routeros 1.83.1, Apr 28 25

routeros 1.83.1 published on Monday, Apr 28, 2025 by terraform-routeros

terraform-routeros/terraform-provider-routeros

routeros.WifiSecurity

Explore with Pulumi AI

routeros 1.83.1 published on Monday, Apr 28, 2025 by terraform-routeros

terraform-routeros/terraform-provider-routeros

# routeros.WifiSecurity (Resource)

This resource requires a minimum version of RouterOS 7.13.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as routeros from "@pulumi/routeros";

const security1 = new routeros.WifiSecurity("security1", {
    authenticationTypes: [
        "wpa2-psk",
        "wpa3-psk",
    ],
    ft: true,
    ftPreserveVlanid: true,
    passphrase: "password",
});

import pulumi
import pulumi_routeros as routeros

security1 = routeros.WifiSecurity("security1",
    authentication_types=[
        "wpa2-psk",
        "wpa3-psk",
    ],
    ft=True,
    ft_preserve_vlanid=True,
    passphrase="password")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/routeros/routeros"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := routeros.NewWifiSecurity(ctx, "security1", &routeros.WifiSecurityArgs{
			AuthenticationTypes: pulumi.StringArray{
				pulumi.String("wpa2-psk"),
				pulumi.String("wpa3-psk"),
			},
			Ft:               pulumi.Bool(true),
			FtPreserveVlanid: pulumi.Bool(true),
			Passphrase:       pulumi.String("password"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Routeros = Pulumi.Routeros;

return await Deployment.RunAsync(() => 
{
    var security1 = new Routeros.WifiSecurity("security1", new()
    {
        AuthenticationTypes = new[]
        {
            "wpa2-psk",
            "wpa3-psk",
        },
        Ft = true,
        FtPreserveVlanid = true,
        Passphrase = "password",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.routeros.WifiSecurity;
import com.pulumi.routeros.WifiSecurityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var security1 = new WifiSecurity("security1", WifiSecurityArgs.builder()
            .authenticationTypes(            
                "wpa2-psk",
                "wpa3-psk")
            .ft(true)
            .ftPreserveVlanid(true)
            .passphrase("password")
            .build());

    }
}

resources:
  security1:
    type: routeros:WifiSecurity
    properties:
      authenticationTypes:
        - wpa2-psk
        - wpa3-psk
      ft: true
      ftPreserveVlanid: true
      passphrase: password

Create WifiSecurity Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new WifiSecurity(name: string, args?: WifiSecurityArgs, opts?: CustomResourceOptions);

@overload
def WifiSecurity(resource_name: str,
                 args: Optional[WifiSecurityArgs] = None,
                 opts: Optional[ResourceOptions] = None)

@overload
def WifiSecurity(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 ___id_: Optional[float] = None,
                 ___path_: Optional[str] = None,
                 authentication_types: Optional[Sequence[str]] = None,
                 comment: Optional[str] = None,
                 connect_group: Optional[str] = None,
                 connect_priority: Optional[str] = None,
                 dh_groups: Optional[Sequence[float]] = None,
                 disable_pmkid: Optional[bool] = None,
                 disabled: Optional[bool] = None,
                 eap_accounting: Optional[bool] = None,
                 eap_anonymous_identity: Optional[str] = None,
                 eap_certificate_mode: Optional[str] = None,
                 eap_methods: Optional[Sequence[str]] = None,
                 eap_password: Optional[str] = None,
                 eap_tls_certificate: Optional[str] = None,
                 eap_username: Optional[str] = None,
                 encryptions: Optional[Sequence[str]] = None,
                 ft: Optional[bool] = None,
                 ft_mobility_domain: Optional[str] = None,
                 ft_nas_identifier: Optional[str] = None,
                 ft_over_ds: Optional[bool] = None,
                 ft_preserve_vlanid: Optional[bool] = None,
                 ft_r0_key_lifetime: Optional[str] = None,
                 ft_reassociation_deadline: Optional[str] = None,
                 group_encryption: Optional[str] = None,
                 group_key_update: Optional[str] = None,
                 management_encryption: Optional[str] = None,
                 management_protection: Optional[str] = None,
                 multi_passphrase_group: Optional[str] = None,
                 name: Optional[str] = None,
                 owe_transition_interface: Optional[str] = None,
                 passphrase: Optional[str] = None,
                 sae_anti_clogging_threshold: Optional[str] = None,
                 sae_max_failure_rate: Optional[str] = None,
                 sae_pwe: Optional[str] = None,
                 wifi_security_id: Optional[str] = None,
                 wps: Optional[str] = None)

