unifi.setting.Ips

Unifi v0.2.0, Feb 17 26

Viewing docs for Unifi v0.2.0
published on Tuesday, Feb 17, 2026 by Pulumiverse

Schema (JSON)

pulumiverse/pulumi-unifi

Viewing docs for Unifi v0.2.0
published on Tuesday, Feb 17, 2026 by Pulumiverse

Schema (JSON)

pulumiverse/pulumi-unifi

The unifi.setting.Ips resource allows you to configure the Intrusion Prevention System (IPS) settings for your UniFi network. IPS provides network threat protection by monitoring, detecting, and preventing malicious traffic based on configured rules and policies. Requires controller version 7.4 or later

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as unifi from "@pulumiverse/unifi";

const test = new unifi.Network("test", {
    name: "My Network",
    purpose: "corporate",
    subnet: "192.168.1.0/24",
    vlanId: 10,
});
const example = new unifi.setting.Ips("example", {
    ipsMode: "ips",
    enabledNetworks: [test.id],
    advancedFilteringPreference: "manual",
    enabledCategories: [
        "emerging-dos",
        "emerging-exploit",
        "emerging-malware",
    ],
    adBlockedNetworks: [test.id],
    honeypots: [{
        ipAddress: "192.168.1.10",
        networkId: test.id,
    }],
    dnsFilters: [{
        name: "Work Filter",
        filter: "work",
        description: "Block non-work related sites",
        allowedSites: [
            "example.com",
            "company.com",
        ],
        blockedSites: [
            "gaming.example.com",
            "social.example.com",
        ],
        blockedTld: ["xyz"],
    }],
});

import pulumi
import pulumiverse_unifi as unifi

test = unifi.Network("test",
    name="My Network",
    purpose="corporate",
    subnet="192.168.1.0/24",
    vlan_id=10)
example = unifi.setting.Ips("example",
    ips_mode="ips",
    enabled_networks=[test.id],
    advanced_filtering_preference="manual",
    enabled_categories=[
        "emerging-dos",
        "emerging-exploit",
        "emerging-malware",
    ],
    ad_blocked_networks=[test.id],
    honeypots=[{
        "ip_address": "192.168.1.10",
        "network_id": test.id,
    }],
    dns_filters=[{
        "name": "Work Filter",
        "filter": "work",
        "description": "Block non-work related sites",
        "allowed_sites": [
            "example.com",
            "company.com",
        ],
        "blocked_sites": [
            "gaming.example.com",
            "social.example.com",
        ],
        "blocked_tld": ["xyz"],
    }])

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-unifi/sdk/go/unifi"
	"github.com/pulumiverse/pulumi-unifi/sdk/go/unifi/setting"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		test, err := unifi.NewNetwork(ctx, "test", &unifi.NetworkArgs{
			Name:    pulumi.String("My Network"),
			Purpose: pulumi.String("corporate"),
			Subnet:  pulumi.String("192.168.1.0/24"),
			VlanId:  pulumi.Int(10),
		})
		if err != nil {
			return err
		}
		_, err = setting.NewIps(ctx, "example", &setting.IpsArgs{
			IpsMode: pulumi.String("ips"),
			EnabledNetworks: pulumi.StringArray{
				test.ID(),
			},
			AdvancedFilteringPreference: pulumi.String("manual"),
			EnabledCategories: pulumi.StringArray{
				pulumi.String("emerging-dos"),
				pulumi.String("emerging-exploit"),
				pulumi.String("emerging-malware"),
			},
			AdBlockedNetworks: pulumi.StringArray{
				test.ID(),
			},
			Honeypots: setting.IpsHoneypotArray{
				&setting.IpsHoneypotArgs{
					IpAddress: pulumi.String("192.168.1.10"),
					NetworkId: test.ID(),
				},
			},
			DnsFilters: setting.IpsDnsFilterArray{
				&setting.IpsDnsFilterArgs{
					Name:        pulumi.String("Work Filter"),
					Filter:      pulumi.String("work"),
					Description: pulumi.String("Block non-work related sites"),
					AllowedSites: pulumi.StringArray{
						pulumi.String("example.com"),
						pulumi.String("company.com"),
					},
					BlockedSites: pulumi.StringArray{
						pulumi.String("gaming.example.com"),
						pulumi.String("social.example.com"),
					},
					BlockedTld: []string{
						"xyz",
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Unifi = Pulumiverse.Unifi;

return await Deployment.RunAsync(() => 
{
    var test = new Unifi.Network("test", new()
    {
        Name = "My Network",
        Purpose = "corporate",
        Subnet = "192.168.1.0/24",
        VlanId = 10,
    });

