Sign in Dashboard Get started
  1. Packages
  2. Packages
  3. Panos Provider
  4. API Docs
  5. getDecryptionProfile
Viewing docs for panos 2.0.12
published on Wednesday, Jun 17, 2026 by paloaltonetworks
Schema (JSON)
paloaltonetworks/terraform-provider-panos

panos.getDecryptionProfile

Viewing docs for panos 2.0.12
published on Wednesday, Jun 17, 2026 by paloaltonetworks
Schema (JSON)
paloaltonetworks/terraform-provider-panos

    Using getDecryptionProfile

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getDecryptionProfile(args: GetDecryptionProfileArgs, opts?: InvokeOptions): Promise<GetDecryptionProfileResult>
function getDecryptionProfileOutput(args: GetDecryptionProfileOutputArgs, opts?: InvokeOptions): Output<GetDecryptionProfileResult>
    def get_decryption_profile(disable_override: Optional[str] = None,
                           forwarded_only: Optional[bool] = None,
                           interface: Optional[str] = None,
                           location: Optional[GetDecryptionProfileLocation] = None,
                           name: Optional[str] = None,
                           ssh_proxy: Optional[GetDecryptionProfileSshProxy] = None,
                           ssl_forward_proxy: Optional[GetDecryptionProfileSslForwardProxy] = None,
                           ssl_inbound_proxy: Optional[GetDecryptionProfileSslInboundProxy] = None,
                           ssl_no_proxy: Optional[GetDecryptionProfileSslNoProxy] = None,
                           ssl_protocol_settings: Optional[GetDecryptionProfileSslProtocolSettings] = None,
                           opts: Optional[InvokeOptions] = None) -> GetDecryptionProfileResult
def get_decryption_profile_output(disable_override: pulumi.Input[Optional[str]] = None,
                           forwarded_only: pulumi.Input[Optional[bool]] = None,
                           interface: pulumi.Input[Optional[str]] = None,
                           location: pulumi.Input[Optional[GetDecryptionProfileLocationArgs]] = None,
                           name: pulumi.Input[Optional[str]] = None,
                           ssh_proxy: pulumi.Input[Optional[GetDecryptionProfileSshProxyArgs]] = None,
                           ssl_forward_proxy: pulumi.Input[Optional[GetDecryptionProfileSslForwardProxyArgs]] = None,
                           ssl_inbound_proxy: pulumi.Input[Optional[GetDecryptionProfileSslInboundProxyArgs]] = None,
                           ssl_no_proxy: pulumi.Input[Optional[GetDecryptionProfileSslNoProxyArgs]] = None,
                           ssl_protocol_settings: pulumi.Input[Optional[GetDecryptionProfileSslProtocolSettingsArgs]] = None,
                           opts: Optional[InvokeOptions] = None) -> Output[GetDecryptionProfileResult]
    func LookupDecryptionProfile(ctx *Context, args *LookupDecryptionProfileArgs, opts ...InvokeOption) (*LookupDecryptionProfileResult, error)
func LookupDecryptionProfileOutput(ctx *Context, args *LookupDecryptionProfileOutputArgs, opts ...InvokeOption) LookupDecryptionProfileResultOutput

    > Note: This function is named LookupDecryptionProfile in the Go SDK.

    public static class GetDecryptionProfile 
{
    public static Task<GetDecryptionProfileResult> InvokeAsync(GetDecryptionProfileArgs args, InvokeOptions? opts = null)
    public static Output<GetDecryptionProfileResult> Invoke(GetDecryptionProfileInvokeArgs args, InvokeOptions? opts = null)
}
    public static CompletableFuture<GetDecryptionProfileResult> getDecryptionProfile(GetDecryptionProfileArgs args, InvokeOptions options)
public static Output<GetDecryptionProfileResult> getDecryptionProfile(GetDecryptionProfileArgs args, InvokeOptions options)

    fn::invoke:
  function: panos:index/getDecryptionProfile:getDecryptionProfile
  arguments:
    # arguments dictionary
    data "panos_getdecryptionprofile" "name" {
    # arguments
}

