fortimanager 1.14.0, Apr 15 25

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectFirewallSslsshprofileDot

Explore with Pulumi AI

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

import * as pulumi from "@pulumi/pulumi";
import * as fortimanager from "@pulumi/fortimanager";

const trnameObjectFirewallSslsshprofile = new fortimanager.ObjectFirewallSslsshprofile("trnameObjectFirewallSslsshprofile", {});
const trnameObjectFirewallSslsshprofileDot = new fortimanager.ObjectFirewallSslsshprofileDot("trnameObjectFirewallSslsshprofileDot", {
    sslSshProfile: trnameObjectFirewallSslsshprofile.name,
    certValidationFailure: "ignore",
    certValidationTimeout: "ignore",
    clientCertificate: "bypass",
}, {
    dependsOn: [trnameObjectFirewallSslsshprofile],
});

import pulumi
import pulumi_fortimanager as fortimanager

trname_object_firewall_sslsshprofile = fortimanager.ObjectFirewallSslsshprofile("trnameObjectFirewallSslsshprofile")
trname_object_firewall_sslsshprofile_dot = fortimanager.ObjectFirewallSslsshprofileDot("trnameObjectFirewallSslsshprofileDot",
    ssl_ssh_profile=trname_object_firewall_sslsshprofile.name,
    cert_validation_failure="ignore",
    cert_validation_timeout="ignore",
    client_certificate="bypass",
    opts = pulumi.ResourceOptions(depends_on=[trname_object_firewall_sslsshprofile]))

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/fortimanager/fortimanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		trnameObjectFirewallSslsshprofile, err := fortimanager.NewObjectFirewallSslsshprofile(ctx, "trnameObjectFirewallSslsshprofile", nil)
		if err != nil {
			return err
		}
		_, err = fortimanager.NewObjectFirewallSslsshprofileDot(ctx, "trnameObjectFirewallSslsshprofileDot", &fortimanager.ObjectFirewallSslsshprofileDotArgs{
			SslSshProfile:         trnameObjectFirewallSslsshprofile.Name,
			CertValidationFailure: pulumi.String("ignore"),
			CertValidationTimeout: pulumi.String("ignore"),
			ClientCertificate:     pulumi.String("bypass"),
		}, pulumi.DependsOn([]pulumi.Resource{
			trnameObjectFirewallSslsshprofile,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortimanager = Pulumi.Fortimanager;

return await Deployment.RunAsync(() => 
{
    var trnameObjectFirewallSslsshprofile = new Fortimanager.ObjectFirewallSslsshprofile("trnameObjectFirewallSslsshprofile");

    var trnameObjectFirewallSslsshprofileDot = new Fortimanager.ObjectFirewallSslsshprofileDot("trnameObjectFirewallSslsshprofileDot", new()
    {
        SslSshProfile = trnameObjectFirewallSslsshprofile.Name,
        CertValidationFailure = "ignore",
        CertValidationTimeout = "ignore",
        ClientCertificate = "bypass",
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            trnameObjectFirewallSslsshprofile,
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortimanager.ObjectFirewallSslsshprofile;
import com.pulumi.fortimanager.ObjectFirewallSslsshprofileDot;
import com.pulumi.fortimanager.ObjectFirewallSslsshprofileDotArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trnameObjectFirewallSslsshprofile = new ObjectFirewallSslsshprofile("trnameObjectFirewallSslsshprofile");

        var trnameObjectFirewallSslsshprofileDot = new ObjectFirewallSslsshprofileDot("trnameObjectFirewallSslsshprofileDot", ObjectFirewallSslsshprofileDotArgs.builder()
            .sslSshProfile(trnameObjectFirewallSslsshprofile.name())
            .certValidationFailure("ignore")
            .certValidationTimeout("ignore")
            .clientCertificate("bypass")
            .build(), CustomResourceOptions.builder()
                .dependsOn(trnameObjectFirewallSslsshprofile)
                .build());

    }
}

resources:
  trnameObjectFirewallSslsshprofileDot:
    type: fortimanager:ObjectFirewallSslsshprofileDot
    properties:
      sslSshProfile: ${trnameObjectFirewallSslsshprofile.name}
      certValidationFailure: ignore
      certValidationTimeout: ignore
      clientCertificate: bypass
    options:
      dependsOn:
        - ${trnameObjectFirewallSslsshprofile}
  trnameObjectFirewallSslsshprofile:
    type: fortimanager:ObjectFirewallSslsshprofile

Create ObjectFirewallSslsshprofileDot Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

