fortios.webproxy.Explicit
Explore with Pulumi AI
Configure explicit Web proxy settings.
Create Explicit Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Explicit(name: string, args?: ExplicitArgs, opts?: CustomResourceOptions);
@overload
def Explicit(resource_name: str,
args: Optional[ExplicitArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Explicit(resource_name: str,
opts: Optional[ResourceOptions] = None,
client_cert: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
empty_cert_action: Optional[str] = None,
ftp_incoming_port: Optional[str] = None,
ftp_over_http: Optional[str] = None,
get_all_tables: Optional[str] = None,
http_connection_mode: Optional[str] = None,
http_incoming_port: Optional[str] = None,
https_incoming_port: Optional[str] = None,
https_replacement_message: Optional[str] = None,
incoming_ip: Optional[str] = None,
incoming_ip6: Optional[str] = None,
ipv6_status: Optional[str] = None,
message_upon_server_error: Optional[str] = None,
outgoing_ip: Optional[str] = None,
outgoing_ip6: Optional[str] = None,
pac_file_data: Optional[str] = None,
pac_file_name: Optional[str] = None,
pac_file_server_port: Optional[str] = None,
pac_file_server_status: Optional[str] = None,
pac_file_through_https: Optional[str] = None,
pac_file_url: Optional[str] = None,
pac_policies: Optional[Sequence[ExplicitPacPolicyArgs]] = None,
pref_dns_result: Optional[str] = None,
realm: Optional[str] = None,
sec_default_action: Optional[str] = None,
secure_web_proxy: Optional[str] = None,
secure_web_proxy_certs: Optional[Sequence[ExplicitSecureWebProxyCertArgs]] = None,
socks: Optional[str] = None,
socks_incoming_port: Optional[str] = None,
ssl_algorithm: Optional[str] = None,
ssl_dh_bits: Optional[str] = None,
status: Optional[str] = None,
strict_guest: Optional[str] = None,
trace_auth_no_rsp: Optional[str] = None,
unknown_http_version: Optional[str] = None,
user_agent_detect: Optional[str] = None,
vdomparam: Optional[str] = None)
func NewExplicit(ctx *Context, name string, args *ExplicitArgs, opts ...ResourceOption) (*Explicit, error)
public Explicit(string name, ExplicitArgs? args = null, CustomResourceOptions? opts = null)
public Explicit(String name, ExplicitArgs args)
public Explicit(String name, ExplicitArgs args, CustomResourceOptions options)
type: fortios:webproxy:Explicit
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ExplicitArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ExplicitArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ExplicitArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ExplicitArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ExplicitArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var fortiosExplicitResource = new Fortios.Webproxy.Explicit("fortiosExplicitResource", new()
{
ClientCert = "string",
DynamicSortSubtable = "string",
EmptyCertAction = "string",
FtpIncomingPort = "string",
FtpOverHttp = "string",
GetAllTables = "string",
HttpConnectionMode = "string",
HttpIncomingPort = "string",
HttpsIncomingPort = "string",
HttpsReplacementMessage = "string",
IncomingIp = "string",
IncomingIp6 = "string",
Ipv6Status = "string",
MessageUponServerError = "string",
OutgoingIp = "string",
OutgoingIp6 = "string",
PacFileData = "string",
PacFileName = "string",
PacFileServerPort = "string",
PacFileServerStatus = "string",
PacFileThroughHttps = "string",
PacFileUrl = "string",
PacPolicies = new[]
{
new Fortios.Webproxy.Inputs.ExplicitPacPolicyArgs
{
Comments = "string",
Dstaddrs = new[]
{
new Fortios.Webproxy.Inputs.ExplicitPacPolicyDstaddrArgs
{
Name = "string",
},
},
PacFileData = "string",
PacFileName = "string",
Policyid = 0,
Srcaddr6s = new[]
{
new Fortios.Webproxy.Inputs.ExplicitPacPolicySrcaddr6Args
{
Name = "string",
},
},
Srcaddrs = new[]
{
new Fortios.Webproxy.Inputs.ExplicitPacPolicySrcaddrArgs
{
Name = "string",
},
},
Status = "string",
},
},
PrefDnsResult = "string",
Realm = "string",
SecDefaultAction = "string",
SecureWebProxy = "string",
SecureWebProxyCerts = new[]
{
new Fortios.Webproxy.Inputs.ExplicitSecureWebProxyCertArgs
{
Name = "string",
},
},
Socks = "string",
SocksIncomingPort = "string",
SslAlgorithm = "string",
SslDhBits = "string",
Status = "string",
StrictGuest = "string",
TraceAuthNoRsp = "string",
UnknownHttpVersion = "string",
UserAgentDetect = "string",
Vdomparam = "string",
});
example, err := webproxy.NewExplicit(ctx, "fortiosExplicitResource", &webproxy.ExplicitArgs{