    var example = new Unifi.Setting.Ips("example", new()
    {
        IpsMode = "ips",
        EnabledNetworks = new[]
        {
            test.Id,
        },
        AdvancedFilteringPreference = "manual",
        EnabledCategories = new[]
        {
            "emerging-dos",
            "emerging-exploit",
            "emerging-malware",
        },
        AdBlockedNetworks = new[]
        {
            test.Id,
        },
        Honeypots = new[]
        {
            new Unifi.Setting.Inputs.IpsHoneypotArgs
            {
                IpAddress = "192.168.1.10",
                NetworkId = test.Id,
            },
        },
        DnsFilters = new[]
        {
            new Unifi.Setting.Inputs.IpsDnsFilterArgs
            {
                Name = "Work Filter",
                Filter = "work",
                Description = "Block non-work related sites",
                AllowedSites = new[]
                {
                    "example.com",
                    "company.com",
                },
                BlockedSites = new[]
                {
                    "gaming.example.com",
                    "social.example.com",
                },
                BlockedTld = new[]
                {
                    "xyz",
                },
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumiverse.unifi.Network;
import com.pulumiverse.unifi.NetworkArgs;
import com.pulumiverse.unifi.setting.Ips;
import com.pulumiverse.unifi.setting.IpsArgs;
import com.pulumi.unifi.setting.inputs.IpsHoneypotArgs;
import com.pulumi.unifi.setting.inputs.IpsDnsFilterArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var test = new Network("test", NetworkArgs.builder()
            .name("My Network")
            .purpose("corporate")
            .subnet("192.168.1.0/24")
            .vlanId(10)
            .build());

        var example = new Ips("example", IpsArgs.builder()
            .ipsMode("ips")
            .enabledNetworks(test.id())
            .advancedFilteringPreference("manual")
            .enabledCategories(            
                "emerging-dos",
                "emerging-exploit",
                "emerging-malware")
            .adBlockedNetworks(test.id())
            .honeypots(IpsHoneypotArgs.builder()
                .ipAddress("192.168.1.10")
                .networkId(test.id())
                .build())
            .dnsFilters(IpsDnsFilterArgs.builder()
                .name("Work Filter")
                .filter("work")
                .description("Block non-work related sites")
                .allowedSites(                
                    "example.com",
                    "company.com")
                .blockedSites(                
                    "gaming.example.com",
                    "social.example.com")
                .blockedTld(List.of("xyz"))
                .build())
            .build());

    }
}

resources:
  test:
    type: unifi:Network
    properties:
      name: My Network
      purpose: corporate
      subnet: 192.168.1.0/24
      vlanId: 10
  example:
    type: unifi:setting:Ips
    properties:
      ipsMode: ips
      enabledNetworks:
        - ${test.id}
      advancedFilteringPreference: manual
      enabledCategories:
        - emerging-dos
        - emerging-exploit
        - emerging-malware
      adBlockedNetworks:
        - ${test.id}
      honeypots:
        - ipAddress: 192.168.1.10
          networkId: ${test.id}
      dnsFilters: # Specify the site (optional, defaults to site configured in provider, otherwise "default")
      #   # site = "default"
        - name: Work Filter
          filter: work
          description: Block non-work related sites
          allowedSites:
            - example.com
            - company.com
          blockedSites:
            - gaming.example.com
            - social.example.com
          blockedTld:
            - xyz

Create Ips Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Ips(name: string, args?: IpsArgs, opts?: CustomResourceOptions);

@overload
def Ips(resource_name: str,
        args: Optional[IpsArgs] = None,
        opts: Optional[ResourceOptions] = None)

@overload
def Ips(resource_name: str,
        opts: Optional[ResourceOptions] = None,
        ad_blocked_networks: Optional[Sequence[str]] = None,
        advanced_filtering_preference: Optional[str] = None,
        dns_filters: Optional[Sequence[IpsDnsFilterArgs]] = None,
        enabled_categories: Optional[Sequence[str]] = None,
        enabled_networks: Optional[Sequence[str]] = None,
        honeypots: Optional[Sequence[IpsHoneypotArgs]] = None,
        ips_mode: Optional[str] = None,
        memory_optimized: Optional[bool] = None,
        restrict_torrents: Optional[bool] = None,
        site: Optional[str] = None,
        suppression: Optional[IpsSuppressionArgs] = None)

func NewIps(ctx *Context, name string, args *IpsArgs, opts ...ResourceOption) (*Ips, error)

public Ips(string name, IpsArgs? args = null, CustomResourceOptions? opts = null)

public Ips(String name, IpsArgs args)
public Ips(String name, IpsArgs args, CustomResourceOptions options)

type: unifi:setting:Ips
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args IpsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args IpsArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args IpsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args IpsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args IpsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var ipsResource = new Unifi.Setting.Ips("ipsResource", new()
{
    AdBlockedNetworks = new[]
    {
        "string",
    },
    AdvancedFilteringPreference = "string",
    DnsFilters = new[]
    {
        new Unifi.Setting.Inputs.IpsDnsFilterArgs
        {
            Filter = "string",
            Name = "string",
            NetworkId = "string",
            AllowedSites = new[]
            {
                "string",
            },
            BlockedSites = new[]
            {
                "string",
            },
            BlockedTlds = new[]
            {
                "string",
            },
            Description = "string",
        },
    },
    EnabledCategories = new[]
    {
        "string",
    },
    EnabledNetworks = new[]
    {
        "string",
    },
    Honeypots = new[]
    {
        new Unifi.Setting.Inputs.IpsHoneypotArgs
        {
            IpAddress = "string",
            NetworkId = "string",
        },
    },
    IpsMode = "string",
    MemoryOptimized = false,
    RestrictTorrents = false,
    Site = "string",
    Suppression = new Unifi.Setting.Inputs.IpsSuppressionArgs
    {
        Alerts = new[]
        {
            new Unifi.Setting.Inputs.IpsSuppressionAlertArgs
            {
                Category = "string",
                Signature = "string",
                Type = "string",
                Trackings = new[]
                {
                    new Unifi.Setting.Inputs.IpsSuppressionAlertTrackingArgs
                    {
                        Direction = "string",
                        Mode = "string",
                        Value = "string",
                    },
                },
            },
        },
        Whitelists = new[]
        {
            new Unifi.Setting.Inputs.IpsSuppressionWhitelistArgs
            {
                Direction = "string",
                Mode = "string",
                Value = "string",
            },
        },
    },
});