func NewWifiSecurity(ctx *Context, name string, args *WifiSecurityArgs, opts ...ResourceOption) (*WifiSecurity, error)

public WifiSecurity(string name, WifiSecurityArgs? args = null, CustomResourceOptions? opts = null)

public WifiSecurity(String name, WifiSecurityArgs args)
public WifiSecurity(String name, WifiSecurityArgs args, CustomResourceOptions options)

type: routeros:WifiSecurity
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args WifiSecurityArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args WifiSecurityArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args WifiSecurityArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args WifiSecurityArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args WifiSecurityArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

WifiSecurity Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The WifiSecurity resource accepts the following input properties:

AuthenticationTypes List<string>: Authentication types to enable on the interface.
Comment string
ConnectGroup string: APs within the same connect group do not allow more than 1 client device with the same MAC address.
ConnectPriority string: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
DhGroups List<double>: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
DisablePmkid bool: An option to disable inclusion of a PMKID in EAPOL frames.
Disabled bool
EapAccounting bool: An option to send accounting information to RADIUS server for EAP-authenticated peers.
EapAnonymousIdentity string: An option to specify anonymous identity for EAP outer authentication.
EapCertificateMode string: A policy for handling the TLS certificate of the RADIUS server.
EapMethods List<string>: A set of EAP methods to consider for authentication.
EapPassword string: Password to use when the chosen EAP method requires one.
EapTlsCertificate string: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
EapUsername string: Username to use when the chosen EAP method requires one.
Encryptions List<string>: A list of ciphers to support for encrypting unicast traffic.
Ft bool: An option to enable 802.11r fast BSS transitions (roaming).
FtMobilityDomain string: The fast BSS transition mobility domain ID.
FtNasIdentifier string: Fast BSS transition PMK-R0 key holder identifier.
FtOverDs bool: An option to enable fast BSS transitions over DS (distributed system).
FtPreserveVlanid bool: An option to preserve VLAN ID when roaming.
FtR0KeyLifetime string: The lifetime of the fast BSS transition PMK-R0 encryption key.
FtReassociationDeadline string: Fast BSS transition reassociation deadline.
GroupEncryption string: A cipher to use for encrypting multicast traffic.
GroupKeyUpdate string: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
ManagementEncryption string: A cipher to use for encrypting protected management frames.
ManagementProtection string: An option to enable 802.11w management frame protection.
MultiPassphraseGroup string: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
Name string: Name of the security profile.
OweTransitionInterface string: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
Passphrase string: Passphrase to use for PSK authentication types.
SaeAntiCloggingThreshold string: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
SaeMaxFailureRate string: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
SaePwe string: Methods to support for deriving SAE password element.
WifiSecurityId string: The ID of this resource.
Wps string: An option to enable WPS (Wi-Fi Protected Setup).
___id_ double: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string: Resource path for CRUD operations. This is an internal service field, setting a value is not required.

AuthenticationTypes []string: Authentication types to enable on the interface.
Comment string
ConnectGroup string: APs within the same connect group do not allow more than 1 client device with the same MAC address.
ConnectPriority string: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
DhGroups []float64: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
DisablePmkid bool: An option to disable inclusion of a PMKID in EAPOL frames.
Disabled bool
EapAccounting bool: An option to send accounting information to RADIUS server for EAP-authenticated peers.
EapAnonymousIdentity string: An option to specify anonymous identity for EAP outer authentication.
EapCertificateMode string: A policy for handling the TLS certificate of the RADIUS server.
EapMethods []string: A set of EAP methods to consider for authentication.
EapPassword string: Password to use when the chosen EAP method requires one.
EapTlsCertificate string: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
EapUsername string: Username to use when the chosen EAP method requires one.
Encryptions []string: A list of ciphers to support for encrypting unicast traffic.
Ft bool: An option to enable 802.11r fast BSS transitions (roaming).
FtMobilityDomain string: The fast BSS transition mobility domain ID.
FtNasIdentifier string: Fast BSS transition PMK-R0 key holder identifier.
FtOverDs bool: An option to enable fast BSS transitions over DS (distributed system).
FtPreserveVlanid bool: An option to preserve VLAN ID when roaming.
FtR0KeyLifetime string: The lifetime of the fast BSS transition PMK-R0 encryption key.
FtReassociationDeadline string: Fast BSS transition reassociation deadline.
GroupEncryption string: A cipher to use for encrypting multicast traffic.
GroupKeyUpdate string: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
ManagementEncryption string: A cipher to use for encrypting protected management frames.
ManagementProtection string: An option to enable 802.11w management frame protection.
MultiPassphraseGroup string: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
Name string: Name of the security profile.
OweTransitionInterface string: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
Passphrase string: Passphrase to use for PSK authentication types.
SaeAntiCloggingThreshold string: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
SaeMaxFailureRate string: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
SaePwe string: Methods to support for deriving SAE password element.
WifiSecurityId string: The ID of this resource.
Wps string: An option to enable WPS (Wi-Fi Protected Setup).
___id_ float64: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string: Resource path for CRUD operations. This is an internal service field, setting a value is not required.