ClientCert: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
EmptyCertAction: pulumi.String("string"),
FtpIncomingPort: pulumi.String("string"),
FtpOverHttp: pulumi.String("string"),
GetAllTables: pulumi.String("string"),
HttpConnectionMode: pulumi.String("string"),
HttpIncomingPort: pulumi.String("string"),
HttpsIncomingPort: pulumi.String("string"),
HttpsReplacementMessage: pulumi.String("string"),
IncomingIp: pulumi.String("string"),
IncomingIp6: pulumi.String("string"),
Ipv6Status: pulumi.String("string"),
MessageUponServerError: pulumi.String("string"),
OutgoingIp: pulumi.String("string"),
OutgoingIp6: pulumi.String("string"),
PacFileData: pulumi.String("string"),
PacFileName: pulumi.String("string"),
PacFileServerPort: pulumi.String("string"),
PacFileServerStatus: pulumi.String("string"),
PacFileThroughHttps: pulumi.String("string"),
PacFileUrl: pulumi.String("string"),
PacPolicies: webproxy.ExplicitPacPolicyArray{
&webproxy.ExplicitPacPolicyArgs{
Comments: pulumi.String("string"),
Dstaddrs: webproxy.ExplicitPacPolicyDstaddrArray{
&webproxy.ExplicitPacPolicyDstaddrArgs{
Name: pulumi.String("string"),
},
},
PacFileData: pulumi.String("string"),
PacFileName: pulumi.String("string"),
Policyid: pulumi.Int(0),
Srcaddr6s: webproxy.ExplicitPacPolicySrcaddr6Array{
&webproxy.ExplicitPacPolicySrcaddr6Args{
Name: pulumi.String("string"),
},
},
Srcaddrs: webproxy.ExplicitPacPolicySrcaddrArray{
&webproxy.ExplicitPacPolicySrcaddrArgs{
Name: pulumi.String("string"),
},
},
Status: pulumi.String("string"),
},
},
PrefDnsResult: pulumi.String("string"),
Realm: pulumi.String("string"),
SecDefaultAction: pulumi.String("string"),
SecureWebProxy: pulumi.String("string"),
SecureWebProxyCerts: webproxy.ExplicitSecureWebProxyCertArray{
&webproxy.ExplicitSecureWebProxyCertArgs{
Name: pulumi.String("string"),
},
},
Socks: pulumi.String("string"),
SocksIncomingPort: pulumi.String("string"),
SslAlgorithm: pulumi.String("string"),
SslDhBits: pulumi.String("string"),
Status: pulumi.String("string"),
StrictGuest: pulumi.String("string"),
TraceAuthNoRsp: pulumi.String("string"),
UnknownHttpVersion: pulumi.String("string"),
UserAgentDetect: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
})
var fortiosExplicitResource = new Explicit("fortiosExplicitResource", ExplicitArgs.builder()
.clientCert("string")
.dynamicSortSubtable("string")
.emptyCertAction("string")
.ftpIncomingPort("string")
.ftpOverHttp("string")
.getAllTables("string")
.httpConnectionMode("string")
.httpIncomingPort("string")
.httpsIncomingPort("string")
.httpsReplacementMessage("string")
.incomingIp("string")
.incomingIp6("string")
.ipv6Status("string")
.messageUponServerError("string")
.outgoingIp("string")
.outgoingIp6("string")
.pacFileData("string")
.pacFileName("string")
.pacFileServerPort("string")
.pacFileServerStatus("string")
.pacFileThroughHttps("string")
.pacFileUrl("string")
.pacPolicies(ExplicitPacPolicyArgs.builder()
.comments("string")
.dstaddrs(ExplicitPacPolicyDstaddrArgs.builder()
.name("string")
.build())
.pacFileData("string")
.pacFileName("string")
.policyid(0)
.srcaddr6s(ExplicitPacPolicySrcaddr6Args.builder()
.name("string")
.build())
.srcaddrs(ExplicitPacPolicySrcaddrArgs.builder()
.name("string")
.build())
.status("string")
.build())
.prefDnsResult("string")
.realm("string")
.secDefaultAction("string")
.secureWebProxy("string")
.secureWebProxyCerts(ExplicitSecureWebProxyCertArgs.builder()
.name("string")
.build())
.socks("string")
.socksIncomingPort("string")
.sslAlgorithm("string")
.sslDhBits("string")
.status("string")
.strictGuest("string")
.traceAuthNoRsp("string")
.unknownHttpVersion("string")
.userAgentDetect("string")
.vdomparam("string")
.build());
fortios_explicit_resource = fortios.webproxy.Explicit("fortiosExplicitResource",
client_cert="string",
dynamic_sort_subtable="string",
empty_cert_action="string",
ftp_incoming_port="string",
ftp_over_http="string",
get_all_tables="string",
http_connection_mode="string",
http_incoming_port="string",
https_incoming_port="string",
https_replacement_message="string",
incoming_ip="string",
incoming_ip6="string",
ipv6_status="string",
message_upon_server_error="string",
outgoing_ip="string",
outgoing_ip6="string",
pac_file_data="string",
pac_file_name="string",
pac_file_server_port="string",
pac_file_server_status="string",
pac_file_through_https="string",
pac_file_url="string",