    The following arguments are supported:

    location object
    The location of this object.
    name string
    disable_override string
    disable object override in child device groups
    forwarded_only bool
    mirror after security policy allow
    interface string
    decrypt mirror port
    ssh_proxy object
    ssl_forward_proxy object
    ssl_inbound_proxy object
    ssl_no_proxy object
    ssl_protocol_settings object
    location Property Map
    The location of this object.
    name String
    disableOverride String
    disable object override in child device groups
    forwardedOnly Boolean
    mirror after security policy allow
    interface String
    decrypt mirror port
    sshProxy Property Map
    sslForwardProxy Property Map
    sslInboundProxy Property Map
    sslNoProxy Property Map
    sslProtocolSettings Property Map

    getDecryptionProfile Result

    The following output properties are available:

    DisableOverride string
    disable object override in child device groups
    ForwardedOnly bool
    mirror after security policy allow
    Id string
    The provider-assigned unique ID for this managed resource.
    Interface string
    decrypt mirror port
    Location GetDecryptionProfileLocation
    The location of this object.
    Name string
    SshProxy GetDecryptionProfileSshProxy
    SslForwardProxy GetDecryptionProfileSslForwardProxy
    SslInboundProxy GetDecryptionProfileSslInboundProxy
    SslNoProxy GetDecryptionProfileSslNoProxy
    SslProtocolSettings GetDecryptionProfileSslProtocolSettings
    DisableOverride string
    disable object override in child device groups
    ForwardedOnly bool
    mirror after security policy allow
    Id string
    The provider-assigned unique ID for this managed resource.
    Interface string
    decrypt mirror port
    Location GetDecryptionProfileLocation
    The location of this object.
    Name string
    SshProxy GetDecryptionProfileSshProxy
    SslForwardProxy GetDecryptionProfileSslForwardProxy
    SslInboundProxy GetDecryptionProfileSslInboundProxy
    SslNoProxy GetDecryptionProfileSslNoProxy
    SslProtocolSettings GetDecryptionProfileSslProtocolSettings
    disable_override string
    disable object override in child device groups
    forwarded_only bool
    mirror after security policy allow
    id string
    The provider-assigned unique ID for this managed resource.
    interface string
    decrypt mirror port
    location object
    The location of this object.
    name string
    ssh_proxy object
    ssl_forward_proxy object
    ssl_inbound_proxy object
    ssl_no_proxy object
    ssl_protocol_settings object
    disableOverride String
    disable object override in child device groups
    forwardedOnly Boolean
    mirror after security policy allow
    id String
    The provider-assigned unique ID for this managed resource.
    interface_ String
    decrypt mirror port
    location GetDecryptionProfileLocation
    The location of this object.
    name String
    sshProxy GetDecryptionProfileSshProxy
    sslForwardProxy GetDecryptionProfileSslForwardProxy
    sslInboundProxy GetDecryptionProfileSslInboundProxy
    sslNoProxy GetDecryptionProfileSslNoProxy
    sslProtocolSettings GetDecryptionProfileSslProtocolSettings
    disableOverride string
    disable object override in child device groups
    forwardedOnly boolean
    mirror after security policy allow
    id string
    The provider-assigned unique ID for this managed resource.
    interface string
    decrypt mirror port
    location GetDecryptionProfileLocation
    The location of this object.
    name string
    sshProxy GetDecryptionProfileSshProxy
    sslForwardProxy GetDecryptionProfileSslForwardProxy
    sslInboundProxy GetDecryptionProfileSslInboundProxy
    sslNoProxy GetDecryptionProfileSslNoProxy
    sslProtocolSettings GetDecryptionProfileSslProtocolSettings
    disableOverride String
    disable object override in child device groups
    forwardedOnly Boolean
    mirror after security policy allow
    id String
    The provider-assigned unique ID for this managed resource.
    interface String
    decrypt mirror port
    location Property Map
    The location of this object.
    name String
    sshProxy Property Map
    sslForwardProxy Property Map
    sslInboundProxy Property Map
    sslNoProxy Property Map
    sslProtocolSettings Property Map