___id_ Double: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ String: Resource path for CRUD operations. This is an internal service field, setting a value is not required.
authenticationTypes List<String>: Authentication types to enable on the interface.
comment String
connectGroup String: APs within the same connect group do not allow more than 1 client device with the same MAC address.
connectPriority String: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
dhGroups List<Double>: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
disablePmkid Boolean: An option to disable inclusion of a PMKID in EAPOL frames.
disabled Boolean
eapAccounting Boolean: An option to send accounting information to RADIUS server for EAP-authenticated peers.
eapAnonymousIdentity String: An option to specify anonymous identity for EAP outer authentication.
eapCertificateMode String: A policy for handling the TLS certificate of the RADIUS server.
eapMethods List<String>: A set of EAP methods to consider for authentication.
eapPassword String: Password to use when the chosen EAP method requires one.
eapTlsCertificate String: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
eapUsername String: Username to use when the chosen EAP method requires one.
encryptions List<String>: A list of ciphers to support for encrypting unicast traffic.
ft Boolean: An option to enable 802.11r fast BSS transitions (roaming).
ftMobilityDomain String: The fast BSS transition mobility domain ID.
ftNasIdentifier String: Fast BSS transition PMK-R0 key holder identifier.
ftOverDs Boolean: An option to enable fast BSS transitions over DS (distributed system).
ftPreserveVlanid Boolean: An option to preserve VLAN ID when roaming.
ftR0KeyLifetime String: The lifetime of the fast BSS transition PMK-R0 encryption key.
ftReassociationDeadline String: Fast BSS transition reassociation deadline.
groupEncryption String: A cipher to use for encrypting multicast traffic.
groupKeyUpdate String: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
managementEncryption String: A cipher to use for encrypting protected management frames.
managementProtection String: An option to enable 802.11w management frame protection.
multiPassphraseGroup String: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
name String: Name of the security profile.
oweTransitionInterface String: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
passphrase String: Passphrase to use for PSK authentication types.
saeAntiCloggingThreshold String: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
saeMaxFailureRate String: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
saePwe String: Methods to support for deriving SAE password element.
wifiSecurityId String: The ID of this resource.
wps String: An option to enable WPS (Wi-Fi Protected Setup).

___id_ number: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string: Resource path for CRUD operations. This is an internal service field, setting a value is not required.
authenticationTypes string[]: Authentication types to enable on the interface.
comment string
connectGroup string: APs within the same connect group do not allow more than 1 client device with the same MAC address.
connectPriority string: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
dhGroups number[]: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
disablePmkid boolean: An option to disable inclusion of a PMKID in EAPOL frames.
disabled boolean
eapAccounting boolean: An option to send accounting information to RADIUS server for EAP-authenticated peers.
eapAnonymousIdentity string: An option to specify anonymous identity for EAP outer authentication.
eapCertificateMode string: A policy for handling the TLS certificate of the RADIUS server.
eapMethods string[]: A set of EAP methods to consider for authentication.
eapPassword string: Password to use when the chosen EAP method requires one.
eapTlsCertificate string: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
eapUsername string: Username to use when the chosen EAP method requires one.
encryptions string[]: A list of ciphers to support for encrypting unicast traffic.
ft boolean: An option to enable 802.11r fast BSS transitions (roaming).
ftMobilityDomain string: The fast BSS transition mobility domain ID.
ftNasIdentifier string: Fast BSS transition PMK-R0 key holder identifier.
ftOverDs boolean: An option to enable fast BSS transitions over DS (distributed system).
ftPreserveVlanid boolean: An option to preserve VLAN ID when roaming.
ftR0KeyLifetime string: The lifetime of the fast BSS transition PMK-R0 encryption key.
ftReassociationDeadline string: Fast BSS transition reassociation deadline.
groupEncryption string: A cipher to use for encrypting multicast traffic.
groupKeyUpdate string: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
managementEncryption string: A cipher to use for encrypting protected management frames.
managementProtection string: An option to enable 802.11w management frame protection.
multiPassphraseGroup string: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
name string: Name of the security profile.
oweTransitionInterface string: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
passphrase string: Passphrase to use for PSK authentication types.
saeAntiCloggingThreshold string: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
saeMaxFailureRate string: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
saePwe string: Methods to support for deriving SAE password element.
wifiSecurityId string: The ID of this resource.
wps string: An option to enable WPS (Wi-Fi Protected Setup).

