    Logtraffic string
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    LogtrafficStart string
    Record logs when a session starts. Valid values: disable, enable.
    MmsProfile string
    Name of an existing MMS profile.
    Name string
    Policy name.
    Nat46 string
    Enable/disable NAT46. Valid values: disable, enable.
    Nat64 string
    Enable/disable NAT64. Valid values: disable, enable.
    PackagesPblockFirewallSecuritypolicyId string
    an identifier for the resource with format {{policyid}}.
    Policyid float64
    Policy ID.
    ProfileGroup string
    Name of profile group.
    ProfileProtocolOptions string
    Name of an existing Protocol options profile.
    ProfileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    Schedule string
    Schedule name.
    Scopetype string
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    SctpFilterProfile string
    Name of an existing SCTP filter profile.
    SendDenyPacket string
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    ServiceNegate string
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    Services []string
    Service and service group names.
    Srcaddr4s []string
    Source IPv4 address name and address group names.
    Srcaddr6Negate string
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    Srcaddr6s []string
    Source IPv6 address name and address group names.
    SrcaddrNegate string
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    Srcaddrs []string
    Source IPv4 address name and address group names.
    Srcintfs []string
    Incoming (ingress) interface.
    SshFilterProfile string
    Name of an existing SSH filter profile.
    SslSshProfile string
    Name of an existing SSL SSH profile.
    Status string
    Enable or disable this policy. Valid values: disable, enable.
    UrlCategories []string
    URL category ID list.
    Users []string
    Names of individual users that can authenticate with this policy.
    UtmStatus string
    Enable security profiles. Valid values: disable, enable.
    Uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    VideofilterProfile string
    Name of an existing VideoFilter profile.
    VirtualPatchProfile string
    Name of an existing virtual-patch profile.
    VoipProfile string
    Name of an existing VoIP profile.
    WebfilterProfile string
    Name of an existing Web filter profile.
    _policyBlock float64
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    pblock String
    Pblock.
    _policyBlock Double
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    action String
    Policy action (accept/deny). Valid values: deny, accept.
    adom String
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    appCategories List<String>
    Application category ID list.
    appGroups List<String>
    Application group names.
    applicationList String
    Name of an existing Application list.
    applications List<Double>
    Application ID list.
    avProfile String
    Name of an existing Antivirus profile.
    casbProfile String
    Name of an existing CASB profile.
    cifsProfile String
    Name of an existing CIFS profile.
    comments String
    Comment.
    diameterFilterProfile String
    Name of an existing Diameter filter profile.
    dlpProfile String
    Name of an existing DLP profile.
    dlpSensor String
    Name of an existing DLP sensor.
    dnsfilterProfile String
    Name of an existing DNS filter profile.
    dstaddr4s List<String>
    Destination IPv4 address name and address group names.
    dstaddr6Negate String
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddr6s List<String>
    Destination IPv6 address name and address group names.
    dstaddrNegate String
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddrs List<String>
    Destination IPv4 address name and address group names.
    dstintfs List<String>
    Outgoing (egress) interface.
    emailfilterProfile String
    Name of an existing email filter profile.
    enforceDefaultAppPort String
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    fileFilterProfile String
    Name of an existing file-filter profile.
    fssoGroups List<String>
    Names of FSSO groups.
    globalLabel String
    Label for the policy that appears when the GUI is in Global View mode.
    groups List<String>
    Names of user groups that can authenticate with this policy.
    icapProfile String
    Name of an existing ICAP profile.
    internetService String
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    internetService6 String
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    internetService6CustomGroups List<String>
    Custom IPv6 Internet Service group name.
    internetService6Customs List<String>
    Custom IPv6 Internet Service name.
    internetService6Groups List<String>
    Internet Service group name.
    internetService6Names List<String>
    IPv6 Internet Service name.
    internetService6Negate String
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    internetService6Src String
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetService6SrcCustomGroups List<String>
    Custom Internet Service6 source group name.
    internetService6SrcCustoms List<String>
    Custom IPv6 Internet Service source name.
    internetService6SrcGroups List<String>
    Internet Service6 source group name.
    internetService6SrcNames List<String>
    IPv6 Internet Service source name.
    internetService6SrcNegate String
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceCustomGroups List<String>
    Custom Internet Service group name.
    internetServiceCustoms List<String>
    Custom Internet Service name.
    internetServiceGroups List<String>
    Internet Service group name.
    internetServiceIds List<String>
    Internet Service ID.
    internetServiceNames List<String>
    Internet Service name.
    internetServiceNegate String
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceSrc String
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetServiceSrcCustomGroups List<String>
    Custom Internet Service source group name.
    internetServiceSrcCustoms List<String>
    Custom Internet Service source name.
    internetServiceSrcGroups List<String>
    Internet Service source group name.
    internetServiceSrcIds List<String>
    Internet Service source ID.
    internetServiceSrcNames List<String>
    Internet Service source name.
    internetServiceSrcNegate String
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    ipsSensor String
    Name of an existing IPS sensor.
    ipsVoipFilter String
    Name of an existing VoIP (ips) profile.
    learningMode String
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    logtraffic String
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    logtrafficStart String
    Record logs when a session starts. Valid values: disable, enable.
    mmsProfile String
    Name of an existing MMS profile.
    name String
    Policy name.
    nat46 String
    Enable/disable NAT46. Valid values: disable, enable.
    nat64 String
    Enable/disable NAT64. Valid values: disable, enable.
    packagesPblockFirewallSecuritypolicyId String
    an identifier for the resource with format {{policyid}}.
    policyid Double
    Policy ID.
    profileGroup String
    Name of profile group.
    profileProtocolOptions String
    Name of an existing Protocol options profile.
    profileType String
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    schedule String
    Schedule name.
    scopetype String
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    sctpFilterProfile String
    Name of an existing SCTP filter profile.
    sendDenyPacket String
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    serviceNegate String
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    services List<String>
    Service and service group names.
    srcaddr4s List<String>
    Source IPv4 address name and address group names.
    srcaddr6Negate String
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddr6s List<String>
    Source IPv6 address name and address group names.
    srcaddrNegate String
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddrs List<String>
    Source IPv4 address name and address group names.
    srcintfs List<String>
    Incoming (ingress) interface.
    sshFilterProfile String
    Name of an existing SSH filter profile.
    sslSshProfile String
    Name of an existing SSL SSH profile.
    status String
    Enable or disable this policy. Valid values: disable, enable.
    urlCategories List<String>
    URL category ID list.
    users List<String>
    Names of individual users that can authenticate with this policy.
    utmStatus String
    Enable security profiles. Valid values: disable, enable.
    uuid String
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    videofilterProfile String
    Name of an existing VideoFilter profile.
    virtualPatchProfile String
    Name of an existing virtual-patch profile.
    voipProfile String
    Name of an existing VoIP profile.
    webfilterProfile String
    Name of an existing Web filter profile.
    pblock string
    Pblock.