    Supporting Types

    GetDecryptionProfileLocation

    DeviceGroup GetDecryptionProfileLocationDeviceGroup
    Located in a specific Device Group
    Shared GetDecryptionProfileLocationShared
    Panorama shared object
    Vsys GetDecryptionProfileLocationVsys
    Located in a specific Virtual System
    DeviceGroup GetDecryptionProfileLocationDeviceGroup
    Located in a specific Device Group
    Shared GetDecryptionProfileLocationShared
    Panorama shared object
    Vsys GetDecryptionProfileLocationVsys
    Located in a specific Virtual System
    device_group object
    Located in a specific Device Group
    shared object
    Panorama shared object
    vsys object
    Located in a specific Virtual System
    deviceGroup GetDecryptionProfileLocationDeviceGroup
    Located in a specific Device Group
    shared GetDecryptionProfileLocationShared
    Panorama shared object
    vsys GetDecryptionProfileLocationVsys
    Located in a specific Virtual System
    deviceGroup GetDecryptionProfileLocationDeviceGroup
    Located in a specific Device Group
    shared GetDecryptionProfileLocationShared
    Panorama shared object
    vsys GetDecryptionProfileLocationVsys
    Located in a specific Virtual System
    device_group GetDecryptionProfileLocationDeviceGroup
    Located in a specific Device Group
    shared GetDecryptionProfileLocationShared
    Panorama shared object
    vsys GetDecryptionProfileLocationVsys
    Located in a specific Virtual System
    deviceGroup Property Map
    Located in a specific Device Group
    shared Property Map
    Panorama shared object
    vsys Property Map
    Located in a specific Virtual System

    GetDecryptionProfileLocationDeviceGroup

    Name string
    Device Group name
    PanoramaDevice string
    Panorama device name
    Name string
    Device Group name
    PanoramaDevice string
    Panorama device name
    name string
    Device Group name
    panorama_device string
    Panorama device name
    name String
    Device Group name
    panoramaDevice String
    Panorama device name
    name string
    Device Group name
    panoramaDevice string
    Panorama device name
    name str
    Device Group name
    panorama_device str
    Panorama device name
    name String
    Device Group name
    panoramaDevice String
    Panorama device name

    GetDecryptionProfileLocationVsys

    Name string
    The Virtual System name
    NgfwDevice string
    The NGFW device name
    Name string
    The Virtual System name
    NgfwDevice string
    The NGFW device name
    name string
    The Virtual System name
    ngfw_device string
    The NGFW device name
    name String
    The Virtual System name
    ngfwDevice String
    The NGFW device name
    name string
    The Virtual System name
    ngfwDevice string
    The NGFW device name
    name str
    The Virtual System name
    ngfw_device str
    The NGFW device name
    name String
    The Virtual System name
    ngfwDevice String
    The NGFW device name

    GetDecryptionProfileSshProxy

    BlockIfNoResource bool
    whether to block sessions if device has no enough resources
    BlockSshErrors bool
    whether to block sessions if ssh errors are encountered
    BlockUnsupportedAlg bool
    whether to block sessions if ssh algorithm is not supported
    BlockUnsupportedVersion bool
    whether to block sessions if ssh version is not supported
    BlockIfNoResource bool
    whether to block sessions if device has no enough resources
    BlockSshErrors bool
    whether to block sessions if ssh errors are encountered
    BlockUnsupportedAlg bool
    whether to block sessions if ssh algorithm is not supported
    BlockUnsupportedVersion bool
    whether to block sessions if ssh version is not supported
    block_if_no_resource bool
    whether to block sessions if device has no enough resources
    block_ssh_errors bool
    whether to block sessions if ssh errors are encountered
    block_unsupported_alg bool
    whether to block sessions if ssh algorithm is not supported
    block_unsupported_version bool
    whether to block sessions if ssh version is not supported
    blockIfNoResource Boolean
    whether to block sessions if device has no enough resources
    blockSshErrors Boolean
    whether to block sessions if ssh errors are encountered
    blockUnsupportedAlg Boolean
    whether to block sessions if ssh algorithm is not supported
    blockUnsupportedVersion Boolean
    whether to block sessions if ssh version is not supported
    blockIfNoResource boolean
    whether to block sessions if device has no enough resources
    blockSshErrors boolean
    whether to block sessions if ssh errors are encountered
    blockUnsupportedAlg boolean
    whether to block sessions if ssh algorithm is not supported
    blockUnsupportedVersion boolean
    whether to block sessions if ssh version is not supported
    block_if_no_resource bool
    whether to block sessions if device has no enough resources
    block_ssh_errors bool
    whether to block sessions if ssh errors are encountered
    block_unsupported_alg bool
    whether to block sessions if ssh algorithm is not supported
    block_unsupported_version bool
    whether to block sessions if ssh version is not supported
    blockIfNoResource Boolean
    whether to block sessions if device has no enough resources
    blockSshErrors Boolean
    whether to block sessions if ssh errors are encountered
    blockUnsupportedAlg Boolean
    whether to block sessions if ssh algorithm is not supported
    blockUnsupportedVersion Boolean
    whether to block sessions if ssh version is not supported

