1. Packages
  2. Unifi
  3. API Docs
  4. port
  5. Profile
Unifi v0.2.0 published on Tuesday, Feb 17, 2026 by Pulumiverse
Schema (JSON)
pulumiverse/pulumi-unifi

unifi.port.Profile

unifi logo
Unifi v0.2.0 published on Tuesday, Feb 17, 2026 by Pulumiverse
Schema (JSON)
pulumiverse/pulumi-unifi

    The unifi.port.Profile resource manages port profiles that can be applied to UniFi switch ports.

    Port profiles define a collection of settings that can be applied to one or more switch ports, including:

    • Network and VLAN settings
    • Port speed and duplex settings
    • Security features like 802.1X authentication and port isolation
    • Rate limiting and QoS settings
    • Network protocols like LLDP and STP

    Creating port profiles allows for consistent configuration across multiple switch ports and easier management of port settings.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
import * as unifi from "@pulumiverse/unifi";

const config = new pulumi.Config();
const vlanId = config.getNumber("vlanId") || 10;
const vlan = new unifi.Network("vlan", {
    name: "wifi-vlan",
    purpose: "corporate",
    subnet: "10.0.0.1/24",
    vlanId: vlanId,
    dhcpStart: "10.0.0.6",
    dhcpStop: "10.0.0.254",
    dhcpEnabled: true,
});
const poeDisabled = new unifi.port.Profile("poe_disabled", {
    name: "POE Disabled",
    nativeNetworkconfId: vlan.id,
    poeMode: "off",
});

    import pulumi
import pulumiverse_unifi as unifi

config = pulumi.Config()
vlan_id = config.get_float("vlanId")
if vlan_id is None:
    vlan_id = 10
vlan = unifi.Network("vlan",
    name="wifi-vlan",
    purpose="corporate",
    subnet="10.0.0.1/24",
    vlan_id=vlan_id,
    dhcp_start="10.0.0.6",
    dhcp_stop="10.0.0.254",
    dhcp_enabled=True)
poe_disabled = unifi.port.Profile("poe_disabled",
    name="POE Disabled",
    native_networkconf_id=vlan.id,
    poe_mode="off")

    package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
	"github.com/pulumiverse/pulumi-unifi/sdk/go/unifi"
	"github.com/pulumiverse/pulumi-unifi/sdk/go/unifi/port"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		vlanId := float64(10)
		if param := cfg.GetFloat64("vlanId"); param != 0 {
			vlanId = param
		}
		vlan, err := unifi.NewNetwork(ctx, "vlan", &unifi.NetworkArgs{
			Name:        pulumi.String("wifi-vlan"),
			Purpose:     pulumi.String("corporate"),
			Subnet:      pulumi.String("10.0.0.1/24"),
			VlanId:      pulumi.Float64(vlanId),
			DhcpStart:   pulumi.String("10.0.0.6"),
			DhcpStop:    pulumi.String("10.0.0.254"),
			DhcpEnabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = port.NewProfile(ctx, "poe_disabled", &port.ProfileArgs{
			Name:                pulumi.String("POE Disabled"),
			NativeNetworkconfId: vlan.ID(),
			PoeMode:             pulumi.String("off"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Unifi = Pulumiverse.Unifi;

return await Deployment.RunAsync(() => 
{
    var config = new Config();
    var vlanId = config.GetDouble("vlanId") ?? 10;
    var vlan = new Unifi.Network("vlan", new()
    {
        Name = "wifi-vlan",
        Purpose = "corporate",
        Subnet = "10.0.0.1/24",
        VlanId = vlanId,
        DhcpStart = "10.0.0.6",
        DhcpStop = "10.0.0.254",
        DhcpEnabled = true,
    });

    var poeDisabled = new Unifi.Port.Profile("poe_disabled", new()
    {
        Name = "POE Disabled",
        NativeNetworkconfId = vlan.Id,
        PoeMode = "off",
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumiverse.unifi.Network;
import com.pulumiverse.unifi.NetworkArgs;
import com.pulumiverse.unifi.port.Profile;
import com.pulumiverse.unifi.port.ProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var config = ctx.config();
        final var vlanId = config.get("vlanId").orElse(10);
        var vlan = new Network("vlan", NetworkArgs.builder()
            .name("wifi-vlan")
            .purpose("corporate")
            .subnet("10.0.0.1/24")
            .vlanId(vlanId)
            .dhcpStart("10.0.0.6")
            .dhcpStop("10.0.0.254")
            .dhcpEnabled(true)
            .build());

        var poeDisabled = new Profile("poeDisabled", ProfileArgs.builder()
            .name("POE Disabled")
            .nativeNetworkconfId(vlan.id())
            .poeMode("off")
            .build());

    }
}

    configuration:
  vlanId:
    type: number
    default: 10
resources:
  vlan:
    type: unifi:Network
    properties:
      name: wifi-vlan
      purpose: corporate
      subnet: 10.0.0.1/24
      vlanId: ${vlanId}
      dhcpStart: 10.0.0.6
      dhcpStop: 10.0.0.254
      dhcpEnabled: true
  poeDisabled:
    type: unifi:port:Profile
    name: poe_disabled
    properties:
      name: POE Disabled
      nativeNetworkconfId: ${vlan.id}
      poeMode: off