    _policyBlock number
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    action string
    Policy action (accept/deny). Valid values: deny, accept.
    adom string
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    appCategories string[]
    Application category ID list.
    appGroups string[]
    Application group names.
    applicationList string
    Name of an existing Application list.
    applications number[]
    Application ID list.
    avProfile string
    Name of an existing Antivirus profile.
    casbProfile string
    Name of an existing CASB profile.
    cifsProfile string
    Name of an existing CIFS profile.
    comments string
    Comment.
    diameterFilterProfile string
    Name of an existing Diameter filter profile.
    dlpProfile string
    Name of an existing DLP profile.
    dlpSensor string
    Name of an existing DLP sensor.
    dnsfilterProfile string
    Name of an existing DNS filter profile.
    dstaddr4s string[]
    Destination IPv4 address name and address group names.
    dstaddr6Negate string
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddr6s string[]
    Destination IPv6 address name and address group names.
    dstaddrNegate string
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddrs string[]
    Destination IPv4 address name and address group names.
    dstintfs string[]
    Outgoing (egress) interface.
    emailfilterProfile string
    Name of an existing email filter profile.
    enforceDefaultAppPort string
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    fileFilterProfile string
    Name of an existing file-filter profile.
    fssoGroups string[]
    Names of FSSO groups.
    globalLabel string
    Label for the policy that appears when the GUI is in Global View mode.
    groups string[]
    Names of user groups that can authenticate with this policy.
    icapProfile string
    Name of an existing ICAP profile.
    internetService string
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    internetService6 string
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    internetService6CustomGroups string[]
    Custom IPv6 Internet Service group name.
    internetService6Customs string[]
    Custom IPv6 Internet Service name.
    internetService6Groups string[]
    Internet Service group name.
    internetService6Names string[]
    IPv6 Internet Service name.
    internetService6Negate string
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    internetService6Src string
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetService6SrcCustomGroups string[]
    Custom Internet Service6 source group name.
    internetService6SrcCustoms string[]
    Custom IPv6 Internet Service source name.
    internetService6SrcGroups string[]
    Internet Service6 source group name.
    internetService6SrcNames string[]
    IPv6 Internet Service source name.
    internetService6SrcNegate string
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceCustomGroups string[]
    Custom Internet Service group name.
    internetServiceCustoms string[]
    Custom Internet Service name.
    internetServiceGroups string[]
    Internet Service group name.
    internetServiceIds string[]
    Internet Service ID.
    internetServiceNames string[]
    Internet Service name.
    internetServiceNegate string
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceSrc string
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetServiceSrcCustomGroups string[]
    Custom Internet Service source group name.
    internetServiceSrcCustoms string[]
    Custom Internet Service source name.
    internetServiceSrcGroups string[]
    Internet Service source group name.
    internetServiceSrcIds string[]
    Internet Service source ID.
    internetServiceSrcNames string[]
    Internet Service source name.
    internetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    ipsSensor string
    Name of an existing IPS sensor.
    ipsVoipFilter string
    Name of an existing VoIP (ips) profile.
    learningMode string
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    logtraffic string
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    logtrafficStart string
    Record logs when a session starts. Valid values: disable, enable.
    mmsProfile string
    Name of an existing MMS profile.
    name string
    Policy name.
    nat46 string
    Enable/disable NAT46. Valid values: disable, enable.
    nat64 string
    Enable/disable NAT64. Valid values: disable, enable.
    packagesPblockFirewallSecuritypolicyId string
    an identifier for the resource with format {{policyid}}.
    policyid number
    Policy ID.
    profileGroup string
    Name of profile group.
    profileProtocolOptions string
    Name of an existing Protocol options profile.
    profileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    schedule string
    Schedule name.
    scopetype string
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    sctpFilterProfile string
    Name of an existing SCTP filter profile.
    sendDenyPacket string
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    serviceNegate string
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    services string[]
    Service and service group names.
    srcaddr4s string[]
    Source IPv4 address name and address group names.
    srcaddr6Negate string
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddr6s string[]
    Source IPv6 address name and address group names.
    srcaddrNegate string
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddrs string[]
    Source IPv4 address name and address group names.
    srcintfs string[]
    Incoming (ingress) interface.
    sshFilterProfile string
    Name of an existing SSH filter profile.
    sslSshProfile string
    Name of an existing SSL SSH profile.
    status string
    Enable or disable this policy. Valid values: disable, enable.
    urlCategories string[]
    URL category ID list.
    users string[]
    Names of individual users that can authenticate with this policy.
    utmStatus string
    Enable security profiles. Valid values: disable, enable.
    uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    videofilterProfile string
    Name of an existing VideoFilter profile.
    virtualPatchProfile string
    Name of an existing virtual-patch profile.
    voipProfile string
    Name of an existing VoIP profile.
    webfilterProfile string
    Name of an existing Web filter profile.
    pblock str
    Pblock.
    _policy_block float
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    action str
    Policy action (accept/deny). Valid values: deny, accept.
    adom str
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    app_categories Sequence[str]
    Application category ID list.
    app_groups Sequence[str]
    Application group names.
    application_list str
    Name of an existing Application list.
    applications Sequence[float]
    Application ID list.
    av_profile str
    Name of an existing Antivirus profile.
    casb_profile str
    Name of an existing CASB profile.
    cifs_profile str
    Name of an existing CIFS profile.
    comments str
    Comment.
    diameter_filter_profile str
    Name of an existing Diameter filter profile.
    dlp_profile str
    Name of an existing DLP profile.
    dlp_sensor str
    Name of an existing DLP sensor.
    dnsfilter_profile str
    Name of an existing DNS filter profile.
    dstaddr4s Sequence[str]
    Destination IPv4 address name and address group names.
    dstaddr6_negate str
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddr6s Sequence[str]
    Destination IPv6 address name and address group names.
    dstaddr_negate str
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddrs Sequence[str]
    Destination IPv4 address name and address group names.
    dstintfs Sequence[str]
    Outgoing (egress) interface.
    emailfilter_profile str
    Name of an existing email filter profile.
    enforce_default_app_port str
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    file_filter_profile str
    Name of an existing file-filter profile.
    fsso_groups Sequence[str]
    Names of FSSO groups.
    global_label str
    Label for the policy that appears when the GUI is in Global View mode.
    groups Sequence[str]
    Names of user groups that can authenticate with this policy.
    icap_profile str
    Name of an existing ICAP profile.
    internet_service str
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    internet_service6 str
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    internet_service6_custom_groups Sequence[str]
    Custom IPv6 Internet Service group name.
    internet_service6_customs Sequence[str]
    Custom IPv6 Internet Service name.
    internet_service6_groups Sequence[str]
    Internet Service group name.
    internet_service6_names Sequence[str]
    IPv6 Internet Service name.
    internet_service6_negate str
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    internet_service6_src str
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internet_service6_src_custom_groups Sequence[str]
    Custom Internet Service6 source group name.
    internet_service6_src_customs Sequence[str]
    Custom IPv6 Internet Service source name.
    internet_service6_src_groups Sequence[str]
    Internet Service6 source group name.
    internet_service6_src_names Sequence[str]
    IPv6 Internet Service source name.
    internet_service6_src_negate str
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    internet_service_custom_groups Sequence[str]
    Custom Internet Service group name.
    internet_service_customs Sequence[str]
    Custom Internet Service name.
    internet_service_groups Sequence[str]
    Internet Service group name.
    internet_service_ids Sequence[str]
    Internet Service ID.
    internet_service_names Sequence[str]
    Internet Service name.
    internet_service_negate str
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    internet_service_src str
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internet_service_src_custom_groups Sequence[str]
    Custom Internet Service source group name.
    internet_service_src_customs Sequence[str]
    Custom Internet Service source name.
    internet_service_src_groups Sequence[str]
    Internet Service source group name.
    internet_service_src_ids Sequence[str]
    Internet Service source ID.
    internet_service_src_names Sequence[str]
    Internet Service source name.
    internet_service_src_negate str
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    ips_sensor str
    Name of an existing IPS sensor.
    ips_voip_filter str
    Name of an existing VoIP (ips) profile.