example, err := setting.NewIps(ctx, "ipsResource", &setting.IpsArgs{
	AdBlockedNetworks: pulumi.StringArray{
		pulumi.String("string"),
	},
	AdvancedFilteringPreference: pulumi.String("string"),
	DnsFilters: setting.IpsDnsFilterArray{
		&setting.IpsDnsFilterArgs{
			Filter:    pulumi.String("string"),
			Name:      pulumi.String("string"),
			NetworkId: pulumi.String("string"),
			AllowedSites: pulumi.StringArray{
				pulumi.String("string"),
			},
			BlockedSites: pulumi.StringArray{
				pulumi.String("string"),
			},
			BlockedTlds: pulumi.StringArray{
				pulumi.String("string"),
			},
			Description: pulumi.String("string"),
		},
	},
	EnabledCategories: pulumi.StringArray{
		pulumi.String("string"),
	},
	EnabledNetworks: pulumi.StringArray{
		pulumi.String("string"),
	},
	Honeypots: setting.IpsHoneypotArray{
		&setting.IpsHoneypotArgs{
			IpAddress: pulumi.String("string"),
			NetworkId: pulumi.String("string"),
		},
	},
	IpsMode:          pulumi.String("string"),
	MemoryOptimized:  pulumi.Bool(false),
	RestrictTorrents: pulumi.Bool(false),
	Site:             pulumi.String("string"),
	Suppression: &setting.IpsSuppressionArgs{
		Alerts: setting.IpsSuppressionAlertArray{
			&setting.IpsSuppressionAlertArgs{
				Category:  pulumi.String("string"),
				Signature: pulumi.String("string"),
				Type:      pulumi.String("string"),
				Trackings: setting.IpsSuppressionAlertTrackingArray{
					&setting.IpsSuppressionAlertTrackingArgs{
						Direction: pulumi.String("string"),
						Mode:      pulumi.String("string"),
						Value:     pulumi.String("string"),
					},
				},
			},
		},
		Whitelists: setting.IpsSuppressionWhitelistArray{
			&setting.IpsSuppressionWhitelistArgs{
				Direction: pulumi.String("string"),
				Mode:      pulumi.String("string"),
				Value:     pulumi.String("string"),
			},
		},
	},
})

var ipsResource = new Ips("ipsResource", IpsArgs.builder()
    .adBlockedNetworks("string")
    .advancedFilteringPreference("string")
    .dnsFilters(IpsDnsFilterArgs.builder()
        .filter("string")
        .name("string")
        .networkId("string")
        .allowedSites("string")
        .blockedSites("string")
        .blockedTlds("string")
        .description("string")
        .build())
    .enabledCategories("string")
    .enabledNetworks("string")
    .honeypots(IpsHoneypotArgs.builder()
        .ipAddress("string")
        .networkId("string")
        .build())
    .ipsMode("string")
    .memoryOptimized(false)
    .restrictTorrents(false)
    .site("string")
    .suppression(IpsSuppressionArgs.builder()
        .alerts(IpsSuppressionAlertArgs.builder()
            .category("string")
            .signature("string")
            .type("string")
            .trackings(IpsSuppressionAlertTrackingArgs.builder()
                .direction("string")
                .mode("string")
                .value("string")
                .build())
            .build())
        .whitelists(IpsSuppressionWhitelistArgs.builder()
            .direction("string")
            .mode("string")
            .value("string")
            .build())
        .build())
    .build());

ips_resource = unifi.setting.Ips("ipsResource",
    ad_blocked_networks=["string"],
    advanced_filtering_preference="string",
    dns_filters=[{
        "filter": "string",
        "name": "string",
        "network_id": "string",
        "allowed_sites": ["string"],
        "blocked_sites": ["string"],
        "blocked_tlds": ["string"],
        "description": "string",
    }],
    enabled_categories=["string"],
    enabled_networks=["string"],
    honeypots=[{
        "ip_address": "string",
        "network_id": "string",
    }],
    ips_mode="string",
    memory_optimized=False,
    restrict_torrents=False,
    site="string",
    suppression={
        "alerts": [{
            "category": "string",
            "signature": "string",
            "type": "string",
            "trackings": [{
                "direction": "string",
                "mode": "string",
                "value": "string",
            }],
        }],
        "whitelists": [{
            "direction": "string",
            "mode": "string",
            "value": "string",
        }],
    })