TypeScript
Python
Go
C#
Java
YAML

new ObjectFirewallSslsshprofileDot(name: string, args: ObjectFirewallSslsshprofileDotArgs, opts?: CustomResourceOptions);

@overload
def ObjectFirewallSslsshprofileDot(resource_name: str,
                                   args: ObjectFirewallSslsshprofileDotInitArgs,
                                   opts: Optional[ResourceOptions] = None)

@overload
def ObjectFirewallSslsshprofileDot(resource_name: str,
                                   opts: Optional[ResourceOptions] = None,
                                   ssl_ssh_profile: Optional[str] = None,
                                   expired_server_cert: Optional[str] = None,
                                   sni_server_cert_check: Optional[str] = None,
                                   client_certificate: Optional[str] = None,
                                   adom: Optional[str] = None,
                                   min_allowed_ssl_version: Optional[str] = None,
                                   object_firewall_sslsshprofile_dot_id: Optional[str] = None,
                                   proxy_after_tcp_handshake: Optional[str] = None,
                                   quic: Optional[str] = None,
                                   cert_validation_timeout: Optional[str] = None,
                                   revoked_server_cert: Optional[str] = None,
                                   scopetype: Optional[str] = None,
                                   cert_validation_failure: Optional[str] = None,
                                   status: Optional[str] = None,
                                   udp_not_quic: Optional[str] = None,
                                   unsupported_ssl_cipher: Optional[str] = None,
                                   unsupported_ssl_negotiation: Optional[str] = None,
                                   unsupported_ssl_version: Optional[str] = None,
                                   untrusted_server_cert: Optional[str] = None)

func NewObjectFirewallSslsshprofileDot(ctx *Context, name string, args ObjectFirewallSslsshprofileDotArgs, opts ...ResourceOption) (*ObjectFirewallSslsshprofileDot, error)

public ObjectFirewallSslsshprofileDot(string name, ObjectFirewallSslsshprofileDotArgs args, CustomResourceOptions? opts = null)

public ObjectFirewallSslsshprofileDot(String name, ObjectFirewallSslsshprofileDotArgs args)
public ObjectFirewallSslsshprofileDot(String name, ObjectFirewallSslsshprofileDotArgs args, CustomResourceOptions options)

type: fortimanager:ObjectFirewallSslsshprofileDot
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ObjectFirewallSslsshprofileDotArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ObjectFirewallSslsshprofileDotInitArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ObjectFirewallSslsshprofileDotArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ObjectFirewallSslsshprofileDotArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ObjectFirewallSslsshprofileDotArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var objectFirewallSslsshprofileDotResource = new Fortimanager.ObjectFirewallSslsshprofileDot("objectFirewallSslsshprofileDotResource", new()
{
    SslSshProfile = "string",
    ExpiredServerCert = "string",
    SniServerCertCheck = "string",
    ClientCertificate = "string",
    Adom = "string",
    MinAllowedSslVersion = "string",
    ObjectFirewallSslsshprofileDotId = "string",
    ProxyAfterTcpHandshake = "string",
    Quic = "string",
    CertValidationTimeout = "string",
    RevokedServerCert = "string",
    Scopetype = "string",
    CertValidationFailure = "string",
    Status = "string",
    UdpNotQuic = "string",
    UnsupportedSslCipher = "string",
    UnsupportedSslNegotiation = "string",
    UnsupportedSslVersion = "string",
    UntrustedServerCert = "string",
});

example, err := fortimanager.NewObjectFirewallSslsshprofileDot(ctx, "objectFirewallSslsshprofileDotResource", &fortimanager.ObjectFirewallSslsshprofileDotArgs{
SslSshProfile: pulumi.String("string"),
ExpiredServerCert: pulumi.String("string"),
SniServerCertCheck: pulumi.String("string"),
ClientCertificate: pulumi.String("string"),
Adom: pulumi.String("string"),
MinAllowedSslVersion: pulumi.String("string"),
ObjectFirewallSslsshprofileDotId: pulumi.String("string"),
ProxyAfterTcpHandshake: pulumi.String("string"),
Quic: pulumi.String("string"),
CertValidationTimeout: pulumi.String("string"),
RevokedServerCert: pulumi.String("string"),
Scopetype: pulumi.String("string"),
CertValidationFailure: pulumi.String("string"),
Status: pulumi.String("string"),
UdpNotQuic: pulumi.String("string"),
UnsupportedSslCipher: pulumi.String("string"),
UnsupportedSslNegotiation: pulumi.String("string"),
UnsupportedSslVersion: pulumi.String("string"),
UntrustedServerCert: pulumi.String("string"),
})

