nsxt 3.8.1, Apr 30 25

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

nsxt.PolicyLbClientSslProfile

Explore with Pulumi AI

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

Create PolicyLbClientSslProfile Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PolicyLbClientSslProfile(name: string, args: PolicyLbClientSslProfileArgs, opts?: CustomResourceOptions);

@overload
def PolicyLbClientSslProfile(resource_name: str,
                             args: PolicyLbClientSslProfileArgs,
                             opts: Optional[ResourceOptions] = None)

@overload
def PolicyLbClientSslProfile(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             display_name: Optional[str] = None,
                             cipher_group_label: Optional[str] = None,
                             ciphers: Optional[Sequence[str]] = None,
                             description: Optional[str] = None,
                             nsx_id: Optional[str] = None,
                             policy_lb_client_ssl_profile_id: Optional[str] = None,
                             prefer_server_ciphers: Optional[bool] = None,
                             protocols: Optional[Sequence[str]] = None,
                             session_cache_enabled: Optional[bool] = None,
                             session_cache_timeout: Optional[float] = None,
                             tags: Optional[Sequence[PolicyLbClientSslProfileTagArgs]] = None)

func NewPolicyLbClientSslProfile(ctx *Context, name string, args PolicyLbClientSslProfileArgs, opts ...ResourceOption) (*PolicyLbClientSslProfile, error)

public PolicyLbClientSslProfile(string name, PolicyLbClientSslProfileArgs args, CustomResourceOptions? opts = null)

public PolicyLbClientSslProfile(String name, PolicyLbClientSslProfileArgs args)
public PolicyLbClientSslProfile(String name, PolicyLbClientSslProfileArgs args, CustomResourceOptions options)

type: nsxt:PolicyLbClientSslProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PolicyLbClientSslProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PolicyLbClientSslProfileArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PolicyLbClientSslProfileArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicyLbClientSslProfileArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PolicyLbClientSslProfileArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var policyLbClientSslProfileResource = new Nsxt.PolicyLbClientSslProfile("policyLbClientSslProfileResource", new()
{
    DisplayName = "string",
    CipherGroupLabel = "string",
    Ciphers = new[]
    {
        "string",
    },
    Description = "string",
    NsxId = "string",
    PolicyLbClientSslProfileId = "string",
    PreferServerCiphers = false,
    Protocols = new[]
    {
        "string",
    },
    SessionCacheEnabled = false,
    SessionCacheTimeout = 0,
    Tags = new[]
    {
        new Nsxt.Inputs.PolicyLbClientSslProfileTagArgs
        {
            Scope = "string",
            Tag = "string",
        },
    },
});

example, err := nsxt.NewPolicyLbClientSslProfile(ctx, "policyLbClientSslProfileResource", &nsxt.PolicyLbClientSslProfileArgs{
	DisplayName:      pulumi.String("string"),
	CipherGroupLabel: pulumi.String("string"),
	Ciphers: pulumi.StringArray{
		pulumi.String("string"),
	},
	Description:                pulumi.String("string"),
	NsxId:                      pulumi.String("string"),
	PolicyLbClientSslProfileId: pulumi.String("string"),
	PreferServerCiphers:        pulumi.Bool(false),
	Protocols: pulumi.StringArray{
		pulumi.String("string"),
	},
	SessionCacheEnabled: pulumi.Bool(false),
	SessionCacheTimeout: pulumi.Float64(0),
	Tags: nsxt.PolicyLbClientSslProfileTagArray{
		&nsxt.PolicyLbClientSslProfileTagArgs{
			Scope: pulumi.String("string"),
			Tag:   pulumi.String("string"),
		},
	},
})