const ipsResource = new unifi.setting.Ips("ipsResource", {
    adBlockedNetworks: ["string"],
    advancedFilteringPreference: "string",
    dnsFilters: [{
        filter: "string",
        name: "string",
        networkId: "string",
        allowedSites: ["string"],
        blockedSites: ["string"],
        blockedTlds: ["string"],
        description: "string",
    }],
    enabledCategories: ["string"],
    enabledNetworks: ["string"],
    honeypots: [{
        ipAddress: "string",
        networkId: "string",
    }],
    ipsMode: "string",
    memoryOptimized: false,
    restrictTorrents: false,
    site: "string",
    suppression: {
        alerts: [{
            category: "string",
            signature: "string",
            type: "string",
            trackings: [{
                direction: "string",
                mode: "string",
                value: "string",
            }],
        }],
        whitelists: [{
            direction: "string",
            mode: "string",
            value: "string",
        }],
    },
});

type: unifi:setting:Ips
properties:
    adBlockedNetworks:
        - string
    advancedFilteringPreference: string
    dnsFilters:
        - allowedSites:
            - string
          blockedSites:
            - string
          blockedTlds:
            - string
          description: string
          filter: string
          name: string
          networkId: string
    enabledCategories:
        - string
    enabledNetworks:
        - string
    honeypots:
        - ipAddress: string
          networkId: string
    ipsMode: string
    memoryOptimized: false
    restrictTorrents: false
    site: string
    suppression:
        alerts:
            - category: string
              signature: string
              trackings:
                - direction: string
                  mode: string
                  value: string
              type: string
        whitelists:
            - direction: string
              mode: string
              value: string

Ips Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Ips resource accepts the following input properties:

AdBlockedNetworks List<string>

List of network IDs to enable ad blocking for. If any networks are configured, ad blocking will be automatically enabled. Each entry should be a valid network ID from your UniFi configuration. Leave empty to disable ad blocking.

AdvancedFilteringPreference string

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

DnsFilters List<Pulumiverse.Unifi.Setting.Inputs.IpsDnsFilter>

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

EnabledCategories List<string>

List of enabled IPS threat categories. Each entry enables detection and prevention for a specific type of threat. The list of valid categories includes common threats like malware, exploits, scanning, and policy violations. See the validator for the complete list of available categories.

EnabledNetworks List<string>

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

Honeypots List<Pulumiverse.Unifi.Setting.Inputs.IpsHoneypot>

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

IpsMode string

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

MemoryOptimized bool

Whether memory optimization is enabled for IPS. When set to true, the system will use less memory at the cost of potentially reduced detection capabilities. Useful for devices with limited resources. Defaults to false. Requires controller version 9.0 or later.

RestrictTorrents bool

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

Site string

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

Suppression Pulumiverse.Unifi.Setting.Inputs.IpsSuppression

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

AdBlockedNetworks []string

AdvancedFilteringPreference string

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

DnsFilters []IpsDnsFilterArgs

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

EnabledCategories []string

EnabledNetworks []string

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

Honeypots []IpsHoneypotArgs

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

IpsMode string

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

MemoryOptimized bool

RestrictTorrents bool

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

Site string

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

Suppression IpsSuppressionArgs

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

adBlockedNetworks List<String>

advancedFilteringPreference String

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

dnsFilters List<IpsDnsFilter>

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

enabledCategories List<String>

enabledNetworks List<String>

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

honeypots List<IpsHoneypot>

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

ipsMode String

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

memoryOptimized Boolean

restrictTorrents Boolean

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

site String

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

suppression IpsSuppression

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

adBlockedNetworks string[]

advancedFilteringPreference string

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

dnsFilters IpsDnsFilter[]

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

enabledCategories string[]

enabledNetworks string[]

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

honeypots IpsHoneypot[]

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

ipsMode string

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

memoryOptimized boolean

restrictTorrents boolean

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

site string

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

suppression IpsSuppression

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

ad_blocked_networks Sequence[str]

advanced_filtering_preference str

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

dns_filters Sequence[IpsDnsFilterArgs]

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

enabled_categories Sequence[str]

enabled_networks Sequence[str]

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

honeypots Sequence[IpsHoneypotArgs]

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

ips_mode str

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

memory_optimized bool

restrict_torrents bool

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

site str

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

suppression IpsSuppressionArgs

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

adBlockedNetworks List<String>

advancedFilteringPreference String

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

dnsFilters List<Property Map>

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

enabledCategories List<String>

enabledNetworks List<String>

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

honeypots List<Property Map>

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

ipsMode String

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

memoryOptimized Boolean

restrictTorrents Boolean

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

site String

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

suppression Property Map

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

Outputs

All input properties are implicitly available as output properties. Additionally, the Ips resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Ips Resource

Get an existing Ips resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IpsState, opts?: CustomResourceOptions): Ips

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        ad_blocked_networks: Optional[Sequence[str]] = None,
        advanced_filtering_preference: Optional[str] = None,
        dns_filters: Optional[Sequence[IpsDnsFilterArgs]] = None,
        enabled_categories: Optional[Sequence[str]] = None,
        enabled_networks: Optional[Sequence[str]] = None,
        honeypots: Optional[Sequence[IpsHoneypotArgs]] = None,
        ips_mode: Optional[str] = None,
        memory_optimized: Optional[bool] = None,
        restrict_torrents: Optional[bool] = None,
        site: Optional[str] = None,
        suppression: Optional[IpsSuppressionArgs] = None) -> Ips

func GetIps(ctx *Context, name string, id IDInput, state *IpsState, opts ...ResourceOption) (*Ips, error)

public static Ips Get(string name, Input<string> id, IpsState? state, CustomResourceOptions? opts = null)

public static Ips get(String name, Output<String> id, IpsState state, CustomResourceOptions options)

resources:  _:    type: unifi:setting:Ips    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AdBlockedNetworks List<string>