    Create Profile Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Profile(name: string, args?: ProfileArgs, opts?: CustomResourceOptions);
    @overload
def Profile(resource_name: str,
            args: Optional[ProfileArgs] = None,
            opts: Optional[ResourceOptions] = None)

@overload
def Profile(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            autoneg: Optional[bool] = None,
            dot1x_ctrl: Optional[str] = None,
            dot1x_idle_timeout: Optional[int] = None,
            egress_rate_limit_kbps: Optional[int] = None,
            egress_rate_limit_kbps_enabled: Optional[bool] = None,
            excluded_network_ids: Optional[Sequence[str]] = None,
            forward: Optional[str] = None,
            full_duplex: Optional[bool] = None,
            isolation: Optional[bool] = None,
            lldpmed_enabled: Optional[bool] = None,
            lldpmed_notify_enabled: Optional[bool] = None,
            name: Optional[str] = None,
            native_networkconf_id: Optional[str] = None,
            op_mode: Optional[str] = None,
            poe_mode: Optional[str] = None,
            port_security_enabled: Optional[bool] = None,
            port_security_mac_addresses: Optional[Sequence[str]] = None,
            priority_queue1_level: Optional[int] = None,
            priority_queue2_level: Optional[int] = None,
            priority_queue3_level: Optional[int] = None,
            priority_queue4_level: Optional[int] = None,
            site: Optional[str] = None,
            speed: Optional[int] = None,
            stormctrl_bcast_enabled: Optional[bool] = None,
            stormctrl_bcast_level: Optional[int] = None,
            stormctrl_bcast_rate: Optional[int] = None,
            stormctrl_mcast_enabled: Optional[bool] = None,
            stormctrl_mcast_level: Optional[int] = None,
            stormctrl_mcast_rate: Optional[int] = None,
            stormctrl_type: Optional[str] = None,
            stormctrl_ucast_enabled: Optional[bool] = None,
            stormctrl_ucast_level: Optional[int] = None,
            stormctrl_ucast_rate: Optional[int] = None,
            stp_port_mode: Optional[bool] = None,
            tagged_vlan_mgmt: Optional[str] = None,
            voice_networkconf_id: Optional[str] = None)
    func NewProfile(ctx *Context, name string, args *ProfileArgs, opts ...ResourceOption) (*Profile, error)
    public Profile(string name, ProfileArgs? args = null, CustomResourceOptions? opts = null)
    public Profile(String name, ProfileArgs args)
public Profile(String name, ProfileArgs args, CustomResourceOptions options)

    type: unifi:port:Profile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args ProfileArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var profileResource = new Unifi.Port.Profile("profileResource", new()
{
    Autoneg = false,
    Dot1xCtrl = "string",
    Dot1xIdleTimeout = 0,
    EgressRateLimitKbps = 0,
    EgressRateLimitKbpsEnabled = false,
    ExcludedNetworkIds = new[]
    {
        "string",
    },
    Forward = "string",
    FullDuplex = false,
    Isolation = false,
    LldpmedEnabled = false,
    LldpmedNotifyEnabled = false,
    Name = "string",
    NativeNetworkconfId = "string",
    OpMode = "string",
    PoeMode = "string",
    PortSecurityEnabled = false,
    PortSecurityMacAddresses = new[]
    {
        "string",
    },
    PriorityQueue1Level = 0,
    PriorityQueue2Level = 0,
    PriorityQueue3Level = 0,
    PriorityQueue4Level = 0,
    Site = "string",
    Speed = 0,
    StormctrlBcastEnabled = false,
    StormctrlBcastLevel = 0,
    StormctrlBcastRate = 0,
    StormctrlMcastEnabled = false,
    StormctrlMcastLevel = 0,
    StormctrlMcastRate = 0,
    StormctrlType = "string",
    StormctrlUcastEnabled = false,
    StormctrlUcastLevel = 0,
    StormctrlUcastRate = 0,
    StpPortMode = false,
    TaggedVlanMgmt = "string",
    VoiceNetworkconfId = "string",
});