    learning_mode str
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    logtraffic str
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    logtraffic_start str
    Record logs when a session starts. Valid values: disable, enable.
    mms_profile str
    Name of an existing MMS profile.
    name str
    Policy name.
    nat46 str
    Enable/disable NAT46. Valid values: disable, enable.
    nat64 str
    Enable/disable NAT64. Valid values: disable, enable.
    packages_pblock_firewall_securitypolicy_id str
    an identifier for the resource with format {{policyid}}.
    policyid float
    Policy ID.
    profile_group str
    Name of profile group.
    profile_protocol_options str
    Name of an existing Protocol options profile.
    profile_type str
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    schedule str
    Schedule name.
    scopetype str
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    sctp_filter_profile str
    Name of an existing SCTP filter profile.
    send_deny_packet str
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    service_negate str
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    services Sequence[str]
    Service and service group names.
    srcaddr4s Sequence[str]
    Source IPv4 address name and address group names.
    srcaddr6_negate str
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddr6s Sequence[str]
    Source IPv6 address name and address group names.
    srcaddr_negate str
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddrs Sequence[str]
    Source IPv4 address name and address group names.
    srcintfs Sequence[str]
    Incoming (ingress) interface.
    ssh_filter_profile str
    Name of an existing SSH filter profile.
    ssl_ssh_profile str
    Name of an existing SSL SSH profile.
    status str
    Enable or disable this policy. Valid values: disable, enable.
    url_categories Sequence[str]
    URL category ID list.
    users Sequence[str]
    Names of individual users that can authenticate with this policy.
    utm_status str
    Enable security profiles. Valid values: disable, enable.
    uuid str
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    videofilter_profile str
    Name of an existing VideoFilter profile.
    virtual_patch_profile str
    Name of an existing virtual-patch profile.
    voip_profile str
    Name of an existing VoIP profile.
    webfilter_profile str
    Name of an existing Web filter profile.
    pblock String
    Pblock.
    _policyBlock Number
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    action String
    Policy action (accept/deny). Valid values: deny, accept.
    adom String
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    appCategories List<String>
    Application category ID list.
    appGroups List<String>
    Application group names.
    applicationList String
    Name of an existing Application list.
    applications List<Number>
    Application ID list.
    avProfile String
    Name of an existing Antivirus profile.
    casbProfile String
    Name of an existing CASB profile.
    cifsProfile String
    Name of an existing CIFS profile.
    comments String
    Comment.
    diameterFilterProfile String
    Name of an existing Diameter filter profile.
    dlpProfile String
    Name of an existing DLP profile.
    dlpSensor String
    Name of an existing DLP sensor.
    dnsfilterProfile String
    Name of an existing DNS filter profile.
    dstaddr4s List<String>
    Destination IPv4 address name and address group names.
    dstaddr6Negate String
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddr6s List<String>
    Destination IPv6 address name and address group names.
    dstaddrNegate String
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddrs List<String>
    Destination IPv4 address name and address group names.
    dstintfs List<String>
    Outgoing (egress) interface.
    emailfilterProfile String
    Name of an existing email filter profile.
    enforceDefaultAppPort String
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    fileFilterProfile String
    Name of an existing file-filter profile.
    fssoGroups List<String>
    Names of FSSO groups.
    globalLabel String
    Label for the policy that appears when the GUI is in Global View mode.
    groups List<String>
    Names of user groups that can authenticate with this policy.
    icapProfile String
    Name of an existing ICAP profile.
    internetService String
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    internetService6 String
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    internetService6CustomGroups List<String>
    Custom IPv6 Internet Service group name.
    internetService6Customs List<String>
    Custom IPv6 Internet Service name.
    internetService6Groups List<String>
    Internet Service group name.
    internetService6Names List<String>
    IPv6 Internet Service name.
    internetService6Negate String
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    internetService6Src String
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetService6SrcCustomGroups List<String>
    Custom Internet Service6 source group name.
    internetService6SrcCustoms List<String>
    Custom IPv6 Internet Service source name.
    internetService6SrcGroups List<String>
    Internet Service6 source group name.
    internetService6SrcNames List<String>
    IPv6 Internet Service source name.
    internetService6SrcNegate String
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceCustomGroups List<String>
    Custom Internet Service group name.
    internetServiceCustoms List<String>
    Custom Internet Service name.
    internetServiceGroups List<String>
    Internet Service group name.
    internetServiceIds List<String>
    Internet Service ID.
    internetServiceNames List<String>
    Internet Service name.
    internetServiceNegate String
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceSrc String
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetServiceSrcCustomGroups List<String>
    Custom Internet Service source group name.
    internetServiceSrcCustoms List<String>
    Custom Internet Service source name.
    internetServiceSrcGroups List<String>
    Internet Service source group name.
    internetServiceSrcIds List<String>
    Internet Service source ID.
    internetServiceSrcNames List<String>
    Internet Service source name.
    internetServiceSrcNegate String
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    ipsSensor String
    Name of an existing IPS sensor.
    ipsVoipFilter String
    Name of an existing VoIP (ips) profile.
    learningMode String
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    logtraffic String
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    logtrafficStart String
    Record logs when a session starts. Valid values: disable, enable.
    mmsProfile String
    Name of an existing MMS profile.
    name String
    Policy name.
    nat46 String
    Enable/disable NAT46. Valid values: disable, enable.
    nat64 String
    Enable/disable NAT64. Valid values: disable, enable.
    packagesPblockFirewallSecuritypolicyId String
    an identifier for the resource with format {{policyid}}.
    policyid Number
    Policy ID.
    profileGroup String
    Name of profile group.
    profileProtocolOptions String
    Name of an existing Protocol options profile.
    profileType String
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    schedule String
    Schedule name.
    scopetype String
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    sctpFilterProfile String
    Name of an existing SCTP filter profile.
    sendDenyPacket String
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    serviceNegate String
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    services List<String>
    Service and service group names.
    srcaddr4s List<String>
    Source IPv4 address name and address group names.
    srcaddr6Negate String
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddr6s List<String>
    Source IPv6 address name and address group names.
    srcaddrNegate String
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddrs List<String>
    Source IPv4 address name and address group names.
    srcintfs List<String>
    Incoming (ingress) interface.
    sshFilterProfile String
    Name of an existing SSH filter profile.
    sslSshProfile String
    Name of an existing SSL SSH profile.
    status String
    Enable or disable this policy. Valid values: disable, enable.
    urlCategories List<String>
    URL category ID list.
    users List<String>
    Names of individual users that can authenticate with this policy.
    utmStatus String
    Enable security profiles. Valid values: disable, enable.
    uuid String
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    videofilterProfile String
    Name of an existing VideoFilter profile.
    virtualPatchProfile String
    Name of an existing virtual-patch profile.
    voipProfile String
    Name of an existing VoIP profile.