var policyLbClientSslProfileResource = new PolicyLbClientSslProfile("policyLbClientSslProfileResource", PolicyLbClientSslProfileArgs.builder()
    .displayName("string")
    .cipherGroupLabel("string")
    .ciphers("string")
    .description("string")
    .nsxId("string")
    .policyLbClientSslProfileId("string")
    .preferServerCiphers(false)
    .protocols("string")
    .sessionCacheEnabled(false)
    .sessionCacheTimeout(0)
    .tags(PolicyLbClientSslProfileTagArgs.builder()
        .scope("string")
        .tag("string")
        .build())
    .build());

policy_lb_client_ssl_profile_resource = nsxt.PolicyLbClientSslProfile("policyLbClientSslProfileResource",
    display_name="string",
    cipher_group_label="string",
    ciphers=["string"],
    description="string",
    nsx_id="string",
    policy_lb_client_ssl_profile_id="string",
    prefer_server_ciphers=False,
    protocols=["string"],
    session_cache_enabled=False,
    session_cache_timeout=0,
    tags=[{
        "scope": "string",
        "tag": "string",
    }])

const policyLbClientSslProfileResource = new nsxt.PolicyLbClientSslProfile("policyLbClientSslProfileResource", {
    displayName: "string",
    cipherGroupLabel: "string",
    ciphers: ["string"],
    description: "string",
    nsxId: "string",
    policyLbClientSslProfileId: "string",
    preferServerCiphers: false,
    protocols: ["string"],
    sessionCacheEnabled: false,
    sessionCacheTimeout: 0,
    tags: [{
        scope: "string",
        tag: "string",
    }],
});

type: nsxt:PolicyLbClientSslProfile
properties:
    cipherGroupLabel: string
    ciphers:
        - string
    description: string
    displayName: string
    nsxId: string
    policyLbClientSslProfileId: string
    preferServerCiphers: false
    protocols:
        - string
    sessionCacheEnabled: false
    sessionCacheTimeout: 0
    tags:
        - scope: string
          tag: string

PolicyLbClientSslProfile Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PolicyLbClientSslProfile resource accepts the following input properties:

DisplayName string: Display name of the resource.
CipherGroupLabel string: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
Ciphers List<string>: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Description string: Description of the resource.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
PolicyLbClientSslProfileId string: ID of the resource.
PreferServerCiphers bool: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
Protocols List<string>: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
SessionCacheEnabled bool: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
SessionCacheTimeout double: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
Tags List<PolicyLbClientSslProfileTag>: A list of scope + tag pairs to associate with this resource.

DisplayName string: Display name of the resource.
CipherGroupLabel string: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
Ciphers []string: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Description string: Description of the resource.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
PolicyLbClientSslProfileId string: ID of the resource.
PreferServerCiphers bool: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
Protocols []string: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
SessionCacheEnabled bool: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
SessionCacheTimeout float64: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
Tags []PolicyLbClientSslProfileTagArgs: A list of scope + tag pairs to associate with this resource.

displayName String: Display name of the resource.
cipherGroupLabel String: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
ciphers List<String>: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
description String: Description of the resource.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
policyLbClientSslProfileId String: ID of the resource.
preferServerCiphers Boolean: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
protocols List<String>: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
sessionCacheEnabled Boolean: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
sessionCacheTimeout Double: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
tags List<PolicyLbClientSslProfileTag>: A list of scope + tag pairs to associate with this resource.

displayName string: Display name of the resource.
cipherGroupLabel string: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
ciphers string[]: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
description string: Description of the resource.
nsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
policyLbClientSslProfileId string: ID of the resource.
preferServerCiphers boolean: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
protocols string[]: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
sessionCacheEnabled boolean: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
sessionCacheTimeout number: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
tags PolicyLbClientSslProfileTag[]: A list of scope + tag pairs to associate with this resource.

display_name str: Display name of the resource.
cipher_group_label str: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
ciphers Sequence[str]: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
description str: Description of the resource.
nsx_id str: The NSX ID of this resource. If set, this ID will be used to create the resource.
policy_lb_client_ssl_profile_id str: ID of the resource.
prefer_server_ciphers bool: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
protocols Sequence[str]: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
session_cache_enabled bool: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
session_cache_timeout float: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
tags Sequence[PolicyLbClientSslProfileTagArgs]: A list of scope + tag pairs to associate with this resource.