AdvancedFilteringPreference string

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

DnsFilters List<Pulumiverse.Unifi.Setting.Inputs.IpsDnsFilter>

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

EnabledCategories List<string>

EnabledNetworks List<string>

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

Honeypots List<Pulumiverse.Unifi.Setting.Inputs.IpsHoneypot>

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

IpsMode string

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

MemoryOptimized bool

RestrictTorrents bool

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

Site string

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

Suppression Pulumiverse.Unifi.Setting.Inputs.IpsSuppression

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

AdBlockedNetworks []string

AdvancedFilteringPreference string

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

DnsFilters []IpsDnsFilterArgs

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

EnabledCategories []string

EnabledNetworks []string

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

Honeypots []IpsHoneypotArgs

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

IpsMode string

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

MemoryOptimized bool

RestrictTorrents bool

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

Site string

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

Suppression IpsSuppressionArgs

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

adBlockedNetworks List<String>

advancedFilteringPreference String

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

dnsFilters List<IpsDnsFilter>

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

enabledCategories List<String>

enabledNetworks List<String>

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

honeypots List<IpsHoneypot>

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

ipsMode String

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

memoryOptimized Boolean

restrictTorrents Boolean

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

site String

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

suppression IpsSuppression

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

adBlockedNetworks string[]

advancedFilteringPreference string

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

dnsFilters IpsDnsFilter[]

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

enabledCategories string[]

enabledNetworks string[]

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

honeypots IpsHoneypot[]

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

ipsMode string

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

memoryOptimized boolean

restrictTorrents boolean

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

site string

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

suppression IpsSuppression

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

ad_blocked_networks Sequence[str]

advanced_filtering_preference str

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

dns_filters Sequence[IpsDnsFilterArgs]

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

enabled_categories Sequence[str]

enabled_networks Sequence[str]

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

honeypots Sequence[IpsHoneypotArgs]

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

ips_mode str

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

memory_optimized bool

restrict_torrents bool

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

site str

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

suppression IpsSuppressionArgs

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

adBlockedNetworks List<String>

advancedFilteringPreference String

The advanced filtering preference for IPS. Valid values are:

disabled - Advanced filtering is disabled
manual - Advanced filtering is enabled and manually configured

dnsFilters List<Property Map>

DNS filters configuration. If any filters are configured, DNS filtering will be automatically enabled. Each filter can be applied to a specific network and provides content filtering capabilities.

enabledCategories List<String>

enabledNetworks List<String>

List of network IDs to enable IPS protection for. Each entry should be a valid network ID from your UniFi configuration. IPS will only monitor and protect traffic on these networks.

honeypots List<Property Map>

Honeypots configuration. Honeypots are decoy systems designed to detect, deflect, or study hacking attempts. They appear as legitimate parts of the network but are isolated and monitored.

ipsMode String

The IPS operation mode. Valid values are:

ids - Intrusion Detection System mode (detect and log threats only)
ips - Intrusion Prevention System mode (detect and block threats)
ipsInline - Inline Intrusion Prevention System mode (more aggressive blocking)
disabled - IPS functionality is completely disabled

memoryOptimized Boolean

restrictTorrents Boolean

Whether to restrict BitTorrent and other peer-to-peer file sharing traffic. When set to true, the system will block P2P traffic across the network. Defaults to false.

site String

The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.

suppression Property Map

Suppression configuration for IPS. This allows you to customize which alerts are suppressed or tracked, and define whitelisted traffic that should never trigger IPS alerts.

Supporting Types

IpsDnsFilter, IpsDnsFilterArgs

Filter string

Filter type that determines the predefined filtering level. Valid values are:

none - No predefined filtering
work - Work-appropriate filtering that blocks adult content
family - Family-friendly filtering that blocks adult content and other inappropriate sites

Name string

Name of the DNS filter. This is used to identify the filter in the UniFi interface.

NetworkId string

Network ID this filter applies to. This should be a valid network ID from your UniFi configuration.

AllowedSites List<string>

List of allowed sites for this DNS filter. These domains will always be accessible regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

BlockedSites List<string>

List of blocked sites for this DNS filter. These domains will be blocked regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

BlockedTlds List<string>

List of blocked top-level domains (TLDs) for this DNS filter. All domains with these TLDs will be blocked. Each entry should be a valid TLD without the dot prefix (e.g., xyz, info).

Description string

Description of the DNS filter. This is used for documentation purposes only and does not affect functionality.

Filter string

Filter type that determines the predefined filtering level. Valid values are:

none - No predefined filtering
work - Work-appropriate filtering that blocks adult content
family - Family-friendly filtering that blocks adult content and other inappropriate sites

Name string

Name of the DNS filter. This is used to identify the filter in the UniFi interface.