    webfilterProfile String
    Name of an existing Web filter profile.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the PackagesPblockFirewallSecuritypolicy resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing PackagesPblockFirewallSecuritypolicy Resource

    Get an existing PackagesPblockFirewallSecuritypolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: PackagesPblockFirewallSecuritypolicyState, opts?: CustomResourceOptions): PackagesPblockFirewallSecuritypolicy
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _policy_block: Optional[float] = None,
        action: Optional[str] = None,
        adom: Optional[str] = None,
        app_categories: Optional[Sequence[str]] = None,
        app_groups: Optional[Sequence[str]] = None,
        application_list: Optional[str] = None,
        applications: Optional[Sequence[float]] = None,
        av_profile: Optional[str] = None,
        casb_profile: Optional[str] = None,
        cifs_profile: Optional[str] = None,
        comments: Optional[str] = None,
        diameter_filter_profile: Optional[str] = None,
        dlp_profile: Optional[str] = None,
        dlp_sensor: Optional[str] = None,
        dnsfilter_profile: Optional[str] = None,
        dstaddr4s: Optional[Sequence[str]] = None,
        dstaddr6_negate: Optional[str] = None,
        dstaddr6s: Optional[Sequence[str]] = None,
        dstaddr_negate: Optional[str] = None,
        dstaddrs: Optional[Sequence[str]] = None,
        dstintfs: Optional[Sequence[str]] = None,
        emailfilter_profile: Optional[str] = None,
        enforce_default_app_port: Optional[str] = None,
        file_filter_profile: Optional[str] = None,
        fsso_groups: Optional[Sequence[str]] = None,
        global_label: Optional[str] = None,
        groups: Optional[Sequence[str]] = None,
        icap_profile: Optional[str] = None,
        internet_service: Optional[str] = None,
        internet_service6: Optional[str] = None,
        internet_service6_custom_groups: Optional[Sequence[str]] = None,
        internet_service6_customs: Optional[Sequence[str]] = None,
        internet_service6_groups: Optional[Sequence[str]] = None,
        internet_service6_names: Optional[Sequence[str]] = None,
        internet_service6_negate: Optional[str] = None,
        internet_service6_src: Optional[str] = None,
        internet_service6_src_custom_groups: Optional[Sequence[str]] = None,
        internet_service6_src_customs: Optional[Sequence[str]] = None,
        internet_service6_src_groups: Optional[Sequence[str]] = None,
        internet_service6_src_names: Optional[Sequence[str]] = None,
        internet_service6_src_negate: Optional[str] = None,
        internet_service_custom_groups: Optional[Sequence[str]] = None,
        internet_service_customs: Optional[Sequence[str]] = None,
        internet_service_groups: Optional[Sequence[str]] = None,
        internet_service_ids: Optional[Sequence[str]] = None,
        internet_service_names: Optional[Sequence[str]] = None,
        internet_service_negate: Optional[str] = None,
        internet_service_src: Optional[str] = None,
        internet_service_src_custom_groups: Optional[Sequence[str]] = None,
        internet_service_src_customs: Optional[Sequence[str]] = None,
        internet_service_src_groups: Optional[Sequence[str]] = None,
        internet_service_src_ids: Optional[Sequence[str]] = None,
        internet_service_src_names: Optional[Sequence[str]] = None,
        internet_service_src_negate: Optional[str] = None,
        ips_sensor: Optional[str] = None,
        ips_voip_filter: Optional[str] = None,
        learning_mode: Optional[str] = None,
        logtraffic: Optional[str] = None,
        logtraffic_start: Optional[str] = None,
        mms_profile: Optional[str] = None,
        name: Optional[str] = None,
        nat46: Optional[str] = None,
        nat64: Optional[str] = None,
        packages_pblock_firewall_securitypolicy_id: Optional[str] = None,
        pblock: Optional[str] = None,
        policyid: Optional[float] = None,
        profile_group: Optional[str] = None,
        profile_protocol_options: Optional[str] = None,
        profile_type: Optional[str] = None,
        schedule: Optional[str] = None,
        scopetype: Optional[str] = None,
        sctp_filter_profile: Optional[str] = None,
        send_deny_packet: Optional[str] = None,
        service_negate: Optional[str] = None,
        services: Optional[Sequence[str]] = None,
        srcaddr4s: Optional[Sequence[str]] = None,
        srcaddr6_negate: Optional[str] = None,
        srcaddr6s: Optional[Sequence[str]] = None,
        srcaddr_negate: Optional[str] = None,
        srcaddrs: Optional[Sequence[str]] = None,
        srcintfs: Optional[Sequence[str]] = None,
        ssh_filter_profile: Optional[str] = None,
        ssl_ssh_profile: Optional[str] = None,
        status: Optional[str] = None,
        url_categories: Optional[Sequence[str]] = None,
        users: Optional[Sequence[str]] = None,
        utm_status: Optional[str] = None,
        uuid: Optional[str] = None,
        videofilter_profile: Optional[str] = None,
        virtual_patch_profile: Optional[str] = None,
        voip_profile: Optional[str] = None,
        webfilter_profile: Optional[str] = None) -> PackagesPblockFirewallSecuritypolicy
    func GetPackagesPblockFirewallSecuritypolicy(ctx *Context, name string, id IDInput, state *PackagesPblockFirewallSecuritypolicyState, opts ...ResourceOption) (*PackagesPblockFirewallSecuritypolicy, error)
    public static PackagesPblockFirewallSecuritypolicy Get(string name, Input<string> id, PackagesPblockFirewallSecuritypolicyState? state, CustomResourceOptions? opts = null)
    public static PackagesPblockFirewallSecuritypolicy get(String name, Output<String> id, PackagesPblockFirewallSecuritypolicyState state, CustomResourceOptions options)
    resources:  _:    type: fortimanager:PackagesPblockFirewallSecuritypolicy    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Action string
    Policy action (accept/deny). Valid values: deny, accept.
    Adom string
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    AppCategories List<string>
    Application category ID list.
    AppGroups List<string>
    Application group names.
    ApplicationList string
    Name of an existing Application list.
    Applications List<double>
    Application ID list.
    AvProfile string
    Name of an existing Antivirus profile.
    CasbProfile string
    Name of an existing CASB profile.
    CifsProfile string
    Name of an existing CIFS profile.
    Comments string
    Comment.
    DiameterFilterProfile string
    Name of an existing Diameter filter profile.
    DlpProfile string
    Name of an existing DLP profile.
    DlpSensor string
    Name of an existing DLP sensor.
    DnsfilterProfile string
    Name of an existing DNS filter profile.
    Dstaddr4s List<string>
    Destination IPv4 address name and address group names.
    Dstaddr6Negate string
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    Dstaddr6s List<string>
    Destination IPv6 address name and address group names.
    DstaddrNegate string
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    Dstaddrs List<string>
    Destination IPv4 address name and address group names.
    Dstintfs List<string>
    Outgoing (egress) interface.
    EmailfilterProfile string
    Name of an existing email filter profile.
    EnforceDefaultAppPort string
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    FileFilterProfile string
    Name of an existing file-filter profile.
    FssoGroups List<string>
    Names of FSSO groups.
    GlobalLabel string
    Label for the policy that appears when the GUI is in Global View mode.
    Groups List<string>
    Names of user groups that can authenticate with this policy.
    IcapProfile string
    Name of an existing ICAP profile.
    InternetService string
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    InternetService6 string
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    InternetService6CustomGroups List<string>
    Custom IPv6 Internet Service group name.
    InternetService6Customs List<string>
    Custom IPv6 Internet Service name.
    InternetService6Groups List<string>
    Internet Service group name.
    InternetService6Names List<string>
    IPv6 Internet Service name.
    InternetService6Negate string
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    InternetService6Src string
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    InternetService6SrcCustomGroups List<string>
    Custom Internet Service6 source group name.
    InternetService6SrcCustoms List<string>
    Custom IPv6 Internet Service source name.
    InternetService6SrcGroups List<string>
    Internet Service6 source group name.
    InternetService6SrcNames List<string>
    IPv6 Internet Service source name.
    InternetService6SrcNegate string
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    InternetServiceCustomGroups List<string>
    Custom Internet Service group name.
    InternetServiceCustoms List<string>
    Custom Internet Service name.
    InternetServiceGroups List<string>
    Internet Service group name.