___id_ float: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ str: Resource path for CRUD operations. This is an internal service field, setting a value is not required.
authentication_types Sequence[str]: Authentication types to enable on the interface.
comment str
connect_group str: APs within the same connect group do not allow more than 1 client device with the same MAC address.
connect_priority str: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
dh_groups Sequence[float]: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
disable_pmkid bool: An option to disable inclusion of a PMKID in EAPOL frames.
disabled bool
eap_accounting bool: An option to send accounting information to RADIUS server for EAP-authenticated peers.
eap_anonymous_identity str: An option to specify anonymous identity for EAP outer authentication.
eap_certificate_mode str: A policy for handling the TLS certificate of the RADIUS server.
eap_methods Sequence[str]: A set of EAP methods to consider for authentication.
eap_password str: Password to use when the chosen EAP method requires one.
eap_tls_certificate str: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
eap_username str: Username to use when the chosen EAP method requires one.
encryptions Sequence[str]: A list of ciphers to support for encrypting unicast traffic.
ft bool: An option to enable 802.11r fast BSS transitions (roaming).
ft_mobility_domain str: The fast BSS transition mobility domain ID.
ft_nas_identifier str: Fast BSS transition PMK-R0 key holder identifier.
ft_over_ds bool: An option to enable fast BSS transitions over DS (distributed system).
ft_preserve_vlanid bool: An option to preserve VLAN ID when roaming.
ft_r0_key_lifetime str: The lifetime of the fast BSS transition PMK-R0 encryption key.
ft_reassociation_deadline str: Fast BSS transition reassociation deadline.
group_encryption str: A cipher to use for encrypting multicast traffic.
group_key_update str: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
management_encryption str: A cipher to use for encrypting protected management frames.
management_protection str: An option to enable 802.11w management frame protection.
multi_passphrase_group str: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
name str: Name of the security profile.
owe_transition_interface str: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
passphrase str: Passphrase to use for PSK authentication types.
sae_anti_clogging_threshold str: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
sae_max_failure_rate str: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
sae_pwe str: Methods to support for deriving SAE password element.
wifi_security_id str: The ID of this resource.
wps str: An option to enable WPS (Wi-Fi Protected Setup).

___id_ Number: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ String: Resource path for CRUD operations. This is an internal service field, setting a value is not required.
authenticationTypes List<String>: Authentication types to enable on the interface.
comment String
connectGroup String: APs within the same connect group do not allow more than 1 client device with the same MAC address.
connectPriority String: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
dhGroups List<Number>: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
disablePmkid Boolean: An option to disable inclusion of a PMKID in EAPOL frames.
disabled Boolean
eapAccounting Boolean: An option to send accounting information to RADIUS server for EAP-authenticated peers.
eapAnonymousIdentity String: An option to specify anonymous identity for EAP outer authentication.
eapCertificateMode String: A policy for handling the TLS certificate of the RADIUS server.
eapMethods List<String>: A set of EAP methods to consider for authentication.
eapPassword String: Password to use when the chosen EAP method requires one.
eapTlsCertificate String: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
eapUsername String: Username to use when the chosen EAP method requires one.
encryptions List<String>: A list of ciphers to support for encrypting unicast traffic.
ft Boolean: An option to enable 802.11r fast BSS transitions (roaming).
ftMobilityDomain String: The fast BSS transition mobility domain ID.
ftNasIdentifier String: Fast BSS transition PMK-R0 key holder identifier.
ftOverDs Boolean: An option to enable fast BSS transitions over DS (distributed system).
ftPreserveVlanid Boolean: An option to preserve VLAN ID when roaming.
ftR0KeyLifetime String: The lifetime of the fast BSS transition PMK-R0 encryption key.
ftReassociationDeadline String: Fast BSS transition reassociation deadline.
groupEncryption String: A cipher to use for encrypting multicast traffic.
groupKeyUpdate String: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
managementEncryption String: A cipher to use for encrypting protected management frames.
managementProtection String: An option to enable 802.11w management frame protection.
multiPassphraseGroup String: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
name String: Name of the security profile.
oweTransitionInterface String: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
passphrase String: Passphrase to use for PSK authentication types.
saeAntiCloggingThreshold String: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
saeMaxFailureRate String: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
saePwe String: Methods to support for deriving SAE password element.
wifiSecurityId String: The ID of this resource.
wps String: An option to enable WPS (Wi-Fi Protected Setup).