    example, err := port.NewProfile(ctx, "profileResource", &port.ProfileArgs{
	Autoneg:                    pulumi.Bool(false),
	Dot1xCtrl:                  pulumi.String("string"),
	Dot1xIdleTimeout:           pulumi.Int(0),
	EgressRateLimitKbps:        pulumi.Int(0),
	EgressRateLimitKbpsEnabled: pulumi.Bool(false),
	ExcludedNetworkIds: pulumi.StringArray{
		pulumi.String("string"),
	},
	Forward:              pulumi.String("string"),
	FullDuplex:           pulumi.Bool(false),
	Isolation:            pulumi.Bool(false),
	LldpmedEnabled:       pulumi.Bool(false),
	LldpmedNotifyEnabled: pulumi.Bool(false),
	Name:                 pulumi.String("string"),
	NativeNetworkconfId:  pulumi.String("string"),
	OpMode:               pulumi.String("string"),
	PoeMode:              pulumi.String("string"),
	PortSecurityEnabled:  pulumi.Bool(false),
	PortSecurityMacAddresses: pulumi.StringArray{
		pulumi.String("string"),
	},
	PriorityQueue1Level:   pulumi.Int(0),
	PriorityQueue2Level:   pulumi.Int(0),
	PriorityQueue3Level:   pulumi.Int(0),
	PriorityQueue4Level:   pulumi.Int(0),
	Site:                  pulumi.String("string"),
	Speed:                 pulumi.Int(0),
	StormctrlBcastEnabled: pulumi.Bool(false),
	StormctrlBcastLevel:   pulumi.Int(0),
	StormctrlBcastRate:    pulumi.Int(0),
	StormctrlMcastEnabled: pulumi.Bool(false),
	StormctrlMcastLevel:   pulumi.Int(0),
	StormctrlMcastRate:    pulumi.Int(0),
	StormctrlType:         pulumi.String("string"),
	StormctrlUcastEnabled: pulumi.Bool(false),
	StormctrlUcastLevel:   pulumi.Int(0),
	StormctrlUcastRate:    pulumi.Int(0),
	StpPortMode:           pulumi.Bool(false),
	TaggedVlanMgmt:        pulumi.String("string"),
	VoiceNetworkconfId:    pulumi.String("string"),
})

    var profileResource = new Profile("profileResource", ProfileArgs.builder()
    .autoneg(false)
    .dot1xCtrl("string")
    .dot1xIdleTimeout(0)
    .egressRateLimitKbps(0)
    .egressRateLimitKbpsEnabled(false)
    .excludedNetworkIds("string")
    .forward("string")
    .fullDuplex(false)
    .isolation(false)
    .lldpmedEnabled(false)
    .lldpmedNotifyEnabled(false)
    .name("string")
    .nativeNetworkconfId("string")
    .opMode("string")
    .poeMode("string")
    .portSecurityEnabled(false)
    .portSecurityMacAddresses("string")
    .priorityQueue1Level(0)
    .priorityQueue2Level(0)
    .priorityQueue3Level(0)
    .priorityQueue4Level(0)
    .site("string")
    .speed(0)
    .stormctrlBcastEnabled(false)
    .stormctrlBcastLevel(0)
    .stormctrlBcastRate(0)
    .stormctrlMcastEnabled(false)
    .stormctrlMcastLevel(0)
    .stormctrlMcastRate(0)
    .stormctrlType("string")
    .stormctrlUcastEnabled(false)
    .stormctrlUcastLevel(0)
    .stormctrlUcastRate(0)
    .stpPortMode(false)
    .taggedVlanMgmt("string")
    .voiceNetworkconfId("string")
    .build());

    profile_resource = unifi.port.Profile("profileResource",
    autoneg=False,
    dot1x_ctrl="string",
    dot1x_idle_timeout=0,
    egress_rate_limit_kbps=0,
    egress_rate_limit_kbps_enabled=False,
    excluded_network_ids=["string"],
    forward="string",
    full_duplex=False,
    isolation=False,
    lldpmed_enabled=False,
    lldpmed_notify_enabled=False,
    name="string",
    native_networkconf_id="string",
    op_mode="string",
    poe_mode="string",
    port_security_enabled=False,
    port_security_mac_addresses=["string"],
    priority_queue1_level=0,
    priority_queue2_level=0,
    priority_queue3_level=0,
    priority_queue4_level=0,
    site="string",
    speed=0,
    stormctrl_bcast_enabled=False,
    stormctrl_bcast_level=0,
    stormctrl_bcast_rate=0,
    stormctrl_mcast_enabled=False,
    stormctrl_mcast_level=0,
    stormctrl_mcast_rate=0,
    stormctrl_type="string",
    stormctrl_ucast_enabled=False,
    stormctrl_ucast_level=0,
    stormctrl_ucast_rate=0,
    stp_port_mode=False,
    tagged_vlan_mgmt="string",
    voice_networkconf_id="string")

    const profileResource = new unifi.port.Profile("profileResource", {
    autoneg: false,
    dot1xCtrl: "string",
    dot1xIdleTimeout: 0,
    egressRateLimitKbps: 0,
    egressRateLimitKbpsEnabled: false,
    excludedNetworkIds: ["string"],
    forward: "string",
    fullDuplex: false,
    isolation: false,
    lldpmedEnabled: false,
    lldpmedNotifyEnabled: false,
    name: "string",
    nativeNetworkconfId: "string",
    opMode: "string",
    poeMode: "string",
    portSecurityEnabled: false,
    portSecurityMacAddresses: ["string"],
    priorityQueue1Level: 0,
    priorityQueue2Level: 0,
    priorityQueue3Level: 0,
    priorityQueue4Level: 0,
    site: "string",
    speed: 0,
    stormctrlBcastEnabled: false,
    stormctrlBcastLevel: 0,
    stormctrlBcastRate: 0,
    stormctrlMcastEnabled: false,
    stormctrlMcastLevel: 0,
    stormctrlMcastRate: 0,
    stormctrlType: "string",
    stormctrlUcastEnabled: false,
    stormctrlUcastLevel: 0,
    stormctrlUcastRate: 0,
    stpPortMode: false,
    taggedVlanMgmt: "string",
    voiceNetworkconfId: "string",
});