    InternetServiceIds List<string>
    Internet Service ID.
    InternetServiceNames List<string>
    Internet Service name.
    InternetServiceNegate string
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    InternetServiceSrc string
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    InternetServiceSrcCustomGroups List<string>
    Custom Internet Service source group name.
    InternetServiceSrcCustoms List<string>
    Custom Internet Service source name.
    InternetServiceSrcGroups List<string>
    Internet Service source group name.
    InternetServiceSrcIds List<string>
    Internet Service source ID.
    InternetServiceSrcNames List<string>
    Internet Service source name.
    InternetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    IpsSensor string
    Name of an existing IPS sensor.
    IpsVoipFilter string
    Name of an existing VoIP (ips) profile.
    LearningMode string
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    Logtraffic string
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    LogtrafficStart string
    Record logs when a session starts. Valid values: disable, enable.
    MmsProfile string
    Name of an existing MMS profile.
    Name string
    Policy name.
    Nat46 string
    Enable/disable NAT46. Valid values: disable, enable.
    Nat64 string
    Enable/disable NAT64. Valid values: disable, enable.
    PackagesPblockFirewallSecuritypolicyId string
    an identifier for the resource with format {{policyid}}.
    Pblock string
    Pblock.
    Policyid double
    Policy ID.
    ProfileGroup string
    Name of profile group.
    ProfileProtocolOptions string
    Name of an existing Protocol options profile.
    ProfileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    Schedule string
    Schedule name.
    Scopetype string
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    SctpFilterProfile string
    Name of an existing SCTP filter profile.
    SendDenyPacket string
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    ServiceNegate string
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    Services List<string>
    Service and service group names.
    Srcaddr4s List<string>
    Source IPv4 address name and address group names.
    Srcaddr6Negate string
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    Srcaddr6s List<string>
    Source IPv6 address name and address group names.
    SrcaddrNegate string
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    Srcaddrs List<string>
    Source IPv4 address name and address group names.
    Srcintfs List<string>
    Incoming (ingress) interface.
    SshFilterProfile string
    Name of an existing SSH filter profile.
    SslSshProfile string
    Name of an existing SSL SSH profile.
    Status string
    Enable or disable this policy. Valid values: disable, enable.
    UrlCategories List<string>
    URL category ID list.
    Users List<string>
    Names of individual users that can authenticate with this policy.
    UtmStatus string
    Enable security profiles. Valid values: disable, enable.
    Uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    VideofilterProfile string
    Name of an existing VideoFilter profile.
    VirtualPatchProfile string
    Name of an existing virtual-patch profile.
    VoipProfile string
    Name of an existing VoIP profile.
    WebfilterProfile string
    Name of an existing Web filter profile.
    _policyBlock double
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    Action string
    Policy action (accept/deny). Valid values: deny, accept.
    Adom string
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    AppCategories []string
    Application category ID list.
    AppGroups []string
    Application group names.
    ApplicationList string
    Name of an existing Application list.
    Applications []float64
    Application ID list.
    AvProfile string
    Name of an existing Antivirus profile.
    CasbProfile string
    Name of an existing CASB profile.
    CifsProfile string
    Name of an existing CIFS profile.
    Comments string
    Comment.
    DiameterFilterProfile string
    Name of an existing Diameter filter profile.
    DlpProfile string
    Name of an existing DLP profile.
    DlpSensor string
    Name of an existing DLP sensor.
    DnsfilterProfile string
    Name of an existing DNS filter profile.
    Dstaddr4s []string
    Destination IPv4 address name and address group names.
    Dstaddr6Negate string
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    Dstaddr6s []string
    Destination IPv6 address name and address group names.
    DstaddrNegate string
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    Dstaddrs []string
    Destination IPv4 address name and address group names.
    Dstintfs []string
    Outgoing (egress) interface.
    EmailfilterProfile string
    Name of an existing email filter profile.
    EnforceDefaultAppPort string
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    FileFilterProfile string
    Name of an existing file-filter profile.
    FssoGroups []string
    Names of FSSO groups.
    GlobalLabel string
    Label for the policy that appears when the GUI is in Global View mode.
    Groups []string
    Names of user groups that can authenticate with this policy.
    IcapProfile string
    Name of an existing ICAP profile.
    InternetService string
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    InternetService6 string
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    InternetService6CustomGroups []string
    Custom IPv6 Internet Service group name.
    InternetService6Customs []string
    Custom IPv6 Internet Service name.
    InternetService6Groups []string
    Internet Service group name.
    InternetService6Names []string
    IPv6 Internet Service name.
    InternetService6Negate string
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    InternetService6Src string
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    InternetService6SrcCustomGroups []string
    Custom Internet Service6 source group name.
    InternetService6SrcCustoms []string
    Custom IPv6 Internet Service source name.
    InternetService6SrcGroups []string
    Internet Service6 source group name.
    InternetService6SrcNames []string
    IPv6 Internet Service source name.
    InternetService6SrcNegate string
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    InternetServiceCustomGroups []string
    Custom Internet Service group name.
    InternetServiceCustoms []string
    Custom Internet Service name.
    InternetServiceGroups []string
    Internet Service group name.
    InternetServiceIds []string
    Internet Service ID.
    InternetServiceNames []string
    Internet Service name.
    InternetServiceNegate string
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    InternetServiceSrc string
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    InternetServiceSrcCustomGroups []string
    Custom Internet Service source group name.
    InternetServiceSrcCustoms []string
    Custom Internet Service source name.
    InternetServiceSrcGroups []string
    Internet Service source group name.
    InternetServiceSrcIds []string
    Internet Service source ID.
    InternetServiceSrcNames []string
    Internet Service source name.
    InternetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    IpsSensor string
    Name of an existing IPS sensor.
    IpsVoipFilter string
    Name of an existing VoIP (ips) profile.
    LearningMode string
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    Logtraffic string
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    LogtrafficStart string
    Record logs when a session starts. Valid values: disable, enable.
    MmsProfile string
    Name of an existing MMS profile.
    Name string
    Policy name.
    Nat46 string
    Enable/disable NAT46. Valid values: disable, enable.
    Nat64 string
    Enable/disable NAT64. Valid values: disable, enable.
    PackagesPblockFirewallSecuritypolicyId string
    an identifier for the resource with format {{policyid}}.
    Pblock string
    Pblock.
    Policyid float64
    Policy ID.
    ProfileGroup string
    Name of profile group.
    ProfileProtocolOptions string
    Name of an existing Protocol options profile.
    ProfileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    Schedule string
    Schedule name.
    Scopetype string
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    SctpFilterProfile string
    Name of an existing SCTP filter profile.
    SendDenyPacket string
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    ServiceNegate string
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    Services []string
    Service and service group names.
    Srcaddr4s []string
    Source IPv4 address name and address group names.
    Srcaddr6Negate string
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    Srcaddr6s []string
    Source IPv6 address name and address group names.
    SrcaddrNegate string
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    Srcaddrs []string
    Source IPv4 address name and address group names.
    Srcintfs []string
    Incoming (ingress) interface.
    SshFilterProfile string
    Name of an existing SSH filter profile.
    SslSshProfile string
    Name of an existing SSL SSH profile.
    Status string
    Enable or disable this policy. Valid values: disable, enable.
    UrlCategories []string
    URL category ID list.
    Users []string
    Names of individual users that can authenticate with this policy.
    UtmStatus string
    Enable security profiles. Valid values: disable, enable.
    Uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    VideofilterProfile string
    Name of an existing VideoFilter profile.
    VirtualPatchProfile string
    Name of an existing virtual-patch profile.
