fortimanager 1.14.0, Apr 15 25

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectFirewallSslsshprofileHttps

Explore with Pulumi AI

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

import * as pulumi from "@pulumi/pulumi";
import * as fortimanager from "@pulumi/fortimanager";

const trnameObjectFirewallSslsshprofile = new fortimanager.ObjectFirewallSslsshprofile("trnameObjectFirewallSslsshprofile", {});
const trnameObjectFirewallSslsshprofileHttps = new fortimanager.ObjectFirewallSslsshprofileHttps("trnameObjectFirewallSslsshprofileHttps", {
    sslSshProfile: trnameObjectFirewallSslsshprofile.name,
    ports: [
        45,
        44,
    ],
    proxyAfterTcpHandshake: "disable",
    revokedServerCert: "allow",
}, {
    dependsOn: [trnameObjectFirewallSslsshprofile],
});

import pulumi
import pulumi_fortimanager as fortimanager

trname_object_firewall_sslsshprofile = fortimanager.ObjectFirewallSslsshprofile("trnameObjectFirewallSslsshprofile")
trname_object_firewall_sslsshprofile_https = fortimanager.ObjectFirewallSslsshprofileHttps("trnameObjectFirewallSslsshprofileHttps",
    ssl_ssh_profile=trname_object_firewall_sslsshprofile.name,
    ports=[
        45,
        44,
    ],
    proxy_after_tcp_handshake="disable",
    revoked_server_cert="allow",
    opts = pulumi.ResourceOptions(depends_on=[trname_object_firewall_sslsshprofile]))

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/fortimanager/fortimanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		trnameObjectFirewallSslsshprofile, err := fortimanager.NewObjectFirewallSslsshprofile(ctx, "trnameObjectFirewallSslsshprofile", nil)
		if err != nil {
			return err
		}
		_, err = fortimanager.NewObjectFirewallSslsshprofileHttps(ctx, "trnameObjectFirewallSslsshprofileHttps", &fortimanager.ObjectFirewallSslsshprofileHttpsArgs{
			SslSshProfile: trnameObjectFirewallSslsshprofile.Name,
			Ports: pulumi.Float64Array{
				pulumi.Float64(45),
				pulumi.Float64(44),
			},
			ProxyAfterTcpHandshake: pulumi.String("disable"),
			RevokedServerCert:      pulumi.String("allow"),
		}, pulumi.DependsOn([]pulumi.Resource{
			trnameObjectFirewallSslsshprofile,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortimanager = Pulumi.Fortimanager;

return await Deployment.RunAsync(() => 
{
    var trnameObjectFirewallSslsshprofile = new Fortimanager.ObjectFirewallSslsshprofile("trnameObjectFirewallSslsshprofile");

    var trnameObjectFirewallSslsshprofileHttps = new Fortimanager.ObjectFirewallSslsshprofileHttps("trnameObjectFirewallSslsshprofileHttps", new()
    {
        SslSshProfile = trnameObjectFirewallSslsshprofile.Name,
        Ports = new[]
        {
            45,
            44,
        },
        ProxyAfterTcpHandshake = "disable",
        RevokedServerCert = "allow",
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            trnameObjectFirewallSslsshprofile,
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortimanager.ObjectFirewallSslsshprofile;
import com.pulumi.fortimanager.ObjectFirewallSslsshprofileHttps;
import com.pulumi.fortimanager.ObjectFirewallSslsshprofileHttpsArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trnameObjectFirewallSslsshprofile = new ObjectFirewallSslsshprofile("trnameObjectFirewallSslsshprofile");

        var trnameObjectFirewallSslsshprofileHttps = new ObjectFirewallSslsshprofileHttps("trnameObjectFirewallSslsshprofileHttps", ObjectFirewallSslsshprofileHttpsArgs.builder()
            .sslSshProfile(trnameObjectFirewallSslsshprofile.name())
            .ports(            
                45,
                44)
            .proxyAfterTcpHandshake("disable")
            .revokedServerCert("allow")
            .build(), CustomResourceOptions.builder()
                .dependsOn(trnameObjectFirewallSslsshprofile)
                .build());