displayName String: Display name of the resource.
cipherGroupLabel String: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
ciphers List<String>: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
description String: Description of the resource.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
policyLbClientSslProfileId String: ID of the resource.
preferServerCiphers Boolean: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
protocols List<String>: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
sessionCacheEnabled Boolean: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
sessionCacheTimeout Number: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
tags List<Property Map>: A list of scope + tag pairs to associate with this resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the PolicyLbClientSslProfile resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
IsFips bool: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
IsSecure bool: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
Path string: The NSX path of the policy resource.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Id string: The provider-assigned unique ID for this managed resource.
IsFips bool: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
IsSecure bool: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
Path string: The NSX path of the policy resource.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
isFips Boolean: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
isSecure Boolean: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
path String: The NSX path of the policy resource.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id string: The provider-assigned unique ID for this managed resource.
isFips boolean: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
isSecure boolean: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
path string: The NSX path of the policy resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id str: The provider-assigned unique ID for this managed resource.
is_fips bool: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
is_secure bool: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
path str: The NSX path of the policy resource.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
isFips Boolean: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
isSecure Boolean: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
path String: The NSX path of the policy resource.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Look up Existing PolicyLbClientSslProfile Resource

Get an existing PolicyLbClientSslProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PolicyLbClientSslProfileState, opts?: CustomResourceOptions): PolicyLbClientSslProfile

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        cipher_group_label: Optional[str] = None,
        ciphers: Optional[Sequence[str]] = None,
        description: Optional[str] = None,
        display_name: Optional[str] = None,
        is_fips: Optional[bool] = None,
        is_secure: Optional[bool] = None,
        nsx_id: Optional[str] = None,
        path: Optional[str] = None,
        policy_lb_client_ssl_profile_id: Optional[str] = None,
        prefer_server_ciphers: Optional[bool] = None,
        protocols: Optional[Sequence[str]] = None,
        revision: Optional[float] = None,
        session_cache_enabled: Optional[bool] = None,
        session_cache_timeout: Optional[float] = None,
        tags: Optional[Sequence[PolicyLbClientSslProfileTagArgs]] = None) -> PolicyLbClientSslProfile

func GetPolicyLbClientSslProfile(ctx *Context, name string, id IDInput, state *PolicyLbClientSslProfileState, opts ...ResourceOption) (*PolicyLbClientSslProfile, error)

public static PolicyLbClientSslProfile Get(string name, Input<string> id, PolicyLbClientSslProfileState? state, CustomResourceOptions? opts = null)

public static PolicyLbClientSslProfile get(String name, Output<String> id, PolicyLbClientSslProfileState state, CustomResourceOptions options)

resources:  _:    type: nsxt:PolicyLbClientSslProfile    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CipherGroupLabel string: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
Ciphers List<string>: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Description string: Description of the resource.
DisplayName string: Display name of the resource.
IsFips bool: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
IsSecure bool: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
Path string: The NSX path of the policy resource.
PolicyLbClientSslProfileId string: ID of the resource.
PreferServerCiphers bool: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
Protocols List<string>: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
SessionCacheEnabled bool: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
SessionCacheTimeout double: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
Tags List<PolicyLbClientSslProfileTag>: A list of scope + tag pairs to associate with this resource.

CipherGroupLabel string: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
Ciphers []string: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Description string: Description of the resource.
DisplayName string: Display name of the resource.
IsFips bool: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
IsSecure bool: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
NsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
Path string: The NSX path of the policy resource.
PolicyLbClientSslProfileId string: ID of the resource.
PreferServerCiphers bool: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
Protocols []string: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
SessionCacheEnabled bool: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
SessionCacheTimeout float64: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
Tags []PolicyLbClientSslProfileTagArgs: A list of scope + tag pairs to associate with this resource.