    VoipProfile string
    Name of an existing VoIP profile.
    WebfilterProfile string
    Name of an existing Web filter profile.
    _policyBlock float64
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    _policyBlock Double
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    action String
    Policy action (accept/deny). Valid values: deny, accept.
    adom String
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    appCategories List<String>
    Application category ID list.
    appGroups List<String>
    Application group names.
    applicationList String
    Name of an existing Application list.
    applications List<Double>
    Application ID list.
    avProfile String
    Name of an existing Antivirus profile.
    casbProfile String
    Name of an existing CASB profile.
    cifsProfile String
    Name of an existing CIFS profile.
    comments String
    Comment.
    diameterFilterProfile String
    Name of an existing Diameter filter profile.
    dlpProfile String
    Name of an existing DLP profile.
    dlpSensor String
    Name of an existing DLP sensor.
    dnsfilterProfile String
    Name of an existing DNS filter profile.
    dstaddr4s List<String>
    Destination IPv4 address name and address group names.
    dstaddr6Negate String
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddr6s List<String>
    Destination IPv6 address name and address group names.
    dstaddrNegate String
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddrs List<String>
    Destination IPv4 address name and address group names.
    dstintfs List<String>
    Outgoing (egress) interface.
    emailfilterProfile String
    Name of an existing email filter profile.
    enforceDefaultAppPort String
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    fileFilterProfile String
    Name of an existing file-filter profile.
    fssoGroups List<String>
    Names of FSSO groups.
    globalLabel String
    Label for the policy that appears when the GUI is in Global View mode.
    groups List<String>
    Names of user groups that can authenticate with this policy.
    icapProfile String
    Name of an existing ICAP profile.
    internetService String
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    internetService6 String
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    internetService6CustomGroups List<String>
    Custom IPv6 Internet Service group name.
    internetService6Customs List<String>
    Custom IPv6 Internet Service name.
    internetService6Groups List<String>
    Internet Service group name.
    internetService6Names List<String>
    IPv6 Internet Service name.
    internetService6Negate String
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    internetService6Src String
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetService6SrcCustomGroups List<String>
    Custom Internet Service6 source group name.
    internetService6SrcCustoms List<String>
    Custom IPv6 Internet Service source name.
    internetService6SrcGroups List<String>
    Internet Service6 source group name.
    internetService6SrcNames List<String>
    IPv6 Internet Service source name.
    internetService6SrcNegate String
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceCustomGroups List<String>
    Custom Internet Service group name.
    internetServiceCustoms List<String>
    Custom Internet Service name.
    internetServiceGroups List<String>
    Internet Service group name.
    internetServiceIds List<String>
    Internet Service ID.
    internetServiceNames List<String>
    Internet Service name.
    internetServiceNegate String
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceSrc String
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetServiceSrcCustomGroups List<String>
    Custom Internet Service source group name.
    internetServiceSrcCustoms List<String>
    Custom Internet Service source name.
    internetServiceSrcGroups List<String>
    Internet Service source group name.
    internetServiceSrcIds List<String>
    Internet Service source ID.
    internetServiceSrcNames List<String>
    Internet Service source name.
    internetServiceSrcNegate String
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    ipsSensor String
    Name of an existing IPS sensor.
    ipsVoipFilter String
    Name of an existing VoIP (ips) profile.
    learningMode String
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    logtraffic String
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    logtrafficStart String
    Record logs when a session starts. Valid values: disable, enable.
    mmsProfile String
    Name of an existing MMS profile.
    name String
    Policy name.
    nat46 String
    Enable/disable NAT46. Valid values: disable, enable.
    nat64 String
    Enable/disable NAT64. Valid values: disable, enable.
    packagesPblockFirewallSecuritypolicyId String
    an identifier for the resource with format {{policyid}}.
    pblock String
    Pblock.
    policyid Double
    Policy ID.
    profileGroup String
    Name of profile group.
    profileProtocolOptions String
    Name of an existing Protocol options profile.
    profileType String
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    schedule String
    Schedule name.
    scopetype String
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    sctpFilterProfile String
    Name of an existing SCTP filter profile.
    sendDenyPacket String
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    serviceNegate String
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    services List<String>
    Service and service group names.
    srcaddr4s List<String>
    Source IPv4 address name and address group names.
    srcaddr6Negate String
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddr6s List<String>
    Source IPv6 address name and address group names.
    srcaddrNegate String
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddrs List<String>
    Source IPv4 address name and address group names.
    srcintfs List<String>
    Incoming (ingress) interface.
    sshFilterProfile String
    Name of an existing SSH filter profile.
    sslSshProfile String
    Name of an existing SSL SSH profile.
    status String
    Enable or disable this policy. Valid values: disable, enable.
    urlCategories List<String>
    URL category ID list.
    users List<String>
    Names of individual users that can authenticate with this policy.
    utmStatus String
    Enable security profiles. Valid values: disable, enable.
    uuid String
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    videofilterProfile String
    Name of an existing VideoFilter profile.
    virtualPatchProfile String
    Name of an existing virtual-patch profile.
    voipProfile String
    Name of an existing VoIP profile.
    webfilterProfile String
    Name of an existing Web filter profile.
    _policyBlock number
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    action string
    Policy action (accept/deny). Valid values: deny, accept.
    adom string
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    appCategories string[]
    Application category ID list.
    appGroups string[]
    Application group names.
    applicationList string
    Name of an existing Application list.
    applications number[]
    Application ID list.
    avProfile string
    Name of an existing Antivirus profile.
    casbProfile string
    Name of an existing CASB profile.
    cifsProfile string
    Name of an existing CIFS profile.
    comments string
    Comment.
    diameterFilterProfile string
    Name of an existing Diameter filter profile.
    dlpProfile string
    Name of an existing DLP profile.
    dlpSensor string
    Name of an existing DLP sensor.
    dnsfilterProfile string
    Name of an existing DNS filter profile.
    dstaddr4s string[]
    Destination IPv4 address name and address group names.
    dstaddr6Negate string
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddr6s string[]
    Destination IPv6 address name and address group names.
    dstaddrNegate string
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddrs string[]
    Destination IPv4 address name and address group names.
    dstintfs string[]
    Outgoing (egress) interface.
    emailfilterProfile string
    Name of an existing email filter profile.
    enforceDefaultAppPort string
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    fileFilterProfile string
    Name of an existing file-filter profile.
    fssoGroups string[]
    Names of FSSO groups.
    globalLabel string
    Label for the policy that appears when the GUI is in Global View mode.
    groups string[]
    Names of user groups that can authenticate with this policy.
    icapProfile string
    Name of an existing ICAP profile.
    internetService string
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    internetService6 string
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    internetService6CustomGroups string[]
    Custom IPv6 Internet Service group name.
    internetService6Customs string[]
    Custom IPv6 Internet Service name.
    internetService6Groups string[]
    Internet Service group name.
    internetService6Names string[]
    IPv6 Internet Service name.
    internetService6Negate string
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    internetService6Src string
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetService6SrcCustomGroups string[]
    Custom Internet Service6 source group name.
    internetService6SrcCustoms string[]
    Custom IPv6 Internet Service source name.
    internetService6SrcGroups string[]
    Internet Service6 source group name.
    internetService6SrcNames string[]
    IPv6 Internet Service source name.
    internetService6SrcNegate string
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceCustomGroups string[]
    Custom Internet Service group name.
    internetServiceCustoms string[]
    Custom Internet Service name.
    internetServiceGroups string[]
    Internet Service group name.