Outputs

All input properties are implicitly available as output properties. Additionally, the WifiSecurity resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing WifiSecurity Resource

Get an existing WifiSecurity resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: WifiSecurityState, opts?: CustomResourceOptions): WifiSecurity

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        ___id_: Optional[float] = None,
        ___path_: Optional[str] = None,
        authentication_types: Optional[Sequence[str]] = None,
        comment: Optional[str] = None,
        connect_group: Optional[str] = None,
        connect_priority: Optional[str] = None,
        dh_groups: Optional[Sequence[float]] = None,
        disable_pmkid: Optional[bool] = None,
        disabled: Optional[bool] = None,
        eap_accounting: Optional[bool] = None,
        eap_anonymous_identity: Optional[str] = None,
        eap_certificate_mode: Optional[str] = None,
        eap_methods: Optional[Sequence[str]] = None,
        eap_password: Optional[str] = None,
        eap_tls_certificate: Optional[str] = None,
        eap_username: Optional[str] = None,
        encryptions: Optional[Sequence[str]] = None,
        ft: Optional[bool] = None,
        ft_mobility_domain: Optional[str] = None,
        ft_nas_identifier: Optional[str] = None,
        ft_over_ds: Optional[bool] = None,
        ft_preserve_vlanid: Optional[bool] = None,
        ft_r0_key_lifetime: Optional[str] = None,
        ft_reassociation_deadline: Optional[str] = None,
        group_encryption: Optional[str] = None,
        group_key_update: Optional[str] = None,
        management_encryption: Optional[str] = None,
        management_protection: Optional[str] = None,
        multi_passphrase_group: Optional[str] = None,
        name: Optional[str] = None,
        owe_transition_interface: Optional[str] = None,
        passphrase: Optional[str] = None,
        sae_anti_clogging_threshold: Optional[str] = None,
        sae_max_failure_rate: Optional[str] = None,
        sae_pwe: Optional[str] = None,
        wifi_security_id: Optional[str] = None,
        wps: Optional[str] = None) -> WifiSecurity

func GetWifiSecurity(ctx *Context, name string, id IDInput, state *WifiSecurityState, opts ...ResourceOption) (*WifiSecurity, error)

public static WifiSecurity Get(string name, Input<string> id, WifiSecurityState? state, CustomResourceOptions? opts = null)

public static WifiSecurity get(String name, Output<String> id, WifiSecurityState state, CustomResourceOptions options)

resources:  _:    type: routeros:WifiSecurity    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AuthenticationTypes List<string>: Authentication types to enable on the interface.
Comment string
ConnectGroup string: APs within the same connect group do not allow more than 1 client device with the same MAC address.
ConnectPriority string: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
DhGroups List<double>: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
DisablePmkid bool: An option to disable inclusion of a PMKID in EAPOL frames.
Disabled bool
EapAccounting bool: An option to send accounting information to RADIUS server for EAP-authenticated peers.
EapAnonymousIdentity string: An option to specify anonymous identity for EAP outer authentication.
EapCertificateMode string: A policy for handling the TLS certificate of the RADIUS server.
EapMethods List<string>: A set of EAP methods to consider for authentication.
EapPassword string: Password to use when the chosen EAP method requires one.
EapTlsCertificate string: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
EapUsername string: Username to use when the chosen EAP method requires one.
Encryptions List<string>: A list of ciphers to support for encrypting unicast traffic.
Ft bool: An option to enable 802.11r fast BSS transitions (roaming).
FtMobilityDomain string: The fast BSS transition mobility domain ID.
FtNasIdentifier string: Fast BSS transition PMK-R0 key holder identifier.
FtOverDs bool: An option to enable fast BSS transitions over DS (distributed system).
FtPreserveVlanid bool: An option to preserve VLAN ID when roaming.
FtR0KeyLifetime string: The lifetime of the fast BSS transition PMK-R0 encryption key.
FtReassociationDeadline string: Fast BSS transition reassociation deadline.
GroupEncryption string: A cipher to use for encrypting multicast traffic.
GroupKeyUpdate string: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
ManagementEncryption string: A cipher to use for encrypting protected management frames.
ManagementProtection string: An option to enable 802.11w management frame protection.
MultiPassphraseGroup string: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
Name string: Name of the security profile.
OweTransitionInterface string: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
Passphrase string: Passphrase to use for PSK authentication types.
SaeAntiCloggingThreshold string: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
SaeMaxFailureRate string: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
SaePwe string: Methods to support for deriving SAE password element.
WifiSecurityId string: The ID of this resource.
Wps string: An option to enable WPS (Wi-Fi Protected Setup).
___id_ double: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string: Resource path for CRUD operations. This is an internal service field, setting a value is not required.