pac_policies=[fortios.webproxy.ExplicitPacPolicyArgs(
comments="string",
dstaddrs=[fortios.webproxy.ExplicitPacPolicyDstaddrArgs(
name="string",
)],
pac_file_data="string",
pac_file_name="string",
policyid=0,
srcaddr6s=[fortios.webproxy.ExplicitPacPolicySrcaddr6Args(
name="string",
)],
srcaddrs=[fortios.webproxy.ExplicitPacPolicySrcaddrArgs(
name="string",
)],
status="string",
)],
pref_dns_result="string",
realm="string",
sec_default_action="string",
secure_web_proxy="string",
secure_web_proxy_certs=[fortios.webproxy.ExplicitSecureWebProxyCertArgs(
name="string",
)],
socks="string",
socks_incoming_port="string",
ssl_algorithm="string",
ssl_dh_bits="string",
status="string",
strict_guest="string",
trace_auth_no_rsp="string",
unknown_http_version="string",
user_agent_detect="string",
vdomparam="string")
const fortiosExplicitResource = new fortios.webproxy.Explicit("fortiosExplicitResource", {
clientCert: "string",
dynamicSortSubtable: "string",
emptyCertAction: "string",
ftpIncomingPort: "string",
ftpOverHttp: "string",
getAllTables: "string",
httpConnectionMode: "string",
httpIncomingPort: "string",
httpsIncomingPort: "string",
httpsReplacementMessage: "string",
incomingIp: "string",
incomingIp6: "string",
ipv6Status: "string",
messageUponServerError: "string",
outgoingIp: "string",
outgoingIp6: "string",
pacFileData: "string",
pacFileName: "string",
pacFileServerPort: "string",
pacFileServerStatus: "string",
pacFileThroughHttps: "string",
pacFileUrl: "string",
pacPolicies: [{
comments: "string",
dstaddrs: [{
name: "string",
}],
pacFileData: "string",
pacFileName: "string",
policyid: 0,
srcaddr6s: [{
name: "string",
}],
srcaddrs: [{
name: "string",
}],
status: "string",
}],
prefDnsResult: "string",
realm: "string",
secDefaultAction: "string",
secureWebProxy: "string",
secureWebProxyCerts: [{
name: "string",
}],
socks: "string",
socksIncomingPort: "string",
sslAlgorithm: "string",
sslDhBits: "string",
status: "string",
strictGuest: "string",
traceAuthNoRsp: "string",
unknownHttpVersion: "string",
userAgentDetect: "string",
vdomparam: "string",
});
type: fortios:webproxy:Explicit
properties:
clientCert: string
dynamicSortSubtable: string
emptyCertAction: string
ftpIncomingPort: string
ftpOverHttp: string
getAllTables: string
httpConnectionMode: string
httpIncomingPort: string
httpsIncomingPort: string
httpsReplacementMessage: string
incomingIp: string
incomingIp6: string
ipv6Status: string
messageUponServerError: string
outgoingIp: string
outgoingIp6: string
pacFileData: string
pacFileName: string
pacFileServerPort: string
pacFileServerStatus: string
pacFileThroughHttps: string
pacFileUrl: string
pacPolicies:
- comments: string
dstaddrs:
- name: string
pacFileData: string
pacFileName: string
policyid: 0
srcaddr6s:
- name: string
srcaddrs:
- name: string
status: string
prefDnsResult: string
realm: string
secDefaultAction: string
secureWebProxy: string
secureWebProxyCerts:
- name: string
socks: string
socksIncomingPort: string
sslAlgorithm: string
sslDhBits: string
status: string
strictGuest: string
traceAuthNoRsp: string
unknownHttpVersion: string
userAgentDetect: string
vdomparam: string
Explicit Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Explicit resource accepts the following input properties:
- Client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Empty
Cert stringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - Ftp
Incoming stringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- Ftp
Over stringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Http
Connection stringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - Http
Incoming stringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- Https
Incoming stringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- Https
Replacement stringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - Incoming
Ip string - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- Incoming
Ip6 string - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- Ipv6Status string
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - Message
Upon stringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - Outgoing
Ip string - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- Outgoing
Ip6 string - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- Pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- Pac
File stringName - Pac file name.