NetworkId string

Network ID this filter applies to. This should be a valid network ID from your UniFi configuration.

AllowedSites []string

List of allowed sites for this DNS filter. These domains will always be accessible regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

BlockedSites []string

List of blocked sites for this DNS filter. These domains will be blocked regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

BlockedTlds []string

List of blocked top-level domains (TLDs) for this DNS filter. All domains with these TLDs will be blocked. Each entry should be a valid TLD without the dot prefix (e.g., xyz, info).

Description string

Description of the DNS filter. This is used for documentation purposes only and does not affect functionality.

filter String

Filter type that determines the predefined filtering level. Valid values are:

none - No predefined filtering
work - Work-appropriate filtering that blocks adult content
family - Family-friendly filtering that blocks adult content and other inappropriate sites

name String

Name of the DNS filter. This is used to identify the filter in the UniFi interface.

networkId String

Network ID this filter applies to. This should be a valid network ID from your UniFi configuration.

allowedSites List<String>

List of allowed sites for this DNS filter. These domains will always be accessible regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

blockedSites List<String>

List of blocked sites for this DNS filter. These domains will be blocked regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

blockedTlds List<String>

List of blocked top-level domains (TLDs) for this DNS filter. All domains with these TLDs will be blocked. Each entry should be a valid TLD without the dot prefix (e.g., xyz, info).

description String

Description of the DNS filter. This is used for documentation purposes only and does not affect functionality.

filter string

Filter type that determines the predefined filtering level. Valid values are:

none - No predefined filtering
work - Work-appropriate filtering that blocks adult content
family - Family-friendly filtering that blocks adult content and other inappropriate sites

name string

Name of the DNS filter. This is used to identify the filter in the UniFi interface.

networkId string

Network ID this filter applies to. This should be a valid network ID from your UniFi configuration.

allowedSites string[]

List of allowed sites for this DNS filter. These domains will always be accessible regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

blockedSites string[]

List of blocked sites for this DNS filter. These domains will be blocked regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

blockedTlds string[]

List of blocked top-level domains (TLDs) for this DNS filter. All domains with these TLDs will be blocked. Each entry should be a valid TLD without the dot prefix (e.g., xyz, info).

description string

Description of the DNS filter. This is used for documentation purposes only and does not affect functionality.

filter str

Filter type that determines the predefined filtering level. Valid values are:

none - No predefined filtering
work - Work-appropriate filtering that blocks adult content
family - Family-friendly filtering that blocks adult content and other inappropriate sites

name str

Name of the DNS filter. This is used to identify the filter in the UniFi interface.

network_id str

Network ID this filter applies to. This should be a valid network ID from your UniFi configuration.

allowed_sites Sequence[str]

List of allowed sites for this DNS filter. These domains will always be accessible regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

blocked_sites Sequence[str]

List of blocked sites for this DNS filter. These domains will be blocked regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

blocked_tlds Sequence[str]

List of blocked top-level domains (TLDs) for this DNS filter. All domains with these TLDs will be blocked. Each entry should be a valid TLD without the dot prefix (e.g., xyz, info).

description str

Description of the DNS filter. This is used for documentation purposes only and does not affect functionality.

filter String

Filter type that determines the predefined filtering level. Valid values are:

none - No predefined filtering
work - Work-appropriate filtering that blocks adult content
family - Family-friendly filtering that blocks adult content and other inappropriate sites

name String

Name of the DNS filter. This is used to identify the filter in the UniFi interface.

networkId String

Network ID this filter applies to. This should be a valid network ID from your UniFi configuration.

allowedSites List<String>

List of allowed sites for this DNS filter. These domains will always be accessible regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

blockedSites List<String>

List of blocked sites for this DNS filter. These domains will be blocked regardless of other filtering rules. Each entry should be a valid domain name (e.g., example.com).

blockedTlds List<String>

List of blocked top-level domains (TLDs) for this DNS filter. All domains with these TLDs will be blocked. Each entry should be a valid TLD without the dot prefix (e.g., xyz, info).

description String

Description of the DNS filter. This is used for documentation purposes only and does not affect functionality.

IpsHoneypot, IpsHoneypotArgs

IpAddress string: IP address for the honeypot. This should be an unused IPv4 address within your network range that will be used as a decoy system.
NetworkId string: Network ID for the honeypot. This should be a valid network ID from your UniFi configuration where the honeypot will be deployed.

IpAddress string: IP address for the honeypot. This should be an unused IPv4 address within your network range that will be used as a decoy system.
NetworkId string: Network ID for the honeypot. This should be a valid network ID from your UniFi configuration where the honeypot will be deployed.

ipAddress String: IP address for the honeypot. This should be an unused IPv4 address within your network range that will be used as a decoy system.
networkId String: Network ID for the honeypot. This should be a valid network ID from your UniFi configuration where the honeypot will be deployed.

ipAddress string: IP address for the honeypot. This should be an unused IPv4 address within your network range that will be used as a decoy system.
networkId string: Network ID for the honeypot. This should be a valid network ID from your UniFi configuration where the honeypot will be deployed.

ip_address str: IP address for the honeypot. This should be an unused IPv4 address within your network range that will be used as a decoy system.
network_id str: Network ID for the honeypot. This should be a valid network ID from your UniFi configuration where the honeypot will be deployed.

ipAddress String: IP address for the honeypot. This should be an unused IPv4 address within your network range that will be used as a decoy system.
networkId String: Network ID for the honeypot. This should be a valid network ID from your UniFi configuration where the honeypot will be deployed.