AuthenticationTypes []string: Authentication types to enable on the interface.
Comment string
ConnectGroup string: APs within the same connect group do not allow more than 1 client device with the same MAC address.
ConnectPriority string: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
DhGroups []float64: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
DisablePmkid bool: An option to disable inclusion of a PMKID in EAPOL frames.
Disabled bool
EapAccounting bool: An option to send accounting information to RADIUS server for EAP-authenticated peers.
EapAnonymousIdentity string: An option to specify anonymous identity for EAP outer authentication.
EapCertificateMode string: A policy for handling the TLS certificate of the RADIUS server.
EapMethods []string: A set of EAP methods to consider for authentication.
EapPassword string: Password to use when the chosen EAP method requires one.
EapTlsCertificate string: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
EapUsername string: Username to use when the chosen EAP method requires one.
Encryptions []string: A list of ciphers to support for encrypting unicast traffic.
Ft bool: An option to enable 802.11r fast BSS transitions (roaming).
FtMobilityDomain string: The fast BSS transition mobility domain ID.
FtNasIdentifier string: Fast BSS transition PMK-R0 key holder identifier.
FtOverDs bool: An option to enable fast BSS transitions over DS (distributed system).
FtPreserveVlanid bool: An option to preserve VLAN ID when roaming.
FtR0KeyLifetime string: The lifetime of the fast BSS transition PMK-R0 encryption key.
FtReassociationDeadline string: Fast BSS transition reassociation deadline.
GroupEncryption string: A cipher to use for encrypting multicast traffic.
GroupKeyUpdate string: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
ManagementEncryption string: A cipher to use for encrypting protected management frames.
ManagementProtection string: An option to enable 802.11w management frame protection.
MultiPassphraseGroup string: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
Name string: Name of the security profile.
OweTransitionInterface string: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
Passphrase string: Passphrase to use for PSK authentication types.
SaeAntiCloggingThreshold string: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
SaeMaxFailureRate string: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
SaePwe string: Methods to support for deriving SAE password element.
WifiSecurityId string: The ID of this resource.
Wps string: An option to enable WPS (Wi-Fi Protected Setup).
___id_ float64: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string: Resource path for CRUD operations. This is an internal service field, setting a value is not required.

___id_ Double: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ String: Resource path for CRUD operations. This is an internal service field, setting a value is not required.
authenticationTypes List<String>: Authentication types to enable on the interface.
comment String
connectGroup String: APs within the same connect group do not allow more than 1 client device with the same MAC address.
connectPriority String: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
dhGroups List<Double>: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
disablePmkid Boolean: An option to disable inclusion of a PMKID in EAPOL frames.
disabled Boolean
eapAccounting Boolean: An option to send accounting information to RADIUS server for EAP-authenticated peers.
eapAnonymousIdentity String: An option to specify anonymous identity for EAP outer authentication.
eapCertificateMode String: A policy for handling the TLS certificate of the RADIUS server.
eapMethods List<String>: A set of EAP methods to consider for authentication.
eapPassword String: Password to use when the chosen EAP method requires one.
eapTlsCertificate String: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
eapUsername String: Username to use when the chosen EAP method requires one.
encryptions List<String>: A list of ciphers to support for encrypting unicast traffic.
ft Boolean: An option to enable 802.11r fast BSS transitions (roaming).
ftMobilityDomain String: The fast BSS transition mobility domain ID.
ftNasIdentifier String: Fast BSS transition PMK-R0 key holder identifier.
ftOverDs Boolean: An option to enable fast BSS transitions over DS (distributed system).
ftPreserveVlanid Boolean: An option to preserve VLAN ID when roaming.
ftR0KeyLifetime String: The lifetime of the fast BSS transition PMK-R0 encryption key.
ftReassociationDeadline String: Fast BSS transition reassociation deadline.
groupEncryption String: A cipher to use for encrypting multicast traffic.
groupKeyUpdate String: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
managementEncryption String: A cipher to use for encrypting protected management frames.
managementProtection String: An option to enable 802.11w management frame protection.
multiPassphraseGroup String: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
name String: Name of the security profile.
oweTransitionInterface String: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
passphrase String: Passphrase to use for PSK authentication types.
saeAntiCloggingThreshold String: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
saeMaxFailureRate String: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
saePwe String: Methods to support for deriving SAE password element.
wifiSecurityId String: The ID of this resource.
wps String: An option to enable WPS (Wi-Fi Protected Setup).