- Pac
File stringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- Pac
File stringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - Pac
File stringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - Pac
File stringUrl - PAC file access URL.
- Pac
Policies List<Pulumiverse.Fortios. Webproxy. Inputs. Explicit Pac Policy> - PAC policies. The structure of
pac_policy
block is documented below. - Pref
Dns stringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- Realm string
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- Sec
Default stringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - Secure
Web stringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - Secure
Web List<Pulumiverse.Proxy Certs Fortios. Webproxy. Inputs. Explicit Secure Web Proxy Cert> - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - Socks string
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - Socks
Incoming stringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- Ssl
Algorithm string - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - Ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - Status string
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - Strict
Guest string - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - Trace
Auth stringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - Unknown
Http stringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- User
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Empty
Cert stringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - Ftp
Incoming stringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- Ftp
Over stringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Http
Connection stringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - Http
Incoming stringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- Https
Incoming stringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- Https
Replacement stringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - Incoming
Ip string - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- Incoming
Ip6 string - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- Ipv6Status string
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - Message
Upon stringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - Outgoing
Ip string - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- Outgoing
Ip6 string - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- Pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- Pac
File stringName - Pac file name.
- Pac
File stringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- Pac
File stringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - Pac
File stringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - Pac
File stringUrl - PAC file access URL.
- Pac
Policies []ExplicitPac Policy Args - PAC policies. The structure of
pac_policy
block is documented below. - Pref
Dns stringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- Realm string
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- Sec
Default stringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - Secure
Web stringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - Secure
Web []ExplicitProxy Certs Secure Web Proxy Cert Args - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - Socks string
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - Socks
Incoming stringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- Ssl
Algorithm string - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - Ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - Status string
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - Strict
Guest string - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - Trace
Auth stringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - Unknown
Http stringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- User
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- client
Cert String - Enable/disable to request client certificate. Valid values:
disable
,enable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert StringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - ftp
Incoming StringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ftp
Over StringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Connection StringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - http
Incoming StringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- https
Incoming StringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- https
Replacement StringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - incoming
Ip String - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- incoming
Ip6 String - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- ipv6Status String
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - message
Upon StringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - outgoing
Ip String - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- outgoing
Ip6 String - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- pac
File StringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File StringName - Pac file name.
- pac
File StringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- pac
File StringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - pac
File StringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - pac
File StringUrl - PAC file access URL.
- pac
Policies List<ExplicitPac Policy> - PAC policies. The structure of
pac_policy
block is documented below. - pref
Dns StringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- realm String
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- sec
Default StringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - secure
Web StringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - secure
Web List<ExplicitProxy Certs Secure Web Proxy Cert> - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - socks String
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - socks
Incoming StringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ssl
Algorithm String - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - ssl
Dh StringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - status String
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - strict
Guest String - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - trace
Auth StringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - unknown
Http StringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- user
Agent StringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert stringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - ftp
Incoming stringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ftp
Over stringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Connection stringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - http
Incoming stringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- https
Incoming stringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- https
Replacement stringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - incoming
Ip string - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- incoming
Ip6 string - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- ipv6Status string
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - message
Upon stringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - outgoing
Ip string - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- outgoing
Ip6 string - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File stringName - Pac file name.
- pac
File stringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- pac
File stringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - pac
File stringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - pac
File stringUrl - PAC file access URL.
- pac
Policies ExplicitPac Policy[] - PAC policies. The structure of
pac_policy
block is documented below. - pref
Dns stringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- realm string
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- sec
Default stringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - secure
Web stringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - secure
Web ExplicitProxy Certs Secure Web Proxy Cert[] - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - socks string
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - socks
Incoming stringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ssl
Algorithm string - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - status string
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - strict
Guest string - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - trace
Auth stringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - unknown
Http stringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- user
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- client_
cert str - Enable/disable to request client certificate. Valid values:
disable
,enable
. - dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty_
cert_ straction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - ftp_
incoming_ strport - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ftp_
over_ strhttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http_
connection_ strmode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - http_
incoming_ strport - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- https_
incoming_ strport - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- https_
replacement_ strmessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - incoming_
ip str - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- incoming_
ip6 str - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- ipv6_
status str - Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - message_
upon_ strserver_ error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - outgoing_
ip str - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- outgoing_
ip6 str - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- pac_
file_ strdata - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac_
file_ strname - Pac file name.