IpsSuppression, IpsSuppressionArgs

Alerts List<Pulumiverse.Unifi.Setting.Inputs.IpsSuppressionAlert>: Alert suppressions. Each entry defines a specific IPS alert that should be suppressed or tracked differently from the default behavior.
Whitelists List<Pulumiverse.Unifi.Setting.Inputs.IpsSuppressionWhitelist>: Whitelist configuration. Each entry defines traffic that should never trigger IPS alerts, regardless of other rules.

Alerts []IpsSuppressionAlert: Alert suppressions. Each entry defines a specific IPS alert that should be suppressed or tracked differently from the default behavior.
Whitelists []IpsSuppressionWhitelist: Whitelist configuration. Each entry defines traffic that should never trigger IPS alerts, regardless of other rules.

alerts List<IpsSuppressionAlert>: Alert suppressions. Each entry defines a specific IPS alert that should be suppressed or tracked differently from the default behavior.
whitelists List<IpsSuppressionWhitelist>: Whitelist configuration. Each entry defines traffic that should never trigger IPS alerts, regardless of other rules.

alerts IpsSuppressionAlert[]: Alert suppressions. Each entry defines a specific IPS alert that should be suppressed or tracked differently from the default behavior.
whitelists IpsSuppressionWhitelist[]: Whitelist configuration. Each entry defines traffic that should never trigger IPS alerts, regardless of other rules.

alerts Sequence[IpsSuppressionAlert]: Alert suppressions. Each entry defines a specific IPS alert that should be suppressed or tracked differently from the default behavior.
whitelists Sequence[IpsSuppressionWhitelist]: Whitelist configuration. Each entry defines traffic that should never trigger IPS alerts, regardless of other rules.

alerts List<Property Map>: Alert suppressions. Each entry defines a specific IPS alert that should be suppressed or tracked differently from the default behavior.
whitelists List<Property Map>: Whitelist configuration. Each entry defines traffic that should never trigger IPS alerts, regardless of other rules.

IpsSuppressionAlert, IpsSuppressionAlertArgs

Category string

Category of the alert to suppress. This should match one of the categories from the enabled_categories list.

Signature string

Signature name of the alert to suppress. This is a human-readable identifier for the alert in the IPS ruleset.

Type string

Type of suppression. Valid values are:

all - Suppress all occurrences of this alert
track - Only track this alert according to the tracking configuration

Trackings List<Pulumiverse.Unifi.Setting.Inputs.IpsSuppressionAlertTracking>

Tracking configuration for the alert. This defines how the system should track occurrences of this alert based on source/destination addresses.

Category string

Category of the alert to suppress. This should match one of the categories from the enabled_categories list.

Signature string

Signature name of the alert to suppress. This is a human-readable identifier for the alert in the IPS ruleset.

Type string

Type of suppression. Valid values are:

all - Suppress all occurrences of this alert
track - Only track this alert according to the tracking configuration

Trackings []IpsSuppressionAlertTracking

Tracking configuration for the alert. This defines how the system should track occurrences of this alert based on source/destination addresses.

category String

Category of the alert to suppress. This should match one of the categories from the enabled_categories list.

signature String

Signature name of the alert to suppress. This is a human-readable identifier for the alert in the IPS ruleset.

type String

Type of suppression. Valid values are:

all - Suppress all occurrences of this alert
track - Only track this alert according to the tracking configuration

trackings List<IpsSuppressionAlertTracking>

Tracking configuration for the alert. This defines how the system should track occurrences of this alert based on source/destination addresses.

category string

Category of the alert to suppress. This should match one of the categories from the enabled_categories list.

signature string

Signature name of the alert to suppress. This is a human-readable identifier for the alert in the IPS ruleset.

type string

Type of suppression. Valid values are:

all - Suppress all occurrences of this alert
track - Only track this alert according to the tracking configuration

trackings IpsSuppressionAlertTracking[]

Tracking configuration for the alert. This defines how the system should track occurrences of this alert based on source/destination addresses.

category str

Category of the alert to suppress. This should match one of the categories from the enabled_categories list.

signature str

Signature name of the alert to suppress. This is a human-readable identifier for the alert in the IPS ruleset.

type str

Type of suppression. Valid values are:

all - Suppress all occurrences of this alert
track - Only track this alert according to the tracking configuration

trackings Sequence[IpsSuppressionAlertTracking]

Tracking configuration for the alert. This defines how the system should track occurrences of this alert based on source/destination addresses.

category String

Category of the alert to suppress. This should match one of the categories from the enabled_categories list.

signature String

Signature name of the alert to suppress. This is a human-readable identifier for the alert in the IPS ruleset.

type String

Type of suppression. Valid values are:

all - Suppress all occurrences of this alert
track - Only track this alert according to the tracking configuration

trackings List<Property Map>

Tracking configuration for the alert. This defines how the system should track occurrences of this alert based on source/destination addresses.