    type: unifi:port:Profile
properties:
    autoneg: false
    dot1xCtrl: string
    dot1xIdleTimeout: 0
    egressRateLimitKbps: 0
    egressRateLimitKbpsEnabled: false
    excludedNetworkIds:
        - string
    forward: string
    fullDuplex: false
    isolation: false
    lldpmedEnabled: false
    lldpmedNotifyEnabled: false
    name: string
    nativeNetworkconfId: string
    opMode: string
    poeMode: string
    portSecurityEnabled: false
    portSecurityMacAddresses:
        - string
    priorityQueue1Level: 0
    priorityQueue2Level: 0
    priorityQueue3Level: 0
    priorityQueue4Level: 0
    site: string
    speed: 0
    stormctrlBcastEnabled: false
    stormctrlBcastLevel: 0
    stormctrlBcastRate: 0
    stormctrlMcastEnabled: false
    stormctrlMcastLevel: 0
    stormctrlMcastRate: 0
    stormctrlType: string
    stormctrlUcastEnabled: false
    stormctrlUcastLevel: 0
    stormctrlUcastRate: 0
    stpPortMode: false
    taggedVlanMgmt: string
    voiceNetworkconfId: string

    Profile Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Profile resource accepts the following input properties:

    Autoneg bool
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    Dot1xCtrl string

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    Dot1xIdleTimeout int
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    EgressRateLimitKbps int
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    EgressRateLimitKbpsEnabled bool
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    ExcludedNetworkIds List<string>
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    Forward string

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    FullDuplex bool
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    Isolation bool
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    LldpmedEnabled bool
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    LldpmedNotifyEnabled bool
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    Name string
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    NativeNetworkconfId string
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    OpMode string
    The operation mode for the port profile. Can only be switch
    PoeMode string
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    PortSecurityEnabled bool
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    PortSecurityMacAddresses List<string>
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    PriorityQueue1Level int
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    PriorityQueue2Level int
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    PriorityQueue3Level int
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    PriorityQueue4Level int
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    Site string
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    Speed int
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    StormctrlBcastEnabled bool
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    StormctrlBcastLevel int
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlBcastRate int
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    StormctrlMcastEnabled bool
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    StormctrlMcastLevel int
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlMcastRate int
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    StormctrlType string
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    StormctrlUcastEnabled bool
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    StormctrlUcastLevel int
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlUcastRate int
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    StpPortMode bool

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    TaggedVlanMgmt string
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    VoiceNetworkconfId string

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    Autoneg bool
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    Dot1xCtrl string

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    Dot1xIdleTimeout int
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    EgressRateLimitKbps int
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    EgressRateLimitKbpsEnabled bool
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    ExcludedNetworkIds []string
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    Forward string

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    FullDuplex bool
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    Isolation bool
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    LldpmedEnabled bool
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    LldpmedNotifyEnabled bool
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    Name string
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    NativeNetworkconfId string
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    OpMode string
    The operation mode for the port profile. Can only be switch
    PoeMode string
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    PortSecurityEnabled bool
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    PortSecurityMacAddresses []string
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    PriorityQueue1Level int
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    PriorityQueue2Level int
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    PriorityQueue3Level int
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    PriorityQueue4Level int
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    Site string
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    Speed int
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    StormctrlBcastEnabled bool
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    StormctrlBcastLevel int
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlBcastRate int
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    StormctrlMcastEnabled bool
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    StormctrlMcastLevel int
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlMcastRate int
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    StormctrlType string
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    StormctrlUcastEnabled bool
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    StormctrlUcastLevel int
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlUcastRate int
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    StpPortMode bool

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    TaggedVlanMgmt string
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    VoiceNetworkconfId string

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    autoneg Boolean
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    dot1xCtrl String

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    dot1xIdleTimeout Integer
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    egressRateLimitKbps Integer
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    egressRateLimitKbpsEnabled Boolean
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    excludedNetworkIds List<String>
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    forward String

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    fullDuplex Boolean
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    isolation Boolean
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    lldpmedEnabled Boolean
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    lldpmedNotifyEnabled Boolean
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    name String
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    nativeNetworkconfId String
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    opMode String
    The operation mode for the port profile. Can only be switch
    poeMode String
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    portSecurityEnabled Boolean
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    portSecurityMacAddresses List<String>
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    priorityQueue1Level Integer
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue2Level Integer
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    priorityQueue3Level Integer
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue4Level Integer
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    site String
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    speed Integer
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    stormctrlBcastEnabled Boolean
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    stormctrlBcastLevel Integer
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlBcastRate Integer
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    stormctrlMcastEnabled Boolean
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    stormctrlMcastLevel Integer
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlMcastRate Integer
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    stormctrlType String
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    stormctrlUcastEnabled Boolean
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    stormctrlUcastLevel Integer
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlUcastRate Integer
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    stpPortMode Boolean

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    taggedVlanMgmt String
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    voiceNetworkconfId String

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    autoneg boolean
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    dot1xCtrl string