- pac_
file_ strserver_ port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- pac_
file_ strserver_ status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - pac_
file_ strthrough_ https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - pac_
file_ strurl - PAC file access URL.
- pac_
policies Sequence[ExplicitPac Policy Args] - PAC policies. The structure of
pac_policy
block is documented below. - pref_
dns_ strresult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- realm str
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- sec_
default_ straction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - secure_
web_ strproxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - secure_
web_ Sequence[Explicitproxy_ certs Secure Web Proxy Cert Args] - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - socks str
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - socks_
incoming_ strport - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ssl_
algorithm str - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - ssl_
dh_ strbits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - status str
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - strict_
guest str - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - trace_
auth_ strno_ rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - unknown_
http_ strversion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- user_
agent_ strdetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- client
Cert String - Enable/disable to request client certificate. Valid values:
disable
,enable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert StringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - ftp
Incoming StringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ftp
Over StringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Connection StringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - http
Incoming StringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- https
Incoming StringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- https
Replacement StringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - incoming
Ip String - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- incoming
Ip6 String - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- ipv6Status String
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - message
Upon StringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - outgoing
Ip String - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- outgoing
Ip6 String - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- pac
File StringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File StringName - Pac file name.
- pac
File StringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- pac
File StringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - pac
File StringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - pac
File StringUrl - PAC file access URL.
- pac
Policies List<Property Map> - PAC policies. The structure of
pac_policy
block is documented below. - pref
Dns StringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- realm String
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- sec
Default StringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - secure
Web StringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - secure
Web List<Property Map>Proxy Certs - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - socks String
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - socks
Incoming StringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ssl
Algorithm String - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - ssl
Dh StringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - status String
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - strict
Guest String - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - trace
Auth StringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - unknown
Http StringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- user
Agent StringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Outputs
All input properties are implicitly available as output properties. Additionally, the Explicit resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Explicit Resource
Get an existing Explicit resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ExplicitState, opts?: CustomResourceOptions): Explicit
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
client_cert: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
empty_cert_action: Optional[str] = None,
ftp_incoming_port: Optional[str] = None,
ftp_over_http: Optional[str] = None,
get_all_tables: Optional[str] = None,
http_connection_mode: Optional[str] = None,
http_incoming_port: Optional[str] = None,
https_incoming_port: Optional[str] = None,
https_replacement_message: Optional[str] = None,
incoming_ip: Optional[str] = None,
incoming_ip6: Optional[str] = None,
ipv6_status: Optional[str] = None,
message_upon_server_error: Optional[str] = None,
outgoing_ip: Optional[str] = None,
outgoing_ip6: Optional[str] = None,
pac_file_data: Optional[str] = None,
pac_file_name: Optional[str] = None,
pac_file_server_port: Optional[str] = None,
pac_file_server_status: Optional[str] = None,
pac_file_through_https: Optional[str] = None,
pac_file_url: Optional[str] = None,
pac_policies: Optional[Sequence[ExplicitPacPolicyArgs]] = None,
pref_dns_result: Optional[str] = None,
realm: Optional[str] = None,
sec_default_action: Optional[str] = None,
secure_web_proxy: Optional[str] = None,
secure_web_proxy_certs: Optional[Sequence[ExplicitSecureWebProxyCertArgs]] = None,
socks: Optional[str] = None,
socks_incoming_port: Optional[str] = None,
ssl_algorithm: Optional[str] = None,
ssl_dh_bits: Optional[str] = None,
status: Optional[str] = None,
strict_guest: Optional[str] = None,
trace_auth_no_rsp: Optional[str] = None,
unknown_http_version: Optional[str] = None,
user_agent_detect: Optional[str] = None,
vdomparam: Optional[str] = None) -> Explicit
func GetExplicit(ctx *Context, name string, id IDInput, state *ExplicitState, opts ...ResourceOption) (*Explicit, error)
public static Explicit Get(string name, Input<string> id, ExplicitState? state, CustomResourceOptions? opts = null)
public static Explicit get(String name, Output<String> id, ExplicitState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Empty
Cert stringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - Ftp
Incoming stringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- Ftp
Over stringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Http
Connection stringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - Http
Incoming stringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- Https
Incoming stringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- Https
Replacement stringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - Incoming
Ip string - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- Incoming
Ip6 string - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- Ipv6Status string
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - Message
Upon stringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - Outgoing
Ip string - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- Outgoing
Ip6 string - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- Pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- Pac
File stringName - Pac file name.