cipherGroupLabel String: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
ciphers List<String>: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
description String: Description of the resource.
displayName String: Display name of the resource.
isFips Boolean: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
isSecure Boolean: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
path String: The NSX path of the policy resource.
policyLbClientSslProfileId String: ID of the resource.
preferServerCiphers Boolean: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
protocols List<String>: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
sessionCacheEnabled Boolean: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
sessionCacheTimeout Double: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
tags List<PolicyLbClientSslProfileTag>: A list of scope + tag pairs to associate with this resource.

cipherGroupLabel string: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
ciphers string[]: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
description string: Description of the resource.
displayName string: Display name of the resource.
isFips boolean: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
isSecure boolean: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
nsxId string: The NSX ID of this resource. If set, this ID will be used to create the resource.
path string: The NSX path of the policy resource.
policyLbClientSslProfileId string: ID of the resource.
preferServerCiphers boolean: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
protocols string[]: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
sessionCacheEnabled boolean: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
sessionCacheTimeout number: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
tags PolicyLbClientSslProfileTag[]: A list of scope + tag pairs to associate with this resource.

cipher_group_label str: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
ciphers Sequence[str]: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
description str: Description of the resource.
display_name str: Display name of the resource.
is_fips bool: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
is_secure bool: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
nsx_id str: The NSX ID of this resource. If set, this ID will be used to create the resource.
path str: The NSX path of the policy resource.
policy_lb_client_ssl_profile_id str: ID of the resource.
prefer_server_ciphers bool: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
protocols Sequence[str]: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
session_cache_enabled bool: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
session_cache_timeout float: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
tags Sequence[PolicyLbClientSslProfileTagArgs]: A list of scope + tag pairs to associate with this resource.

cipherGroupLabel String: A label of cipher group which is mostly consumed by GUI. Possible values are: BALANCED, HIGH_SECURITY, HIGH_COMPATIBILITY and CUSTOM.
ciphers List<String>: Supported SSL cipher list to client side. Possible values are: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA , TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
description String: Description of the resource.
displayName String: Display name of the resource.
isFips Boolean: This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. Read-only property, its value will be decided automatically based on the result of applying this configuration.
isSecure Boolean: This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. Read-only property, its value will be decided automatically based on the result of applying this configuration.
nsxId String: The NSX ID of this resource. If set, this ID will be used to create the resource.
path String: The NSX path of the policy resource.
policyLbClientSslProfileId String: ID of the resource.
preferServerCiphers Boolean: During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. Default is true.
protocols List<String>: Protocols used by the LB Client SSL profile. SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. Possible values are:SSL_V2, SSL_V3, TLS_V1, TLS_V1_1, TLS_V1_2, SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
sessionCacheEnabled Boolean: SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. Default is true.
sessionCacheTimeout Number: Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64, default is 300.
tags List<Property Map>: A list of scope + tag pairs to associate with this resource.

Supporting Types

PolicyLbClientSslProfileTag, PolicyLbClientSslProfileTagArgs

Scope string
Tag string: A list of scope + tag pairs to associate with this resource.

Scope string
Tag string: A list of scope + tag pairs to associate with this resource.

scope String
tag String: A list of scope + tag pairs to associate with this resource.

scope string
tag string: A list of scope + tag pairs to associate with this resource.

scope str
tag str: A list of scope + tag pairs to associate with this resource.

scope String
tag String: A list of scope + tag pairs to associate with this resource.

Package Details

Repository: nsxt vmware/terraform-provider-nsxt
License
Notes: This Pulumi package is based on the nsxt Terraform Provider.

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

vmware/terraform-provider-nsxt

nsxt.PolicyLbClientSslProfile

On this page

On this page

Create PolicyLbClientSslProfile Resource

Constructor syntax

Parameters

Constructor example

PolicyLbClientSslProfile Resource Properties

Inputs

Outputs

Look up Existing PolicyLbClientSslProfile Resource

Supporting Types

PolicyLbClientSslProfileTag, PolicyLbClientSslProfileTagArgs

Package Details

On this page

On this page