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    dot1xIdleTimeout number
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    egressRateLimitKbps number
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    egressRateLimitKbpsEnabled boolean
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    excludedNetworkIds string[]
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    forward string

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    fullDuplex boolean
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    isolation boolean
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    lldpmedEnabled boolean
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    lldpmedNotifyEnabled boolean
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    name string
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    nativeNetworkconfId string
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    opMode string
    The operation mode for the port profile. Can only be switch
    poeMode string
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    portSecurityEnabled boolean
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    portSecurityMacAddresses string[]
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    priorityQueue1Level number
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue2Level number
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    priorityQueue3Level number
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue4Level number
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    site string
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    speed number
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    stormctrlBcastEnabled boolean
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    stormctrlBcastLevel number
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlBcastRate number
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    stormctrlMcastEnabled boolean
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    stormctrlMcastLevel number
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlMcastRate number
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    stormctrlType string
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    stormctrlUcastEnabled boolean
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    stormctrlUcastLevel number
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlUcastRate number
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    stpPortMode boolean

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    taggedVlanMgmt string
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    voiceNetworkconfId string

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    autoneg bool
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    dot1x_ctrl str

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    dot1x_idle_timeout int
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    egress_rate_limit_kbps int
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    egress_rate_limit_kbps_enabled bool
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    excluded_network_ids Sequence[str]
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    forward str

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    full_duplex bool
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    isolation bool
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    lldpmed_enabled bool
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    lldpmed_notify_enabled bool
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    name str
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    native_networkconf_id str
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    op_mode str
    The operation mode for the port profile. Can only be switch
    poe_mode str
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    port_security_enabled bool
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    port_security_mac_addresses Sequence[str]
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    priority_queue1_level int
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    priority_queue2_level int
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    priority_queue3_level int
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    priority_queue4_level int
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    site str
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    speed int
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    stormctrl_bcast_enabled bool
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    stormctrl_bcast_level int
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrl_bcast_rate int
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    stormctrl_mcast_enabled bool
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    stormctrl_mcast_level int
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrl_mcast_rate int
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    stormctrl_type str
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    stormctrl_ucast_enabled bool
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    stormctrl_ucast_level int
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrl_ucast_rate int
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    stp_port_mode bool

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    tagged_vlan_mgmt str
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    voice_networkconf_id str

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    autoneg Boolean
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    dot1xCtrl String

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    dot1xIdleTimeout Number
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    egressRateLimitKbps Number
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    egressRateLimitKbpsEnabled Boolean
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    excludedNetworkIds List<String>
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    forward String

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    fullDuplex Boolean
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    isolation Boolean
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    lldpmedEnabled Boolean
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    lldpmedNotifyEnabled Boolean
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    name String
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    nativeNetworkconfId String
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    opMode String
    The operation mode for the port profile. Can only be switch
    poeMode String
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    portSecurityEnabled Boolean
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    portSecurityMacAddresses List<String>
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    priorityQueue1Level Number
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue2Level Number
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    priorityQueue3Level Number
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue4Level Number
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    site String
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    speed Number
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    stormctrlBcastEnabled Boolean
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    stormctrlBcastLevel Number
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlBcastRate Number
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    stormctrlMcastEnabled Boolean
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    stormctrlMcastLevel Number
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlMcastRate Number
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    stormctrlType String
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    stormctrlUcastEnabled Boolean
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    stormctrlUcastLevel Number
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlUcastRate Number
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    stpPortMode Boolean

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    taggedVlanMgmt String
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    voiceNetworkconfId String

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Profile resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Profile Resource

    Get an existing Profile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: ProfileState, opts?: CustomResourceOptions): Profile
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        autoneg: Optional[bool] = None,
        dot1x_ctrl: Optional[str] = None,
        dot1x_idle_timeout: Optional[int] = None,
        egress_rate_limit_kbps: Optional[int] = None,
        egress_rate_limit_kbps_enabled: Optional[bool] = None,
        excluded_network_ids: Optional[Sequence[str]] = None,
        forward: Optional[str] = None,
        full_duplex: Optional[bool] = None,
        isolation: Optional[bool] = None,
        lldpmed_enabled: Optional[bool] = None,
        lldpmed_notify_enabled: Optional[bool] = None,
        name: Optional[str] = None,
        native_networkconf_id: Optional[str] = None,
        op_mode: Optional[str] = None,
        poe_mode: Optional[str] = None,
        port_security_enabled: Optional[bool] = None,
        port_security_mac_addresses: Optional[Sequence[str]] = None,
        priority_queue1_level: Optional[int] = None,
        priority_queue2_level: Optional[int] = None,
        priority_queue3_level: Optional[int] = None,
        priority_queue4_level: Optional[int] = None,
        site: Optional[str] = None,
        speed: Optional[int] = None,
        stormctrl_bcast_enabled: Optional[bool] = None,
        stormctrl_bcast_level: Optional[int] = None,
        stormctrl_bcast_rate: Optional[int] = None,
        stormctrl_mcast_enabled: Optional[bool] = None,
        stormctrl_mcast_level: Optional[int] = None,
        stormctrl_mcast_rate: Optional[int] = None,
        stormctrl_type: Optional[str] = None,
        stormctrl_ucast_enabled: Optional[bool] = None,
        stormctrl_ucast_level: Optional[int] = None,
        stormctrl_ucast_rate: Optional[int] = None,
        stp_port_mode: Optional[bool] = None,
        tagged_vlan_mgmt: Optional[str] = None,
        voice_networkconf_id: Optional[str] = None) -> Profile
    func GetProfile(ctx *Context, name string, id IDInput, state *ProfileState, opts ...ResourceOption) (*Profile, error)
    public static Profile Get(string name, Input<string> id, ProfileState? state, CustomResourceOptions? opts = null)
    public static Profile get(String name, Output<String> id, ProfileState state, CustomResourceOptions options)
    resources:  _:    type: unifi:port:Profile    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Autoneg bool
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    Dot1xCtrl string