- Pac
File stringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- Pac
File stringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - Pac
File stringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - Pac
File stringUrl - PAC file access URL.
- Pac
Policies List<Pulumiverse.Fortios. Webproxy. Inputs. Explicit Pac Policy> - PAC policies. The structure of
pac_policy
block is documented below. - Pref
Dns stringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- Realm string
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- Sec
Default stringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - Secure
Web stringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - Secure
Web List<Pulumiverse.Proxy Certs Fortios. Webproxy. Inputs. Explicit Secure Web Proxy Cert> - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - Socks string
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - Socks
Incoming stringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- Ssl
Algorithm string - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - Ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - Status string
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - Strict
Guest string - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - Trace
Auth stringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - Unknown
Http stringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- User
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Empty
Cert stringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - Ftp
Incoming stringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- Ftp
Over stringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Http
Connection stringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - Http
Incoming stringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- Https
Incoming stringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- Https
Replacement stringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - Incoming
Ip string - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- Incoming
Ip6 string - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- Ipv6Status string
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - Message
Upon stringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - Outgoing
Ip string - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- Outgoing
Ip6 string - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- Pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- Pac
File stringName - Pac file name.
- Pac
File stringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- Pac
File stringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - Pac
File stringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - Pac
File stringUrl - PAC file access URL.
- Pac
Policies []ExplicitPac Policy Args - PAC policies. The structure of
pac_policy
block is documented below. - Pref
Dns stringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- Realm string
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- Sec
Default stringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - Secure
Web stringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - Secure
Web []ExplicitProxy Certs Secure Web Proxy Cert Args - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - Socks string
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - Socks
Incoming stringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- Ssl
Algorithm string - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - Ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - Status string
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - Strict
Guest string - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - Trace
Auth stringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - Unknown
Http stringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- User
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- client
Cert String - Enable/disable to request client certificate. Valid values:
disable
,enable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert StringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - ftp
Incoming StringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ftp
Over StringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Connection StringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - http
Incoming StringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- https
Incoming StringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- https
Replacement StringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - incoming
Ip String - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- incoming
Ip6 String - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- ipv6Status String
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - message
Upon StringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - outgoing
Ip String - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- outgoing
Ip6 String - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- pac
File StringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File StringName - Pac file name.
- pac
File StringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- pac
File StringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - pac
File StringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - pac
File StringUrl - PAC file access URL.
- pac
Policies List<ExplicitPac Policy> - PAC policies. The structure of
pac_policy
block is documented below. - pref
Dns StringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- realm String
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- sec
Default StringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - secure
Web StringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - secure
Web List<ExplicitProxy Certs Secure Web Proxy Cert> - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - socks String
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - socks
Incoming StringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ssl
Algorithm String - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - ssl
Dh StringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - status String
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - strict
Guest String - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - trace
Auth StringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - unknown
Http StringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- user
Agent StringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- client
Cert string - Enable/disable to request client certificate. Valid values:
disable
,enable
. - dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert stringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - ftp
Incoming stringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ftp
Over stringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Connection stringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - http
Incoming stringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- https
Incoming stringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- https
Replacement stringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - incoming
Ip string - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- incoming
Ip6 string - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- ipv6Status string
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - message
Upon stringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - outgoing
Ip string - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- outgoing
Ip6 string - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File stringName - Pac file name.
- pac
File stringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- pac
File stringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - pac
File stringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - pac
File stringUrl - PAC file access URL.
- pac
Policies ExplicitPac Policy[] - PAC policies. The structure of
pac_policy
block is documented below. - pref
Dns stringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- realm string
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- sec
Default stringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - secure
Web stringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - secure
Web ExplicitProxy Certs Secure Web Proxy Cert[] - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - socks string
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - socks
Incoming stringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ssl
Algorithm string - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - ssl
Dh stringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - status string
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - strict
Guest string - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - trace
Auth stringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - unknown
Http stringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- user
Agent stringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- client_
cert str - Enable/disable to request client certificate. Valid values:
disable
,enable
. - dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty_
cert_ straction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - ftp_
incoming_ strport - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ftp_
over_ strhttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http_
connection_ strmode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - http_
incoming_ strport - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- https_
incoming_ strport - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- https_
replacement_ strmessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - incoming_
ip str - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- incoming_
ip6 str - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- ipv6_
status str - Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - message_
upon_ strserver_ error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - outgoing_
ip str - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- outgoing_
ip6 str - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- pac_
file_ strdata - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac_
file_ strname - Pac file name.