    internetServiceIds string[]
    Internet Service ID.
    internetServiceNames string[]
    Internet Service name.
    internetServiceNegate string
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceSrc string
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetServiceSrcCustomGroups string[]
    Custom Internet Service source group name.
    internetServiceSrcCustoms string[]
    Custom Internet Service source name.
    internetServiceSrcGroups string[]
    Internet Service source group name.
    internetServiceSrcIds string[]
    Internet Service source ID.
    internetServiceSrcNames string[]
    Internet Service source name.
    internetServiceSrcNegate string
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    ipsSensor string
    Name of an existing IPS sensor.
    ipsVoipFilter string
    Name of an existing VoIP (ips) profile.
    learningMode string
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    logtraffic string
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    logtrafficStart string
    Record logs when a session starts. Valid values: disable, enable.
    mmsProfile string
    Name of an existing MMS profile.
    name string
    Policy name.
    nat46 string
    Enable/disable NAT46. Valid values: disable, enable.
    nat64 string
    Enable/disable NAT64. Valid values: disable, enable.
    packagesPblockFirewallSecuritypolicyId string
    an identifier for the resource with format {{policyid}}.
    pblock string
    Pblock.
    policyid number
    Policy ID.
    profileGroup string
    Name of profile group.
    profileProtocolOptions string
    Name of an existing Protocol options profile.
    profileType string
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    schedule string
    Schedule name.
    scopetype string
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    sctpFilterProfile string
    Name of an existing SCTP filter profile.
    sendDenyPacket string
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    serviceNegate string
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    services string[]
    Service and service group names.
    srcaddr4s string[]
    Source IPv4 address name and address group names.
    srcaddr6Negate string
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddr6s string[]
    Source IPv6 address name and address group names.
    srcaddrNegate string
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddrs string[]
    Source IPv4 address name and address group names.
    srcintfs string[]
    Incoming (ingress) interface.
    sshFilterProfile string
    Name of an existing SSH filter profile.
    sslSshProfile string
    Name of an existing SSL SSH profile.
    status string
    Enable or disable this policy. Valid values: disable, enable.
    urlCategories string[]
    URL category ID list.
    users string[]
    Names of individual users that can authenticate with this policy.
    utmStatus string
    Enable security profiles. Valid values: disable, enable.
    uuid string
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    videofilterProfile string
    Name of an existing VideoFilter profile.
    virtualPatchProfile string
    Name of an existing virtual-patch profile.
    voipProfile string
    Name of an existing VoIP profile.
    webfilterProfile string
    Name of an existing Web filter profile.
    _policy_block float
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    action str
    Policy action (accept/deny). Valid values: deny, accept.
    adom str
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    app_categories Sequence[str]
    Application category ID list.
    app_groups Sequence[str]
    Application group names.
    application_list str
    Name of an existing Application list.
    applications Sequence[float]
    Application ID list.
    av_profile str
    Name of an existing Antivirus profile.
    casb_profile str
    Name of an existing CASB profile.
    cifs_profile str
    Name of an existing CIFS profile.
    comments str
    Comment.
    diameter_filter_profile str
    Name of an existing Diameter filter profile.
    dlp_profile str
    Name of an existing DLP profile.
    dlp_sensor str
    Name of an existing DLP sensor.
    dnsfilter_profile str
    Name of an existing DNS filter profile.
    dstaddr4s Sequence[str]
    Destination IPv4 address name and address group names.
    dstaddr6_negate str
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddr6s Sequence[str]
    Destination IPv6 address name and address group names.
    dstaddr_negate str
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddrs Sequence[str]
    Destination IPv4 address name and address group names.
    dstintfs Sequence[str]
    Outgoing (egress) interface.
    emailfilter_profile str
    Name of an existing email filter profile.
    enforce_default_app_port str
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    file_filter_profile str
    Name of an existing file-filter profile.
    fsso_groups Sequence[str]
    Names of FSSO groups.
    global_label str
    Label for the policy that appears when the GUI is in Global View mode.
    groups Sequence[str]
    Names of user groups that can authenticate with this policy.
    icap_profile str
    Name of an existing ICAP profile.
    internet_service str
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    internet_service6 str
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    internet_service6_custom_groups Sequence[str]
    Custom IPv6 Internet Service group name.
    internet_service6_customs Sequence[str]
    Custom IPv6 Internet Service name.
    internet_service6_groups Sequence[str]
    Internet Service group name.
    internet_service6_names Sequence[str]
    IPv6 Internet Service name.
    internet_service6_negate str
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    internet_service6_src str
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internet_service6_src_custom_groups Sequence[str]
    Custom Internet Service6 source group name.
    internet_service6_src_customs Sequence[str]
    Custom IPv6 Internet Service source name.
    internet_service6_src_groups Sequence[str]
    Internet Service6 source group name.
    internet_service6_src_names Sequence[str]
    IPv6 Internet Service source name.
    internet_service6_src_negate str
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    internet_service_custom_groups Sequence[str]
    Custom Internet Service group name.
    internet_service_customs Sequence[str]
    Custom Internet Service name.
    internet_service_groups Sequence[str]
    Internet Service group name.
    internet_service_ids Sequence[str]
    Internet Service ID.
    internet_service_names Sequence[str]
    Internet Service name.
    internet_service_negate str
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    internet_service_src str
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internet_service_src_custom_groups Sequence[str]
    Custom Internet Service source group name.
    internet_service_src_customs Sequence[str]
    Custom Internet Service source name.
    internet_service_src_groups Sequence[str]
    Internet Service source group name.
    internet_service_src_ids Sequence[str]
    Internet Service source ID.
    internet_service_src_names Sequence[str]
    Internet Service source name.
    internet_service_src_negate str
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    ips_sensor str
    Name of an existing IPS sensor.
    ips_voip_filter str
    Name of an existing VoIP (ips) profile.
    learning_mode str
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    logtraffic str
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    logtraffic_start str
    Record logs when a session starts. Valid values: disable, enable.
    mms_profile str
    Name of an existing MMS profile.
    name str
    Policy name.
    nat46 str
    Enable/disable NAT46. Valid values: disable, enable.
    nat64 str
    Enable/disable NAT64. Valid values: disable, enable.
    packages_pblock_firewall_securitypolicy_id str
    an identifier for the resource with format {{policyid}}.
    pblock str
    Pblock.
    policyid float
    Policy ID.
    profile_group str
    Name of profile group.
    profile_protocol_options str
    Name of an existing Protocol options profile.
    profile_type str
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    schedule str
    Schedule name.
    scopetype str
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    sctp_filter_profile str
    Name of an existing SCTP filter profile.
    send_deny_packet str
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    service_negate str
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    services Sequence[str]
    Service and service group names.
    srcaddr4s Sequence[str]
    Source IPv4 address name and address group names.
    srcaddr6_negate str
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddr6s Sequence[str]
    Source IPv6 address name and address group names.
    srcaddr_negate str
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddrs Sequence[str]
    Source IPv4 address name and address group names.
    srcintfs Sequence[str]
    Incoming (ingress) interface.
    ssh_filter_profile str
    Name of an existing SSH filter profile.
    ssl_ssh_profile str
    Name of an existing SSL SSH profile.
    status str
    Enable or disable this policy. Valid values: disable, enable.
    url_categories Sequence[str]
    URL category ID list.
    users Sequence[str]
    Names of individual users that can authenticate with this policy.
    utm_status str
    Enable security profiles. Valid values: disable, enable.
    uuid str
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    videofilter_profile str
    Name of an existing VideoFilter profile.
    virtual_patch_profile str
    Name of an existing virtual-patch profile.
    voip_profile str
    Name of an existing VoIP profile.
    webfilter_profile str
    Name of an existing Web filter profile.