var objectFirewallSslsshprofileDotResource = new ObjectFirewallSslsshprofileDot("objectFirewallSslsshprofileDotResource", ObjectFirewallSslsshprofileDotArgs.builder()
    .sslSshProfile("string")
    .expiredServerCert("string")
    .sniServerCertCheck("string")
    .clientCertificate("string")
    .adom("string")
    .minAllowedSslVersion("string")
    .objectFirewallSslsshprofileDotId("string")
    .proxyAfterTcpHandshake("string")
    .quic("string")
    .certValidationTimeout("string")
    .revokedServerCert("string")
    .scopetype("string")
    .certValidationFailure("string")
    .status("string")
    .udpNotQuic("string")
    .unsupportedSslCipher("string")
    .unsupportedSslNegotiation("string")
    .unsupportedSslVersion("string")
    .untrustedServerCert("string")
    .build());

object_firewall_sslsshprofile_dot_resource = fortimanager.ObjectFirewallSslsshprofileDot("objectFirewallSslsshprofileDotResource",
    ssl_ssh_profile="string",
    expired_server_cert="string",
    sni_server_cert_check="string",
    client_certificate="string",
    adom="string",
    min_allowed_ssl_version="string",
    object_firewall_sslsshprofile_dot_id="string",
    proxy_after_tcp_handshake="string",
    quic="string",
    cert_validation_timeout="string",
    revoked_server_cert="string",
    scopetype="string",
    cert_validation_failure="string",
    status="string",
    udp_not_quic="string",
    unsupported_ssl_cipher="string",
    unsupported_ssl_negotiation="string",
    unsupported_ssl_version="string",
    untrusted_server_cert="string")

const objectFirewallSslsshprofileDotResource = new fortimanager.ObjectFirewallSslsshprofileDot("objectFirewallSslsshprofileDotResource", {
    sslSshProfile: "string",
    expiredServerCert: "string",
    sniServerCertCheck: "string",
    clientCertificate: "string",
    adom: "string",
    minAllowedSslVersion: "string",
    objectFirewallSslsshprofileDotId: "string",
    proxyAfterTcpHandshake: "string",
    quic: "string",
    certValidationTimeout: "string",
    revokedServerCert: "string",
    scopetype: "string",
    certValidationFailure: "string",
    status: "string",
    udpNotQuic: "string",
    unsupportedSslCipher: "string",
    unsupportedSslNegotiation: "string",
    unsupportedSslVersion: "string",
    untrustedServerCert: "string",
});

type: fortimanager:ObjectFirewallSslsshprofileDot
properties:
    adom: string
    certValidationFailure: string
    certValidationTimeout: string
    clientCertificate: string
    expiredServerCert: string
    minAllowedSslVersion: string
    objectFirewallSslsshprofileDotId: string
    proxyAfterTcpHandshake: string
    quic: string
    revokedServerCert: string
    scopetype: string
    sniServerCertCheck: string
    sslSshProfile: string
    status: string
    udpNotQuic: string
    unsupportedSslCipher: string
    unsupportedSslNegotiation: string
    unsupportedSslVersion: string
    untrustedServerCert: string

ObjectFirewallSslsshprofileDot Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ObjectFirewallSslsshprofileDot resource accepts the following input properties:

SslSshProfile string: Ssl Ssh Profile.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
MinAllowedSslVersion string: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ObjectFirewallSslsshprofileDotId string: an identifier for the resource.
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
Quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UdpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
UntrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

SslSshProfile string: Ssl Ssh Profile.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
MinAllowedSslVersion string: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ObjectFirewallSslsshprofileDotId string: an identifier for the resource.
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
Quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UdpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
UntrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

sslSshProfile String: Ssl Ssh Profile.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
minAllowedSslVersion String: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileDotId String: an identifier for the resource.
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic String: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
udpNotQuic String: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
unsupportedSslVersion String: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedServerCert String: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

sslSshProfile string: Ssl Ssh Profile.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
minAllowedSslVersion string: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileDotId string: an identifier for the resource.
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
udpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
unsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

ssl_ssh_profile str: Ssl Ssh Profile.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
min_allowed_ssl_version str: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
object_firewall_sslsshprofile_dot_id str: an identifier for the resource.
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic str: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status str: Configure protocol inspection status. Valid values: disable, deep-inspection.
udp_not_quic str: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
unsupported_ssl_version str: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrusted_server_cert str: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

sslSshProfile String: Ssl Ssh Profile.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
minAllowedSslVersion String: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileDotId String: an identifier for the resource.
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic String: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
udpNotQuic String: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
unsupportedSslVersion String: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedServerCert String: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