- pac_
file_ strserver_ port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- pac_
file_ strserver_ status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - pac_
file_ strthrough_ https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - pac_
file_ strurl - PAC file access URL.
- pac_
policies Sequence[ExplicitPac Policy Args] - PAC policies. The structure of
pac_policy
block is documented below. - pref_
dns_ strresult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- realm str
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- sec_
default_ straction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - secure_
web_ strproxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - secure_
web_ Sequence[Explicitproxy_ certs Secure Web Proxy Cert Args] - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - socks str
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - socks_
incoming_ strport - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ssl_
algorithm str - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - ssl_
dh_ strbits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - status str
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - strict_
guest str - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - trace_
auth_ strno_ rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - unknown_
http_ strversion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- user_
agent_ strdetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- client
Cert String - Enable/disable to request client certificate. Valid values:
disable
,enable
. - dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- empty
Cert StringAction - Action of an empty client certificate. Valid values:
accept
,block
,accept-unmanageable
. - ftp
Incoming StringPort - Accept incoming FTP-over-HTTP requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ftp
Over StringHttp - Enable to proxy FTP-over-HTTP sessions sent from a web browser. Valid values:
enable
,disable
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- http
Connection StringMode - HTTP connection mode (default = static). Valid values:
static
,multiplex
,serverpool
. - http
Incoming StringPort - Accept incoming HTTP requests on one or more ports (0 - 65535, default = 8080).
- https
Incoming StringPort - Accept incoming HTTPS requests on one or more ports (0 - 65535, default = 0, use the same as HTTP).
- https
Replacement StringMessage - Enable/disable sending the client a replacement message for HTTPS requests. Valid values:
enable
,disable
. - incoming
Ip String - Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address.
- incoming
Ip6 String - Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address.
- ipv6Status String
- Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. Valid values:
enable
,disable
. - message
Upon StringServer Error - Enable/disable displaying a replacement message when a server error is detected. Valid values:
enable
,disable
. - outgoing
Ip String - Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address.
- outgoing
Ip6 String - Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses.
- pac
File StringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File StringName - Pac file name.
- pac
File StringServer Port - Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy (0 - 65535, default = 0; use the same as HTTP).
- pac
File StringServer Status - Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. Valid values:
enable
,disable
. - pac
File StringThrough Https - Enable/disable to get Proxy Auto-Configuration (PAC) through HTTPS. Valid values:
enable
,disable
. - pac
File StringUrl - PAC file access URL.
- pac
Policies List<Property Map> - PAC policies. The structure of
pac_policy
block is documented below. - pref
Dns StringResult - Prefer resolving addresses using the configured IPv4 or IPv6 DNS server (default = ipv4).
- realm String
- Authentication realm used to identify the explicit web proxy (maximum of 63 characters).
- sec
Default StringAction - Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. Valid values:
accept
,deny
. - secure
Web StringProxy - Enable/disable/require the secure web proxy for HTTP and HTTPS session. Valid values:
disable
,enable
,secure
. - secure
Web List<Property Map>Proxy Certs - Name of certificates for secure web proxy. The structure of
secure_web_proxy_cert
block is documented below. - socks String
- Enable/disable the SOCKS proxy. Valid values:
enable
,disable
. - socks
Incoming StringPort - Accept incoming SOCKS proxy requests on one or more ports (0 - 65535, default = 0; use the same as HTTP).
- ssl
Algorithm String - Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. Valid values:
high
,medium
,low
. - ssl
Dh StringBits - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values:
768
,1024
,1536
,2048
. - status String
- Enable/disable the explicit Web proxy for HTTP and HTTPS session. Valid values:
enable
,disable
. - strict
Guest String - Enable/disable strict guest user checking by the explicit web proxy. Valid values:
enable
,disable
. - trace
Auth StringNo Rsp - Enable/disable logging timed-out authentication requests. Valid values:
enable
,disable
. - unknown
Http StringVersion - Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can.
- user
Agent StringDetect - Enable/disable to detect device type by HTTP user-agent if no client certificate provided. Valid values:
disable
,enable
. - vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Supporting Types
ExplicitPacPolicy, ExplicitPacPolicyArgs
- Comments string
- Optional comments.
- Dstaddrs
List<Pulumiverse.
Fortios. Webproxy. Inputs. Explicit Pac Policy Dstaddr> - Destination address objects. The structure of
dstaddr
block is documented below. - Pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- Pac
File stringName - Pac file name.
- Policyid int
- Policy ID.