___id_ number: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ string: Resource path for CRUD operations. This is an internal service field, setting a value is not required.
authenticationTypes string[]: Authentication types to enable on the interface.
comment string
connectGroup string: APs within the same connect group do not allow more than 1 client device with the same MAC address.
connectPriority string: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
dhGroups number[]: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
disablePmkid boolean: An option to disable inclusion of a PMKID in EAPOL frames.
disabled boolean
eapAccounting boolean: An option to send accounting information to RADIUS server for EAP-authenticated peers.
eapAnonymousIdentity string: An option to specify anonymous identity for EAP outer authentication.
eapCertificateMode string: A policy for handling the TLS certificate of the RADIUS server.
eapMethods string[]: A set of EAP methods to consider for authentication.
eapPassword string: Password to use when the chosen EAP method requires one.
eapTlsCertificate string: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
eapUsername string: Username to use when the chosen EAP method requires one.
encryptions string[]: A list of ciphers to support for encrypting unicast traffic.
ft boolean: An option to enable 802.11r fast BSS transitions (roaming).
ftMobilityDomain string: The fast BSS transition mobility domain ID.
ftNasIdentifier string: Fast BSS transition PMK-R0 key holder identifier.
ftOverDs boolean: An option to enable fast BSS transitions over DS (distributed system).
ftPreserveVlanid boolean: An option to preserve VLAN ID when roaming.
ftR0KeyLifetime string: The lifetime of the fast BSS transition PMK-R0 encryption key.
ftReassociationDeadline string: Fast BSS transition reassociation deadline.
groupEncryption string: A cipher to use for encrypting multicast traffic.
groupKeyUpdate string: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
managementEncryption string: A cipher to use for encrypting protected management frames.
managementProtection string: An option to enable 802.11w management frame protection.
multiPassphraseGroup string: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
name string: Name of the security profile.
oweTransitionInterface string: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
passphrase string: Passphrase to use for PSK authentication types.
saeAntiCloggingThreshold string: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
saeMaxFailureRate string: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
saePwe string: Methods to support for deriving SAE password element.
wifiSecurityId string: The ID of this resource.
wps string: An option to enable WPS (Wi-Fi Protected Setup).

___id_ float: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ str: Resource path for CRUD operations. This is an internal service field, setting a value is not required.
authentication_types Sequence[str]: Authentication types to enable on the interface.
comment str
connect_group str: APs within the same connect group do not allow more than 1 client device with the same MAC address.
connect_priority str: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
dh_groups Sequence[float]: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
disable_pmkid bool: An option to disable inclusion of a PMKID in EAPOL frames.
disabled bool
eap_accounting bool: An option to send accounting information to RADIUS server for EAP-authenticated peers.
eap_anonymous_identity str: An option to specify anonymous identity for EAP outer authentication.
eap_certificate_mode str: A policy for handling the TLS certificate of the RADIUS server.
eap_methods Sequence[str]: A set of EAP methods to consider for authentication.
eap_password str: Password to use when the chosen EAP method requires one.
eap_tls_certificate str: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
eap_username str: Username to use when the chosen EAP method requires one.
encryptions Sequence[str]: A list of ciphers to support for encrypting unicast traffic.
ft bool: An option to enable 802.11r fast BSS transitions (roaming).
ft_mobility_domain str: The fast BSS transition mobility domain ID.
ft_nas_identifier str: Fast BSS transition PMK-R0 key holder identifier.
ft_over_ds bool: An option to enable fast BSS transitions over DS (distributed system).
ft_preserve_vlanid bool: An option to preserve VLAN ID when roaming.
ft_r0_key_lifetime str: The lifetime of the fast BSS transition PMK-R0 encryption key.
ft_reassociation_deadline str: Fast BSS transition reassociation deadline.
group_encryption str: A cipher to use for encrypting multicast traffic.
group_key_update str: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
management_encryption str: A cipher to use for encrypting protected management frames.
management_protection str: An option to enable 802.11w management frame protection.
multi_passphrase_group str: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
name str: Name of the security profile.
owe_transition_interface str: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
passphrase str: Passphrase to use for PSK authentication types.
sae_anti_clogging_threshold str: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
sae_max_failure_rate str: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
sae_pwe str: Methods to support for deriving SAE password element.
wifi_security_id str: The ID of this resource.
wps str: An option to enable WPS (Wi-Fi Protected Setup).