Outputs

All input properties are implicitly available as output properties. Additionally, the ObjectFirewallSslsshprofileDot resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ObjectFirewallSslsshprofileDot Resource

Get an existing ObjectFirewallSslsshprofileDot resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: ObjectFirewallSslsshprofileDotState, opts?: CustomResourceOptions): ObjectFirewallSslsshprofileDot

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        adom: Optional[str] = None,
        cert_validation_failure: Optional[str] = None,
        cert_validation_timeout: Optional[str] = None,
        client_certificate: Optional[str] = None,
        expired_server_cert: Optional[str] = None,
        min_allowed_ssl_version: Optional[str] = None,
        object_firewall_sslsshprofile_dot_id: Optional[str] = None,
        proxy_after_tcp_handshake: Optional[str] = None,
        quic: Optional[str] = None,
        revoked_server_cert: Optional[str] = None,
        scopetype: Optional[str] = None,
        sni_server_cert_check: Optional[str] = None,
        ssl_ssh_profile: Optional[str] = None,
        status: Optional[str] = None,
        udp_not_quic: Optional[str] = None,
        unsupported_ssl_cipher: Optional[str] = None,
        unsupported_ssl_negotiation: Optional[str] = None,
        unsupported_ssl_version: Optional[str] = None,
        untrusted_server_cert: Optional[str] = None) -> ObjectFirewallSslsshprofileDot

func GetObjectFirewallSslsshprofileDot(ctx *Context, name string, id IDInput, state *ObjectFirewallSslsshprofileDotState, opts ...ResourceOption) (*ObjectFirewallSslsshprofileDot, error)

public static ObjectFirewallSslsshprofileDot Get(string name, Input<string> id, ObjectFirewallSslsshprofileDotState? state, CustomResourceOptions? opts = null)

public static ObjectFirewallSslsshprofileDot get(String name, Output<String> id, ObjectFirewallSslsshprofileDotState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:ObjectFirewallSslsshprofileDot    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
MinAllowedSslVersion string: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ObjectFirewallSslsshprofileDotId string: an identifier for the resource.
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
Quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
SslSshProfile string: Ssl Ssh Profile.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UdpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
UntrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
MinAllowedSslVersion string: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ObjectFirewallSslsshprofileDotId string: an identifier for the resource.
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
Quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
SslSshProfile string: Ssl Ssh Profile.
Status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
UdpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
UntrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
minAllowedSslVersion String: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileDotId String: an identifier for the resource.
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic String: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
sslSshProfile String: Ssl Ssh Profile.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
udpNotQuic String: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
unsupportedSslVersion String: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedServerCert String: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
minAllowedSslVersion string: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileDotId string: an identifier for the resource.
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
sslSshProfile string: Ssl Ssh Profile.
status string: Configure protocol inspection status. Valid values: disable, deep-inspection.
udpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
unsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedServerCert string: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
min_allowed_ssl_version str: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
object_firewall_sslsshprofile_dot_id str: an identifier for the resource.
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic str: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
ssl_ssh_profile str: Ssl Ssh Profile.
status str: Configure protocol inspection status. Valid values: disable, deep-inspection.
udp_not_quic str: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
unsupported_ssl_version str: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrusted_server_cert str: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
minAllowedSslVersion String: Min-Allowed-Ssl-Version. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileDotId String: an identifier for the resource.
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic String: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: enable, strict, disable.
sslSshProfile String: Ssl Ssh Profile.
status String: Configure protocol inspection status. Valid values: disable, deep-inspection.
udpNotQuic String: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: block, allow.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: block, allow.
unsupportedSslVersion String: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedServerCert String: Action based on server certificate is not issued by a trusted CA. Valid values: allow, block, ignore.

Import

ObjectFirewall SslSshProfileDot can be imported using any of these accepted formats:

Set import_options = [“ssl_ssh_profile=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/objectFirewallSslsshprofileDot:ObjectFirewallSslsshprofileDot labelname ObjectFirewallSslSshProfileDot

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectFirewallSslsshprofileDot

On this page

On this page

Example Usage

Create ObjectFirewallSslsshprofileDot Resource

Constructor syntax

Parameters

Constructor example

ObjectFirewallSslsshprofileDot Resource Properties

Inputs

Outputs

Look up Existing ObjectFirewallSslsshprofileDot Resource

Import

Package Details

On this page

On this page