- Srcaddr6s
List<Pulumiverse.
Fortios. Webproxy. Inputs. Explicit Pac Policy Srcaddr6> - Source address6 objects. The structure of
srcaddr6
block is documented below. - Srcaddrs
List<Pulumiverse.
Fortios. Webproxy. Inputs. Explicit Pac Policy Srcaddr> - Source address objects. The structure of
srcaddr
block is documented below. - Status string
- Enable/disable policy. Valid values:
enable
,disable
.
- Comments string
- Optional comments.
- Dstaddrs
[]Explicit
Pac Policy Dstaddr - Destination address objects. The structure of
dstaddr
block is documented below. - Pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- Pac
File stringName - Pac file name.
- Policyid int
- Policy ID.
- Srcaddr6s
[]Explicit
Pac Policy Srcaddr6 - Source address6 objects. The structure of
srcaddr6
block is documented below. - Srcaddrs
[]Explicit
Pac Policy Srcaddr - Source address objects. The structure of
srcaddr
block is documented below. - Status string
- Enable/disable policy. Valid values:
enable
,disable
.
- comments String
- Optional comments.
- dstaddrs
List<Explicit
Pac Policy Dstaddr> - Destination address objects. The structure of
dstaddr
block is documented below. - pac
File StringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File StringName - Pac file name.
- policyid Integer
- Policy ID.
- srcaddr6s
List<Explicit
Pac Policy Srcaddr6> - Source address6 objects. The structure of
srcaddr6
block is documented below. - srcaddrs
List<Explicit
Pac Policy Srcaddr> - Source address objects. The structure of
srcaddr
block is documented below. - status String
- Enable/disable policy. Valid values:
enable
,disable
.
- comments string
- Optional comments.
- dstaddrs
Explicit
Pac Policy Dstaddr[] - Destination address objects. The structure of
dstaddr
block is documented below. - pac
File stringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File stringName - Pac file name.
- policyid number
- Policy ID.
- srcaddr6s
Explicit
Pac Policy Srcaddr6[] - Source address6 objects. The structure of
srcaddr6
block is documented below. - srcaddrs
Explicit
Pac Policy Srcaddr[] - Source address objects. The structure of
srcaddr
block is documented below. - status string
- Enable/disable policy. Valid values:
enable
,disable
.
- comments str
- Optional comments.
- dstaddrs
Sequence[Explicit
Pac Policy Dstaddr] - Destination address objects. The structure of
dstaddr
block is documented below. - pac_
file_ strdata - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac_
file_ strname - Pac file name.
- policyid int
- Policy ID.
- srcaddr6s
Sequence[Explicit
Pac Policy Srcaddr6] - Source address6 objects. The structure of
srcaddr6
block is documented below. - srcaddrs
Sequence[Explicit
Pac Policy Srcaddr] - Source address objects. The structure of
srcaddr
block is documented below. - status str
- Enable/disable policy. Valid values:
enable
,disable
.
- comments String
- Optional comments.
- dstaddrs List<Property Map>
- Destination address objects. The structure of
dstaddr
block is documented below. - pac
File StringData - PAC file contents enclosed in quotes (maximum of 256K bytes).
- pac
File StringName - Pac file name.
- policyid Number
- Policy ID.
- srcaddr6s List<Property Map>
- Source address6 objects. The structure of
srcaddr6
block is documented below. - srcaddrs List<Property Map>
- Source address objects. The structure of
srcaddr
block is documented below. - status String
- Enable/disable policy. Valid values:
enable
,disable
.
ExplicitPacPolicyDstaddr, ExplicitPacPolicyDstaddrArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
ExplicitPacPolicySrcaddr, ExplicitPacPolicySrcaddrArgs
- Name string
- Address name.
- Name string
- Address name.
- name String
- Address name.
- name string
- Address name.
- name str
- Address name.
- name String
- Address name.
ExplicitPacPolicySrcaddr6, ExplicitPacPolicySrcaddr6Args
- Name string
- Name string
- name String
- name string
- name str
- name String
ExplicitSecureWebProxyCert, ExplicitSecureWebProxyCertArgs
- Name string
- Certificate list.
- Name string
- Certificate list.
- name String
- Certificate list.
- name string
- Certificate list.
- name str
- Certificate list.
- name String
- Certificate list.
Import
WebProxy Explicit can be imported using any of these accepted formats:
$ pulumi import fortios:webproxy/explicit:Explicit labelname WebProxyExplicit
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:webproxy/explicit:Explicit labelname WebProxyExplicit
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.