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    Dot1xIdleTimeout int
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    EgressRateLimitKbps int
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    EgressRateLimitKbpsEnabled bool
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    ExcludedNetworkIds List<string>
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    Forward string

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    FullDuplex bool
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    Isolation bool
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    LldpmedEnabled bool
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    LldpmedNotifyEnabled bool
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    Name string
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    NativeNetworkconfId string
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    OpMode string
    The operation mode for the port profile. Can only be switch
    PoeMode string
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    PortSecurityEnabled bool
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    PortSecurityMacAddresses List<string>
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    PriorityQueue1Level int
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    PriorityQueue2Level int
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    PriorityQueue3Level int
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    PriorityQueue4Level int
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    Site string
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    Speed int
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    StormctrlBcastEnabled bool
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    StormctrlBcastLevel int
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlBcastRate int
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    StormctrlMcastEnabled bool
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    StormctrlMcastLevel int
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlMcastRate int
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    StormctrlType string
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    StormctrlUcastEnabled bool
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    StormctrlUcastLevel int
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlUcastRate int
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    StpPortMode bool

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    TaggedVlanMgmt string
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    VoiceNetworkconfId string

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    Autoneg bool
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    Dot1xCtrl string

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    Dot1xIdleTimeout int
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    EgressRateLimitKbps int
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    EgressRateLimitKbpsEnabled bool
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    ExcludedNetworkIds []string
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    Forward string

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    FullDuplex bool
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    Isolation bool
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    LldpmedEnabled bool
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    LldpmedNotifyEnabled bool
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    Name string
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    NativeNetworkconfId string
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    OpMode string
    The operation mode for the port profile. Can only be switch
    PoeMode string
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    PortSecurityEnabled bool
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    PortSecurityMacAddresses []string
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    PriorityQueue1Level int
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    PriorityQueue2Level int
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    PriorityQueue3Level int
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    PriorityQueue4Level int
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    Site string
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    Speed int
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    StormctrlBcastEnabled bool
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    StormctrlBcastLevel int
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlBcastRate int
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    StormctrlMcastEnabled bool
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    StormctrlMcastLevel int
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlMcastRate int
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    StormctrlType string
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    StormctrlUcastEnabled bool
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    StormctrlUcastLevel int
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    StormctrlUcastRate int
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    StpPortMode bool

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    TaggedVlanMgmt string
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    VoiceNetworkconfId string

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    autoneg Boolean
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    dot1xCtrl String

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    dot1xIdleTimeout Integer
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    egressRateLimitKbps Integer
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    egressRateLimitKbpsEnabled Boolean
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    excludedNetworkIds List<String>
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    forward String

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    fullDuplex Boolean
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    isolation Boolean
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    lldpmedEnabled Boolean
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    lldpmedNotifyEnabled Boolean
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    name String
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    nativeNetworkconfId String
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    opMode String
    The operation mode for the port profile. Can only be switch
    poeMode String
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    portSecurityEnabled Boolean
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    portSecurityMacAddresses List<String>
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    priorityQueue1Level Integer
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue2Level Integer
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    priorityQueue3Level Integer
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue4Level Integer
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    site String
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    speed Integer
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    stormctrlBcastEnabled Boolean
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    stormctrlBcastLevel Integer
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlBcastRate Integer
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    stormctrlMcastEnabled Boolean
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    stormctrlMcastLevel Integer
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlMcastRate Integer
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    stormctrlType String
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    stormctrlUcastEnabled Boolean
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    stormctrlUcastLevel Integer
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlUcastRate Integer
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    stpPortMode Boolean

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    taggedVlanMgmt String
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    voiceNetworkconfId String

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    autoneg boolean
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    dot1xCtrl string

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    dot1xIdleTimeout number
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    egressRateLimitKbps number
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    egressRateLimitKbpsEnabled boolean
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    excludedNetworkIds string[]
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    forward string

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    fullDuplex boolean
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    isolation boolean
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    lldpmedEnabled boolean
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    lldpmedNotifyEnabled boolean
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    name string
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    nativeNetworkconfId string
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    opMode string
    The operation mode for the port profile. Can only be switch
    poeMode string
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    portSecurityEnabled boolean
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    portSecurityMacAddresses string[]
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    priorityQueue1Level number
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue2Level number
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    priorityQueue3Level number
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue4Level number
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    site string
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    speed number
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    stormctrlBcastEnabled boolean
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    stormctrlBcastLevel number
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlBcastRate number
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    stormctrlMcastEnabled boolean
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    stormctrlMcastLevel number
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlMcastRate number
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    stormctrlType string
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    stormctrlUcastEnabled boolean
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    stormctrlUcastLevel number
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlUcastRate number
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    stpPortMode boolean