IpsSuppressionAlertTracking, IpsSuppressionAlertTrackingArgs

Direction string

Direction for tracking. Valid values are:

src - Track by source address
dest - Track by destination address
both - Track by both source and destination addresses

Mode string

Mode for tracking. Valid values are:

ip - Track by individual IP address
subnet - Track by subnet
network - Track by network ID

Value string

Value for tracking. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

Direction string

Direction for tracking. Valid values are:

src - Track by source address
dest - Track by destination address
both - Track by both source and destination addresses

Mode string

Mode for tracking. Valid values are:

ip - Track by individual IP address
subnet - Track by subnet
network - Track by network ID

Value string

Value for tracking. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

direction String

Direction for tracking. Valid values are:

src - Track by source address
dest - Track by destination address
both - Track by both source and destination addresses

mode String

Mode for tracking. Valid values are:

ip - Track by individual IP address
subnet - Track by subnet
network - Track by network ID

value String

Value for tracking. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

direction string

Direction for tracking. Valid values are:

src - Track by source address
dest - Track by destination address
both - Track by both source and destination addresses

mode string

Mode for tracking. Valid values are:

ip - Track by individual IP address
subnet - Track by subnet
network - Track by network ID

value string

Value for tracking. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

direction str

Direction for tracking. Valid values are:

src - Track by source address
dest - Track by destination address
both - Track by both source and destination addresses

mode str

Mode for tracking. Valid values are:

ip - Track by individual IP address
subnet - Track by subnet
network - Track by network ID

value str

Value for tracking. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

direction String

Direction for tracking. Valid values are:

src - Track by source address
dest - Track by destination address
both - Track by both source and destination addresses

mode String

Mode for tracking. Valid values are:

ip - Track by individual IP address
subnet - Track by subnet
network - Track by network ID

value String

Value for tracking. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

IpsSuppressionWhitelist, IpsSuppressionWhitelistArgs

Direction string

Direction for whitelist. Valid values are:

src - Whitelist by source address
dst - Whitelist by destination address
both - Whitelist by both source and destination addresses

Mode string

Mode for whitelist. Valid values are:

ip - Whitelist by individual IP address
subnet - Whitelist by subnet
network - Whitelist by network ID

Value string

Value for whitelist. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

Direction string

Direction for whitelist. Valid values are:

src - Whitelist by source address
dst - Whitelist by destination address
both - Whitelist by both source and destination addresses

Mode string

Mode for whitelist. Valid values are:

ip - Whitelist by individual IP address
subnet - Whitelist by subnet
network - Whitelist by network ID

Value string

Value for whitelist. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

direction String

Direction for whitelist. Valid values are:

src - Whitelist by source address
dst - Whitelist by destination address
both - Whitelist by both source and destination addresses

mode String

Mode for whitelist. Valid values are:

ip - Whitelist by individual IP address
subnet - Whitelist by subnet
network - Whitelist by network ID

value String

Value for whitelist. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

direction string

Direction for whitelist. Valid values are:

src - Whitelist by source address
dst - Whitelist by destination address
both - Whitelist by both source and destination addresses

mode string

Mode for whitelist. Valid values are:

ip - Whitelist by individual IP address
subnet - Whitelist by subnet
network - Whitelist by network ID

value string

Value for whitelist. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

direction str

Direction for whitelist. Valid values are:

src - Whitelist by source address
dst - Whitelist by destination address
both - Whitelist by both source and destination addresses

mode str

Mode for whitelist. Valid values are:

ip - Whitelist by individual IP address
subnet - Whitelist by subnet
network - Whitelist by network ID

value str

Value for whitelist. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

direction String

Direction for whitelist. Valid values are:

src - Whitelist by source address
dst - Whitelist by destination address
both - Whitelist by both source and destination addresses

mode String

Mode for whitelist. Valid values are:

ip - Whitelist by individual IP address
subnet - Whitelist by subnet
network - Whitelist by network ID

value String

Value for whitelist. The meaning depends on the mode:

For ip mode: An IP address (e.g., 192.168.1.100)
For subnet mode: A CIDR notation subnet (e.g., 192.168.1.0/24)
For network mode: A network ID from your UniFi configuration

Package Details

Repository: unifi pulumiverse/pulumi-unifi
License: Apache-2.0
Notes: This Pulumi package is based on the unifi Terraform Provider.

Viewing docs for Unifi v0.2.0
published on Tuesday, Feb 17, 2026 by Pulumiverse

Schema (JSON)

pulumiverse/pulumi-unifi

On this page

On this page

Example Usage

Create Ips Resource

Constructor syntax

Parameters

Constructor example

Ips Resource Properties

Inputs

Outputs

Look up Existing Ips Resource

Supporting Types

IpsDnsFilter, IpsDnsFilterArgs

IpsHoneypot, IpsHoneypotArgs

IpsSuppression, IpsSuppressionArgs

IpsSuppressionAlert, IpsSuppressionAlertArgs

IpsSuppressionAlertTracking, IpsSuppressionAlertTrackingArgs

IpsSuppressionWhitelist, IpsSuppressionWhitelistArgs

Package Details

On this page

On this page