    GetDecryptionProfileSslForwardProxy

    AutoIncludeAltname bool
    whether to automatically append SAN to impersonating certificate if server certificate is missing SAN
    BlockClientCert bool
    Block sessions with client certificate
    BlockExpiredCertificate bool
    Block sessions with expired certificates
    BlockIfHsmUnavailable bool
    whether to block sessions if HSM is unavailable
    BlockIfNoResource bool
    whether to block sessions if device has no enough resources
    BlockIfSniMismatch bool
    whether to block a session when certificate's subject name or SAN doesn't match SNI
    BlockTimeoutCert bool
    Block sessions if certificate status cannot be retrieved within timeout
    BlockTls13DowngradeNoResource bool
    whether to downgrade from tls1.3 if device has not enough resources
    BlockUnknownCert bool
    Block sessions if certificate status is unknown
    BlockUnsupportedCipher bool
    Block sessions with unsupported cipher suites
    BlockUnsupportedVersion bool
    Block sessions with unsupported protocol versions
    BlockUntrustedIssuer bool
    Block sessions with untrusted certificate issuers
    RestrictCertExts bool
    Restrict certificate extensions
    StripAlpn bool
    Strip ALPN extension from ClientHello
    AutoIncludeAltname bool
    whether to automatically append SAN to impersonating certificate if server certificate is missing SAN
    BlockClientCert bool
    Block sessions with client certificate
    BlockExpiredCertificate bool
    Block sessions with expired certificates
    BlockIfHsmUnavailable bool
    whether to block sessions if HSM is unavailable
    BlockIfNoResource bool
    whether to block sessions if device has no enough resources
    BlockIfSniMismatch bool
    whether to block a session when certificate's subject name or SAN doesn't match SNI
    BlockTimeoutCert bool
    Block sessions if certificate status cannot be retrieved within timeout
    BlockTls13DowngradeNoResource bool
    whether to downgrade from tls1.3 if device has not enough resources
    BlockUnknownCert bool
    Block sessions if certificate status is unknown
    BlockUnsupportedCipher bool
    Block sessions with unsupported cipher suites
    BlockUnsupportedVersion bool
    Block sessions with unsupported protocol versions
    BlockUntrustedIssuer bool
    Block sessions with untrusted certificate issuers
    RestrictCertExts bool
    Restrict certificate extensions
    StripAlpn bool
    Strip ALPN extension from ClientHello
    auto_include_altname bool
    whether to automatically append SAN to impersonating certificate if server certificate is missing SAN
    block_client_cert bool
    Block sessions with client certificate
    block_expired_certificate bool
    Block sessions with expired certificates
    block_if_hsm_unavailable bool
    whether to block sessions if HSM is unavailable
    block_if_no_resource bool
    whether to block sessions if device has no enough resources
    block_if_sni_mismatch bool
    whether to block a session when certificate's subject name or SAN doesn't match SNI
    block_timeout_cert bool
    Block sessions if certificate status cannot be retrieved within timeout
    block_tls13_downgrade_no_resource bool
    whether to downgrade from tls1.3 if device has not enough resources
    block_unknown_cert bool
    Block sessions if certificate status is unknown
    block_unsupported_cipher bool
    Block sessions with unsupported cipher suites
    block_unsupported_version bool
    Block sessions with unsupported protocol versions
    block_untrusted_issuer bool
    Block sessions with untrusted certificate issuers
    restrict_cert_exts bool
    Restrict certificate extensions
    strip_alpn bool
    Strip ALPN extension from ClientHello
    autoIncludeAltname Boolean
    whether to automatically append SAN to impersonating certificate if server certificate is missing SAN
    blockClientCert Boolean
    Block sessions with client certificate
    blockExpiredCertificate Boolean
    Block sessions with expired certificates
    blockIfHsmUnavailable Boolean
    whether to block sessions if HSM is unavailable
    blockIfNoResource Boolean
    whether to block sessions if device has no enough resources
    blockIfSniMismatch Boolean
    whether to block a session when certificate's subject name or SAN doesn't match SNI
    blockTimeoutCert Boolean
    Block sessions if certificate status cannot be retrieved within timeout