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    taggedVlanMgmt string
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    voiceNetworkconfId string

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    autoneg bool
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    dot1x_ctrl str

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    dot1x_idle_timeout int
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    egress_rate_limit_kbps int
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    egress_rate_limit_kbps_enabled bool
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    excluded_network_ids Sequence[str]
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    forward str

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    full_duplex bool
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    isolation bool
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    lldpmed_enabled bool
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    lldpmed_notify_enabled bool
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    name str
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    native_networkconf_id str
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    op_mode str
    The operation mode for the port profile. Can only be switch
    poe_mode str
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    port_security_enabled bool
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    port_security_mac_addresses Sequence[str]
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    priority_queue1_level int
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    priority_queue2_level int
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    priority_queue3_level int
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    priority_queue4_level int
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    site str
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    speed int
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    stormctrl_bcast_enabled bool
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    stormctrl_bcast_level int
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrl_bcast_rate int
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    stormctrl_mcast_enabled bool
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    stormctrl_mcast_level int
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrl_mcast_rate int
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    stormctrl_type str
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    stormctrl_ucast_enabled bool
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    stormctrl_ucast_level int
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrl_ucast_rate int
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    stp_port_mode bool

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    tagged_vlan_mgmt str
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    voice_networkconf_id str

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    autoneg Boolean
    Enable automatic negotiation of port speed and duplex settings. When enabled, this overrides manual speed and duplex settings. Recommended for most use cases.
    dot1xCtrl String

    802.1X port-based network access control (PNAC) mode. Valid values are:

    • force_authorized - Port allows all traffic, no authentication required (default)
    • force_unauthorized - Port blocks all traffic regardless of authentication
    • auto - Standard 802.1X authentication required before port access is granted
    • mac_based - Authentication based on client MAC address, useful for devices that don't support 802.1X
    • multi_host - Allows multiple devices after first successful authentication, common in VoIP phone setups

    Use 'auto' for highest security, 'mac_based' for legacy devices, and 'multi_host' when daisy-chaining devices.

    dot1xIdleTimeout Number
    The number of seconds before an inactive authenticated MAC address is removed when using MAC-based 802.1X control. Range: 0-65535 seconds.
    egressRateLimitKbps Number
    The maximum outbound bandwidth allowed on the port in kilobits per second. Range: 64-9999999 kbps. Only applied when egress_rate_limit_kbps_enabled is true.
    egressRateLimitKbpsEnabled Boolean
    Enable outbound bandwidth rate limiting on the port. When enabled, traffic will be limited to the rate specified in egress_rate_limit_kbps.
    excludedNetworkIds List<String>
    List of network IDs to exclude when forward is set to 'customize'. This allows you to prevent specific networks from being accessible on ports using this profile.
    forward String

    VLAN forwarding mode for the port. Valid values are:

    • all - Forward all VLANs (trunk port)
    • native - Only forward untagged traffic (access port)
    • customize - Forward selected VLANs (use with excluded_network_ids)
    • disabled - Disable VLAN forwarding

    Examples:

    • Use 'all' for uplink ports or connections to VLAN-aware devices
    • Use 'native' for end-user devices or simple network connections
    • Use 'customize' to create a selective trunk port (e.g., for a server needing access to specific VLANs)
    fullDuplex Boolean
    Enable full-duplex mode when auto-negotiation is disabled. Full duplex allows simultaneous two-way communication.
    isolation Boolean
    Enable port isolation. When enabled, devices connected to ports with this profile cannot communicate with each other, providing enhanced security.
    lldpmedEnabled Boolean
    Enable Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED). This allows for automatic discovery and configuration of devices like VoIP phones.
    lldpmedNotifyEnabled Boolean
    Enable LLDP-MED topology change notifications. When enabled:

    • Network devices will be notified of topology changes
    • Useful for VoIP phones and other LLDP-MED capable devices
    • Helps maintain accurate network topology information
    • Facilitates faster device configuration and provisioning
    name String
    A descriptive name for the port profile. Examples:

    • 'AP-Trunk-Port' - For access point uplinks
    • 'VoIP-Phone-Port' - For VoIP phone connections
    • 'User-Access-Port' - For standard user connections
    • 'IoT-Device-Port' - For IoT device connections
    nativeNetworkconfId String
    The ID of the network to use as the native (untagged) network on ports using this profile. This is typically used for:

    • Access ports where devices need untagged access
    • Trunk ports to specify the native VLAN
    • Management networks for network devices
    opMode String
    The operation mode for the port profile. Can only be switch
    poeMode String
    The POE mode for the port profile. Can be one of auto, passv24, passthrough or off.
    portSecurityEnabled Boolean
    Enable MAC address-based port security. When enabled:

    • Only devices with specified MAC addresses can connect
    • Unauthorized devices will be blocked
    • Provides protection against unauthorized network access
    • Must be used with port_security_mac_address list
    portSecurityMacAddresses List<String>
    List of allowed MAC addresses when port security is enabled. Each address should be:

    • In standard format (e.g., 'aa:bb:cc:dd:ee:ff')
    • Unique per device
    • Verified to belong to authorized devices Only effective when port_security_enabled is true
    priorityQueue1Level Number
    Priority queue 1 level (0-100) for Quality of Service (QoS). Used for:

    • Low-priority background traffic
    • Bulk data transfers
    • Non-time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue2Level Number
    Priority queue 2 level (0-100) for Quality of Service (QoS). Used for:

    • Standard user traffic
    • Web browsing and email
    • General business applications Higher values give more bandwidth to this queue
    priorityQueue3Level Number
    Priority queue 3 level (0-100) for Quality of Service (QoS). Used for:

    • High-priority traffic
    • Voice and video conferencing
    • Time-sensitive applications Higher values give more bandwidth to this queue
    priorityQueue4Level Number
    Priority queue 4 level (0-100) for Quality of Service (QoS). Used for:

    • Highest priority traffic
    • Critical real-time applications
    • Emergency communications Higher values give more bandwidth to this queue
    site String
    The name of the UniFi site where the port profile should be created. If not specified, the default site will be used.
    speed Number
    Port speed in Mbps when auto-negotiation is disabled. Common values:

    • 10 - 10 Mbps (legacy devices)
    • 100 - 100 Mbps (Fast Ethernet)
    • 1000 - 1 Gbps (Gigabit Ethernet)
    • 2500 - 2.5 Gbps (Multi-Gigabit)
    • 5000 - 5 Gbps (Multi-Gigabit)
    • 10000 - 10 Gbps (10 Gigabit) Only used when autoneg is false
    stormctrlBcastEnabled Boolean
    Enable broadcast storm control. When enabled:

    • Limits broadcast traffic to prevent network flooding
    • Protects against broadcast storms
    • Helps maintain network stability Use with stormctrl_bcast_rate to set threshold
    stormctrlBcastLevel Number
    The broadcast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlBcastRate Number
    Maximum broadcast traffic rate in packets per second (0 - 14880000). Used to:

    • Control broadcast traffic levels
    • Prevent network congestion
    • Balance between necessary broadcasts and network protection Only effective when stormctrl_bcast_enabled is true
    stormctrlMcastEnabled Boolean
    Enable multicast storm control. When enabled:

    • Limits multicast traffic to prevent network flooding
    • Important for networks with multicast applications
    • Helps maintain quality of service Use with stormctrl_mcast_rate to set threshold
    stormctrlMcastLevel Number
    The multicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlMcastRate Number
    Maximum multicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control multicast traffic levels
    • Ensure bandwidth for critical multicast services
    • Prevent multicast traffic from overwhelming the network Only effective when stormctrl_mcast_enabled is true
    stormctrlType String
    The type of Storm Control to use for the port profile. Can be one of level or rate.
    stormctrlUcastEnabled Boolean
    Enable unknown unicast storm control. When enabled:

    • Limits unknown unicast traffic to prevent flooding
    • Protects against MAC spoofing attacks
    • Helps maintain network performance Use with stormctrl_ucast_rate to set threshold
    stormctrlUcastLevel Number
    The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
    stormctrlUcastRate Number
    Maximum unknown unicast traffic rate in packets per second (0 - 14880000). Used to:

    • Control unknown unicast traffic levels
    • Prevent network saturation from unknown destinations
    • Balance security with network usability Only effective when stormctrl_ucast_enabled is true
    stpPortMode Boolean

    Spanning Tree Protocol (STP) configuration for the port. When enabled:

    • Prevents network loops in switch-to-switch connections
    • Provides automatic failover in redundant topologies
    • Helps maintain network stability

    Best practices:

    • Enable on switch uplink ports
    • Enable on ports connecting to other switches
    • Can be disabled on end-device ports for faster initialization
    taggedVlanMgmt String
    VLAN tagging behavior for the port. Valid values are:

    • auto - Automatically handle VLAN tags (recommended)
      • Intelligently manages tagged and untagged traffic
      • Best for most deployments
    • block_all - Block all VLAN tagged traffic
      • Use for security-sensitive ports
      • Prevents VLAN hopping attacks
    • custom - Custom VLAN configuration
      • Manual control over VLAN behavior
      • For specific VLAN requirements
    voiceNetworkconfId String

    The ID of the network to use for Voice over IP (VoIP) traffic. Used for:

    • Automatic VoIP VLAN configuration
    • Voice traffic prioritization
    • QoS settings for voice packets

    Common scenarios:

    • IP phone deployments with separate voice VLAN
    • Unified communications systems
    • Converged voice/data networks

    Works in conjunction with LLDP-MED for automatic phone provisioning.

    Package Details

    Repository
    unifi pulumiverse/pulumi-unifi
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the unifi Terraform Provider.
    unifi logo
    Unifi v0.2.0 published on Tuesday, Feb 17, 2026 by Pulumiverse
    Schema (JSON)
    pulumiverse/pulumi-unifi
      Meet Neo: Your AI Platform Teammate