    _policyBlock Number
    Assigned policy block. When this attribute is set, the policy represent a policy block, and all other attributes are ignored. This attribute is not available when configuring policy inside a policy block.
    action String
    Policy action (accept/deny). Valid values: deny, accept.
    adom String
    Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
    appCategories List<String>
    Application category ID list.
    appGroups List<String>
    Application group names.
    applicationList String
    Name of an existing Application list.
    applications List<Number>
    Application ID list.
    avProfile String
    Name of an existing Antivirus profile.
    casbProfile String
    Name of an existing CASB profile.
    cifsProfile String
    Name of an existing CIFS profile.
    comments String
    Comment.
    diameterFilterProfile String
    Name of an existing Diameter filter profile.
    dlpProfile String
    Name of an existing DLP profile.
    dlpSensor String
    Name of an existing DLP sensor.
    dnsfilterProfile String
    Name of an existing DNS filter profile.
    dstaddr4s List<String>
    Destination IPv4 address name and address group names.
    dstaddr6Negate String
    When enabled dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddr6s List<String>
    Destination IPv6 address name and address group names.
    dstaddrNegate String
    When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. Valid values: disable, enable.
    dstaddrs List<String>
    Destination IPv4 address name and address group names.
    dstintfs List<String>
    Outgoing (egress) interface.
    emailfilterProfile String
    Name of an existing email filter profile.
    enforceDefaultAppPort String
    Enable/disable default application port enforcement for allowed applications. Valid values: disable, enable.
    fileFilterProfile String
    Name of an existing file-filter profile.
    fssoGroups List<String>
    Names of FSSO groups.
    globalLabel String
    Label for the policy that appears when the GUI is in Global View mode.
    groups List<String>
    Names of user groups that can authenticate with this policy.
    icapProfile String
    Name of an existing ICAP profile.
    internetService String
    Enable/disable use of Internet Services for this policy. If enabled, destination address and service are not used. Valid values: disable, enable.
    internetService6 String
    Enable/disable use of IPv6 Internet Services for this policy. If enabled, destination address, service and default application port enforcement are not used. Valid values: disable, enable.
    internetService6CustomGroups List<String>
    Custom IPv6 Internet Service group name.
    internetService6Customs List<String>
    Custom IPv6 Internet Service name.
    internetService6Groups List<String>
    Internet Service group name.
    internetService6Names List<String>
    IPv6 Internet Service name.
    internetService6Negate String
    When enabled internet-service6 specifies what the service must NOT be. Valid values: disable, enable.
    internetService6Src String
    Enable/disable use of IPv6 Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetService6SrcCustomGroups List<String>
    Custom Internet Service6 source group name.
    internetService6SrcCustoms List<String>
    Custom IPv6 Internet Service source name.
    internetService6SrcGroups List<String>
    Internet Service6 source group name.
    internetService6SrcNames List<String>
    IPv6 Internet Service source name.
    internetService6SrcNegate String
    When enabled internet-service6-src specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceCustomGroups List<String>
    Custom Internet Service group name.
    internetServiceCustoms List<String>
    Custom Internet Service name.
    internetServiceGroups List<String>
    Internet Service group name.
    internetServiceIds List<String>
    Internet Service ID.
    internetServiceNames List<String>
    Internet Service name.
    internetServiceNegate String
    When enabled internet-service specifies what the service must NOT be. Valid values: disable, enable.
    internetServiceSrc String
    Enable/disable use of Internet Services in source for this policy. If enabled, source address is not used. Valid values: disable, enable.
    internetServiceSrcCustomGroups List<String>
    Custom Internet Service source group name.
    internetServiceSrcCustoms List<String>
    Custom Internet Service source name.
    internetServiceSrcGroups List<String>
    Internet Service source group name.
    internetServiceSrcIds List<String>
    Internet Service source ID.
    internetServiceSrcNames List<String>
    Internet Service source name.
    internetServiceSrcNegate String
    When enabled internet-service-src specifies what the service must NOT be. Valid values: disable, enable.
    ipsSensor String
    Name of an existing IPS sensor.
    ipsVoipFilter String
    Name of an existing VoIP (ips) profile.
    learningMode String
    Enable to allow everything, but log all of the meaningful data for security information gathering. A learning report will be generated. Valid values: disable, enable.
    logtraffic String
    Enable or disable logging. Log all sessions or security profile sessions. Valid values: disable, all, utm.
    logtrafficStart String
    Record logs when a session starts. Valid values: disable, enable.
    mmsProfile String
    Name of an existing MMS profile.
    name String
    Policy name.
    nat46 String
    Enable/disable NAT46. Valid values: disable, enable.
    nat64 String
    Enable/disable NAT64. Valid values: disable, enable.
    packagesPblockFirewallSecuritypolicyId String
    an identifier for the resource with format {{policyid}}.
    pblock String
    Pblock.
    policyid Number
    Policy ID.
    profileGroup String
    Name of profile group.
    profileProtocolOptions String
    Name of an existing Protocol options profile.
    profileType String
    Determine whether the firewall policy allows security profile groups or single profiles only. Valid values: single, group.
    schedule String
    Schedule name.
    scopetype String
    The scope of application of the resource. Valid values: inherit, adom. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
    sctpFilterProfile String
    Name of an existing SCTP filter profile.
    sendDenyPacket String
    Enable to send a reply when a session is denied or blocked by a firewall policy. Valid values: disable, enable.
    serviceNegate String
    When enabled service specifies what the service must NOT be. Valid values: disable, enable.
    services List<String>
    Service and service group names.
    srcaddr4s List<String>
    Source IPv4 address name and address group names.
    srcaddr6Negate String
    When enabled srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddr6s List<String>
    Source IPv6 address name and address group names.
    srcaddrNegate String
    When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. Valid values: disable, enable.
    srcaddrs List<String>
    Source IPv4 address name and address group names.
    srcintfs List<String>
    Incoming (ingress) interface.
    sshFilterProfile String
    Name of an existing SSH filter profile.
    sslSshProfile String
    Name of an existing SSL SSH profile.
    status String
    Enable or disable this policy. Valid values: disable, enable.
    urlCategories List<String>
    URL category ID list.
    users List<String>
    Names of individual users that can authenticate with this policy.
    utmStatus String
    Enable security profiles. Valid values: disable, enable.
    uuid String
    Universally Unique Identifier (UUID; automatically assigned but can be manually reset).
    videofilterProfile String
    Name of an existing VideoFilter profile.
    virtualPatchProfile String
    Name of an existing virtual-patch profile.
    voipProfile String
    Name of an existing VoIP profile.
    webfilterProfile String
    Name of an existing Web filter profile.

    Import

    Packages PblockFirewallSecurityPolicy can be imported using any of these accepted formats:

    Set import_options = [“pblock=YOUR_VALUE”] in the provider section.

    $ export “FORTIMANAGER_IMPORT_TABLE”=“true”

    $ pulumi import fortimanager:index/packagesPblockFirewallSecuritypolicy:PackagesPblockFirewallSecuritypolicy labelname {{policyid}}

    $ unset “FORTIMANAGER_IMPORT_TABLE”

    -> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    fortimanager fortinetdev/terraform-provider-fortimanager
    License
    Notes
    This Pulumi package is based on the fortimanager Terraform Provider.
    fortimanager logo
    fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev
    fortinetdev/terraform-provider-fortimanager