    blockTls13DowngradeNoResource Boolean
    whether to downgrade from tls1.3 if device has not enough resources
    blockUnknownCert Boolean
    Block sessions if certificate status is unknown
    blockUnsupportedCipher Boolean
    Block sessions with unsupported cipher suites
    blockUnsupportedVersion Boolean
    Block sessions with unsupported protocol versions
    blockUntrustedIssuer Boolean
    Block sessions with untrusted certificate issuers
    restrictCertExts Boolean
    Restrict certificate extensions
    stripAlpn Boolean
    Strip ALPN extension from ClientHello
    autoIncludeAltname boolean
    whether to automatically append SAN to impersonating certificate if server certificate is missing SAN
    blockClientCert boolean
    Block sessions with client certificate
    blockExpiredCertificate boolean
    Block sessions with expired certificates
    blockIfHsmUnavailable boolean
    whether to block sessions if HSM is unavailable
    blockIfNoResource boolean
    whether to block sessions if device has no enough resources
    blockIfSniMismatch boolean
    whether to block a session when certificate's subject name or SAN doesn't match SNI
    blockTimeoutCert boolean
    Block sessions if certificate status cannot be retrieved within timeout
    blockTls13DowngradeNoResource boolean
    whether to downgrade from tls1.3 if device has not enough resources
    blockUnknownCert boolean
    Block sessions if certificate status is unknown
    blockUnsupportedCipher boolean
    Block sessions with unsupported cipher suites
    blockUnsupportedVersion boolean
    Block sessions with unsupported protocol versions
    blockUntrustedIssuer boolean
    Block sessions with untrusted certificate issuers
    restrictCertExts boolean
    Restrict certificate extensions
    stripAlpn boolean
    Strip ALPN extension from ClientHello
    auto_include_altname bool
    whether to automatically append SAN to impersonating certificate if server certificate is missing SAN
    block_client_cert bool
    Block sessions with client certificate
    block_expired_certificate bool
    Block sessions with expired certificates
    block_if_hsm_unavailable bool
    whether to block sessions if HSM is unavailable
    block_if_no_resource bool
    whether to block sessions if device has no enough resources
    block_if_sni_mismatch bool
    whether to block a session when certificate's subject name or SAN doesn't match SNI
    block_timeout_cert bool
    Block sessions if certificate status cannot be retrieved within timeout
    block_tls13_downgrade_no_resource bool
    whether to downgrade from tls1.3 if device has not enough resources
    block_unknown_cert bool
    Block sessions if certificate status is unknown
    block_unsupported_cipher bool
    Block sessions with unsupported cipher suites
    block_unsupported_version bool
    Block sessions with unsupported protocol versions
    block_untrusted_issuer bool
    Block sessions with untrusted certificate issuers
    restrict_cert_exts bool
    Restrict certificate extensions
    strip_alpn bool
    Strip ALPN extension from ClientHello
    autoIncludeAltname Boolean
    whether to automatically append SAN to impersonating certificate if server certificate is missing SAN
    blockClientCert Boolean
    Block sessions with client certificate
    blockExpiredCertificate Boolean
    Block sessions with expired certificates
    blockIfHsmUnavailable Boolean
    whether to block sessions if HSM is unavailable
    blockIfNoResource Boolean
    whether to block sessions if device has no enough resources
    blockIfSniMismatch Boolean
    whether to block a session when certificate's subject name or SAN doesn't match SNI
    blockTimeoutCert Boolean
    Block sessions if certificate status cannot be retrieved within timeout
    blockTls13DowngradeNoResource Boolean
    whether to downgrade from tls1.3 if device has not enough resources
    blockUnknownCert Boolean
    Block sessions if certificate status is unknown
    blockUnsupportedCipher Boolean
    Block sessions with unsupported cipher suites
    blockUnsupportedVersion Boolean
    Block sessions with unsupported protocol versions
    blockUntrustedIssuer Boolean
    Block sessions with untrusted certificate issuers
    restrictCertExts Boolean
    Restrict certificate extensions
    stripAlpn Boolean
    Strip ALPN extension from ClientHello