___id_ Number: Resource ID type (.id / name). This is an internal service field, setting a value is not required.
___path_ String: Resource path for CRUD operations. This is an internal service field, setting a value is not required.
authenticationTypes List<String>: Authentication types to enable on the interface.
comment String
connectGroup String: APs within the same connect group do not allow more than 1 client device with the same MAC address.
connectPriority String: An option to determine how a connection is handled if the MAC address of the client device is the same as that of another active connection to another AP.
dhGroups List<Number>: Identifiers of elliptic curve cryptography groups to use in SAE (WPA3) authentication.
disablePmkid Boolean: An option to disable inclusion of a PMKID in EAPOL frames.
disabled Boolean
eapAccounting Boolean: An option to send accounting information to RADIUS server for EAP-authenticated peers.
eapAnonymousIdentity String: An option to specify anonymous identity for EAP outer authentication.
eapCertificateMode String: A policy for handling the TLS certificate of the RADIUS server.
eapMethods List<String>: A set of EAP methods to consider for authentication.
eapPassword String: Password to use when the chosen EAP method requires one.
eapTlsCertificate String: Name or id of a certificate in the device's certificate store to use when the chosen EAP authentication method requires one.
eapUsername String: Username to use when the chosen EAP method requires one.
encryptions List<String>: A list of ciphers to support for encrypting unicast traffic.
ft Boolean: An option to enable 802.11r fast BSS transitions (roaming).
ftMobilityDomain String: The fast BSS transition mobility domain ID.
ftNasIdentifier String: Fast BSS transition PMK-R0 key holder identifier.
ftOverDs Boolean: An option to enable fast BSS transitions over DS (distributed system).
ftPreserveVlanid Boolean: An option to preserve VLAN ID when roaming.
ftR0KeyLifetime String: The lifetime of the fast BSS transition PMK-R0 encryption key.
ftReassociationDeadline String: Fast BSS transition reassociation deadline.
groupEncryption String: A cipher to use for encrypting multicast traffic.
groupKeyUpdate String: The interval at which the group temporal key (key for encrypting broadcast traffic) is renewed.
managementEncryption String: A cipher to use for encrypting protected management frames.
managementProtection String: An option to enable 802.11w management frame protection.
multiPassphraseGroup String: Name of /interface/wifi/security/multi-passphrase/ group that will be used. Only a single group can be defined under the security profile.
name String: Name of the security profile.
oweTransitionInterface String: Name or internal ID of an interface which MAC address and SSID to advertise as the matching AP when running in OWE transition mode.
passphrase String: Passphrase to use for PSK authentication types.
saeAntiCloggingThreshold String: A parameter to mitigate DoS attacks by specifying a threshold of in-progress SAE authentications.
saeMaxFailureRate String: Rate of failed SAE (WPA3) associations per minute, at which the AP will stop processing new association requests.
saePwe String: Methods to support for deriving SAE password element.
wifiSecurityId String: The ID of this resource.
wps String: An option to enable WPS (Wi-Fi Protected Setup).

Import

#The ID can be found via API or the terminal

#The command for the terminal is -> :put [/interface/wifi/security get [print show-ids]]

$ pulumi import routeros:index/wifiSecurity:WifiSecurity security1 '*1'

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: routeros terraform-routeros/terraform-provider-routeros
License
Notes: This Pulumi package is based on the routeros Terraform Provider.

routeros 1.83.1 published on Monday, Apr 28, 2025 by terraform-routeros

terraform-routeros/terraform-provider-routeros

routeros.WifiSecurity

On this page

On this page

# routeros.WifiSecurity (Resource)

Example Usage

Create WifiSecurity Resource

Constructor syntax

Parameters

WifiSecurity Resource Properties

Inputs

Outputs

Look up Existing WifiSecurity Resource

Import

Package Details

On this page

On this page