    GetDecryptionProfileSslInboundProxy

    BlockIfHsmUnavailable bool
    Block sessions when HSM is unavailable
    BlockIfNoResource bool
    Block sessions when decryption resources are not available
    BlockTls13DowngradeNoResource bool
    Block TLS 1.3 downgrade when no resources are available
    BlockUnsupportedCipher bool
    Block sessions with unsupported cipher suites
    BlockUnsupportedVersion bool
    Block sessions with unsupported protocol versions
    BlockIfHsmUnavailable bool
    Block sessions when HSM is unavailable
    BlockIfNoResource bool
    Block sessions when decryption resources are not available
    BlockTls13DowngradeNoResource bool
    Block TLS 1.3 downgrade when no resources are available
    BlockUnsupportedCipher bool
    Block sessions with unsupported cipher suites
    BlockUnsupportedVersion bool
    Block sessions with unsupported protocol versions
    block_if_hsm_unavailable bool
    Block sessions when HSM is unavailable
    block_if_no_resource bool
    Block sessions when decryption resources are not available
    block_tls13_downgrade_no_resource bool
    Block TLS 1.3 downgrade when no resources are available
    block_unsupported_cipher bool
    Block sessions with unsupported cipher suites
    block_unsupported_version bool
    Block sessions with unsupported protocol versions
    blockIfHsmUnavailable Boolean
    Block sessions when HSM is unavailable
    blockIfNoResource Boolean
    Block sessions when decryption resources are not available
    blockTls13DowngradeNoResource Boolean
    Block TLS 1.3 downgrade when no resources are available
    blockUnsupportedCipher Boolean
    Block sessions with unsupported cipher suites
    blockUnsupportedVersion Boolean
    Block sessions with unsupported protocol versions
    blockIfHsmUnavailable boolean
    Block sessions when HSM is unavailable
    blockIfNoResource boolean
    Block sessions when decryption resources are not available
    blockTls13DowngradeNoResource boolean
    Block TLS 1.3 downgrade when no resources are available
    blockUnsupportedCipher boolean
    Block sessions with unsupported cipher suites
    blockUnsupportedVersion boolean
    Block sessions with unsupported protocol versions
    block_if_hsm_unavailable bool
    Block sessions when HSM is unavailable
    block_if_no_resource bool
    Block sessions when decryption resources are not available
    block_tls13_downgrade_no_resource bool
    Block TLS 1.3 downgrade when no resources are available
    block_unsupported_cipher bool
    Block sessions with unsupported cipher suites
    block_unsupported_version bool
    Block sessions with unsupported protocol versions
    blockIfHsmUnavailable Boolean
    Block sessions when HSM is unavailable
    blockIfNoResource Boolean
    Block sessions when decryption resources are not available
    blockTls13DowngradeNoResource Boolean
    Block TLS 1.3 downgrade when no resources are available
    blockUnsupportedCipher Boolean
    Block sessions with unsupported cipher suites
    blockUnsupportedVersion Boolean
    Block sessions with unsupported protocol versions

    GetDecryptionProfileSslNoProxy

    BlockExpiredCertificate bool
    Block sessions with expired certificates
    BlockUntrustedIssuer bool
    Block sessions with untrusted certificate issuers
    BlockExpiredCertificate bool
    Block sessions with expired certificates
    BlockUntrustedIssuer bool
    Block sessions with untrusted certificate issuers
    block_expired_certificate bool
    Block sessions with expired certificates
    block_untrusted_issuer bool
    Block sessions with untrusted certificate issuers
    blockExpiredCertificate Boolean
    Block sessions with expired certificates
    blockUntrustedIssuer Boolean
    Block sessions with untrusted certificate issuers
    blockExpiredCertificate boolean
    Block sessions with expired certificates
    blockUntrustedIssuer boolean
    Block sessions with untrusted certificate issuers
    block_expired_certificate bool
    Block sessions with expired certificates
    block_untrusted_issuer bool
    Block sessions with untrusted certificate issuers
    blockExpiredCertificate Boolean
    Block sessions with expired certificates
    blockUntrustedIssuer Boolean
    Block sessions with untrusted certificate issuers

    GetDecryptionProfileSslProtocolSettings

    AuthAlgoMd5 bool
    Allow MD5 authentication algorithm
    AuthAlgoSha1 bool
    Allow SHA1 authentication algorithm
    AuthAlgoSha256 bool
    Allow SHA256 authentication algorithm
    AuthAlgoSha384 bool
    Allow SHA384 authentication algorithm
    EncAlgo3des bool
    Allow 3DES encryption algorithm
    EncAlgoAes128Cbc bool
    Allow AES-128-CBC encryption algorithm
    EncAlgoAes128Gcm bool
    Allow AES-128-GCM encryption algorithm
    EncAlgoAes256Cbc bool
    Allow AES-256-CBC encryption algorithm
    EncAlgoAes256Gcm bool
    Allow AES-256-GCM encryption algorithm
    EncAlgoChacha20Poly1305 bool
    Allow algorithm chacha20-poly1305
    EncAlgoRc4 bool
    Allow RC4 encryption algorithm
    KeyxchgAlgoDhe bool
    Allow DHE key exchange algorithm
    KeyxchgAlgoEcdhe bool
    Allow ECDHE key exchange algorithm
    KeyxchgAlgoRsa bool
    Allow RSA key exchange algorithm
    MaxVersion string
    Maximum SSL/TLS protocol version
    MinVersion string
    Minimum SSL/TLS protocol version
    AuthAlgoMd5 bool
    Allow MD5 authentication algorithm
    AuthAlgoSha1 bool
    Allow SHA1 authentication algorithm
    AuthAlgoSha256 bool
    Allow SHA256 authentication algorithm
    AuthAlgoSha384 bool
    Allow SHA384 authentication algorithm
    EncAlgo3des bool
    Allow 3DES encryption algorithm
    EncAlgoAes128Cbc bool
    Allow AES-128-CBC encryption algorithm
    EncAlgoAes128Gcm bool
    Allow AES-128-GCM encryption algorithm
    EncAlgoAes256Cbc bool
    Allow AES-256-CBC encryption algorithm
    EncAlgoAes256Gcm bool
    Allow AES-256-GCM encryption algorithm
    EncAlgoChacha20Poly1305 bool
    Allow algorithm chacha20-poly1305
    EncAlgoRc4 bool
    Allow RC4 encryption algorithm
    KeyxchgAlgoDhe bool
    Allow DHE key exchange algorithm
    KeyxchgAlgoEcdhe bool
    Allow ECDHE key exchange algorithm
    KeyxchgAlgoRsa bool
    Allow RSA key exchange algorithm
    MaxVersion string
    Maximum SSL/TLS protocol version
    MinVersion string
    Minimum SSL/TLS protocol version
    auth_algo_md5 bool
    Allow MD5 authentication algorithm
    auth_algo_sha1 bool
    Allow SHA1 authentication algorithm
    auth_algo_sha256 bool
    Allow SHA256 authentication algorithm
    auth_algo_sha384 bool
    Allow SHA384 authentication algorithm
    enc_algo3des bool
    Allow 3DES encryption algorithm
    enc_algo_aes128_cbc bool
    Allow AES-128-CBC encryption algorithm
    enc_algo_aes128_gcm bool
    Allow AES-128-GCM encryption algorithm
    enc_algo_aes256_cbc bool
    Allow AES-256-CBC encryption algorithm
    enc_algo_aes256_gcm bool
    Allow AES-256-GCM encryption algorithm
    enc_algo_chacha20_poly1305 bool
    Allow algorithm chacha20-poly1305
    enc_algo_rc4 bool
    Allow RC4 encryption algorithm
    keyxchg_algo_dhe bool
    Allow DHE key exchange algorithm
    keyxchg_algo_ecdhe bool
    Allow ECDHE key exchange algorithm
    keyxchg_algo_rsa bool
    Allow RSA key exchange algorithm
    max_version string
    Maximum SSL/TLS protocol version
    min_version string
    Minimum SSL/TLS protocol version
    authAlgoMd5 Boolean
    Allow MD5 authentication algorithm
    authAlgoSha1 Boolean
    Allow SHA1 authentication algorithm
    authAlgoSha256 Boolean
    Allow SHA256 authentication algorithm
    authAlgoSha384 Boolean
    Allow SHA384 authentication algorithm
    encAlgo3des Boolean
    Allow 3DES encryption algorithm
    encAlgoAes128Cbc Boolean
    Allow AES-128-CBC encryption algorithm
    encAlgoAes128Gcm Boolean
    Allow AES-128-GCM encryption algorithm
    encAlgoAes256Cbc Boolean
    Allow AES-256-CBC encryption algorithm
    encAlgoAes256Gcm Boolean
    Allow AES-256-GCM encryption algorithm
    encAlgoChacha20Poly1305 Boolean
    Allow algorithm chacha20-poly1305
    encAlgoRc4 Boolean
    Allow RC4 encryption algorithm
    keyxchgAlgoDhe Boolean
    Allow DHE key exchange algorithm
    keyxchgAlgoEcdhe Boolean
    Allow ECDHE key exchange algorithm
    keyxchgAlgoRsa Boolean
    Allow RSA key exchange algorithm
    maxVersion String
    Maximum SSL/TLS protocol version
    minVersion String
    Minimum SSL/TLS protocol version
    authAlgoMd5 boolean
    Allow MD5 authentication algorithm
    authAlgoSha1 boolean
    Allow SHA1 authentication algorithm
    authAlgoSha256 boolean
    Allow SHA256 authentication algorithm
    authAlgoSha384 boolean
    Allow SHA384 authentication algorithm
    encAlgo3des boolean
    Allow 3DES encryption algorithm
    encAlgoAes128Cbc boolean
    Allow AES-128-CBC encryption algorithm
    encAlgoAes128Gcm boolean
    Allow AES-128-GCM encryption algorithm
    encAlgoAes256Cbc boolean
    Allow AES-256-CBC encryption algorithm
    encAlgoAes256Gcm boolean
    Allow AES-256-GCM encryption algorithm
    encAlgoChacha20Poly1305 boolean
    Allow algorithm chacha20-poly1305
    encAlgoRc4 boolean
    Allow RC4 encryption algorithm
    keyxchgAlgoDhe boolean
    Allow DHE key exchange algorithm
    keyxchgAlgoEcdhe boolean
    Allow ECDHE key exchange algorithm
    keyxchgAlgoRsa boolean
    Allow RSA key exchange algorithm
    maxVersion string
    Maximum SSL/TLS protocol version
    minVersion string
    Minimum SSL/TLS protocol version
    auth_algo_md5 bool
    Allow MD5 authentication algorithm
    auth_algo_sha1 bool
    Allow SHA1 authentication algorithm
    auth_algo_sha256 bool
    Allow SHA256 authentication algorithm
    auth_algo_sha384 bool
    Allow SHA384 authentication algorithm
    enc_algo3des bool
    Allow 3DES encryption algorithm
    enc_algo_aes128_cbc bool
    Allow AES-128-CBC encryption algorithm
    enc_algo_aes128_gcm bool
    Allow AES-128-GCM encryption algorithm
    enc_algo_aes256_cbc bool
    Allow AES-256-CBC encryption algorithm
    enc_algo_aes256_gcm bool
    Allow AES-256-GCM encryption algorithm
    enc_algo_chacha20_poly1305 bool
    Allow algorithm chacha20-poly1305
    enc_algo_rc4 bool
    Allow RC4 encryption algorithm
    keyxchg_algo_dhe bool
    Allow DHE key exchange algorithm
    keyxchg_algo_ecdhe bool
    Allow ECDHE key exchange algorithm
    keyxchg_algo_rsa bool
    Allow RSA key exchange algorithm
    max_version str
    Maximum SSL/TLS protocol version
    min_version str
    Minimum SSL/TLS protocol version
    authAlgoMd5 Boolean
    Allow MD5 authentication algorithm
    authAlgoSha1 Boolean
    Allow SHA1 authentication algorithm
    authAlgoSha256 Boolean
    Allow SHA256 authentication algorithm
    authAlgoSha384 Boolean
    Allow SHA384 authentication algorithm
    encAlgo3des Boolean
    Allow 3DES encryption algorithm
    encAlgoAes128Cbc Boolean
    Allow AES-128-CBC encryption algorithm
    encAlgoAes128Gcm Boolean
    Allow AES-128-GCM encryption algorithm
    encAlgoAes256Cbc Boolean
    Allow AES-256-CBC encryption algorithm
    encAlgoAes256Gcm Boolean
    Allow AES-256-GCM encryption algorithm
    encAlgoChacha20Poly1305 Boolean
    Allow algorithm chacha20-poly1305
    encAlgoRc4 Boolean
    Allow RC4 encryption algorithm
    keyxchgAlgoDhe Boolean
    Allow DHE key exchange algorithm
    keyxchgAlgoEcdhe Boolean
    Allow ECDHE key exchange algorithm
    keyxchgAlgoRsa Boolean
    Allow RSA key exchange algorithm
    maxVersion String
    Maximum SSL/TLS protocol version
    minVersion String
    Minimum SSL/TLS protocol version

    Package Details

    Repository
    panos paloaltonetworks/terraform-provider-panos
    License
    Notes
    This Pulumi package is based on the panos Terraform Provider.
    Viewing docs for panos 2.0.12
    published on Wednesday, Jun 17, 2026 by paloaltonetworks
    Schema (JSON)
    paloaltonetworks/terraform-provider-panos

      Try Pulumi Cloud free.
      Your team will thank you.

      Start free trial