    }
}

resources:
  trnameObjectFirewallSslsshprofileHttps:
    type: fortimanager:ObjectFirewallSslsshprofileHttps
    properties:
      sslSshProfile: ${trnameObjectFirewallSslsshprofile.name}
      ports:
        - 45
        - 44
      proxyAfterTcpHandshake: disable
      revokedServerCert: allow
    options:
      dependsOn:
        - ${trnameObjectFirewallSslsshprofile}
  trnameObjectFirewallSslsshprofile:
    type: fortimanager:ObjectFirewallSslsshprofile

Create ObjectFirewallSslsshprofileHttps Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

TypeScript
Python
Go
C#
Java
YAML

new ObjectFirewallSslsshprofileHttps(name: string, args: ObjectFirewallSslsshprofileHttpsArgs, opts?: CustomResourceOptions);

@overload
def ObjectFirewallSslsshprofileHttps(resource_name: str,
                                     args: ObjectFirewallSslsshprofileHttpsInitArgs,
                                     opts: Optional[ResourceOptions] = None)

@overload
def ObjectFirewallSslsshprofileHttps(resource_name: str,
                                     opts: Optional[ResourceOptions] = None,
                                     ssl_ssh_profile: Optional[str] = None,
                                     client_certificate: Optional[str] = None,
                                     unsupported_ssl_negotiation: Optional[str] = None,
                                     cert_validation_failure: Optional[str] = None,
                                     cert_validation_timeout: Optional[str] = None,
                                     client_cert_request: Optional[str] = None,
                                     adom: Optional[str] = None,
                                     encrypted_client_hello: Optional[str] = None,
                                     expired_server_cert: Optional[str] = None,
                                     invalid_server_cert: Optional[str] = None,
                                     min_allowed_ssl_version: Optional[str] = None,
                                     object_firewall_sslsshprofile_https_id: Optional[str] = None,
                                     ports: Optional[Sequence[float]] = None,
                                     cert_probe_failure: Optional[str] = None,
                                     proxy_after_tcp_handshake: Optional[str] = None,
                                     status: Optional[str] = None,
                                     scopetype: Optional[str] = None,
                                     sni_server_cert_check: Optional[str] = None,
                                     allow_invalid_server_cert: Optional[str] = None,
                                     revoked_server_cert: Optional[str] = None,
                                     udp_not_quic: Optional[str] = None,
                                     unsupported_ssl: Optional[str] = None,
                                     unsupported_ssl_cipher: Optional[str] = None,
                                     quic: Optional[str] = None,
                                     unsupported_ssl_version: Optional[str] = None,
                                     untrusted_cert: Optional[str] = None,
                                     untrusted_server_cert: Optional[str] = None)

func NewObjectFirewallSslsshprofileHttps(ctx *Context, name string, args ObjectFirewallSslsshprofileHttpsArgs, opts ...ResourceOption) (*ObjectFirewallSslsshprofileHttps, error)

public ObjectFirewallSslsshprofileHttps(string name, ObjectFirewallSslsshprofileHttpsArgs args, CustomResourceOptions? opts = null)

public ObjectFirewallSslsshprofileHttps(String name, ObjectFirewallSslsshprofileHttpsArgs args)
public ObjectFirewallSslsshprofileHttps(String name, ObjectFirewallSslsshprofileHttpsArgs args, CustomResourceOptions options)

type: fortimanager:ObjectFirewallSslsshprofileHttps
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ObjectFirewallSslsshprofileHttpsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ObjectFirewallSslsshprofileHttpsInitArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ObjectFirewallSslsshprofileHttpsArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ObjectFirewallSslsshprofileHttpsArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ObjectFirewallSslsshprofileHttpsArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var objectFirewallSslsshprofileHttpsResource = new Fortimanager.ObjectFirewallSslsshprofileHttps("objectFirewallSslsshprofileHttpsResource", new()
{
    SslSshProfile = "string",
    ClientCertificate = "string",
    UnsupportedSslNegotiation = "string",
    CertValidationFailure = "string",
    CertValidationTimeout = "string",
    ClientCertRequest = "string",
    Adom = "string",
    EncryptedClientHello = "string",
    ExpiredServerCert = "string",
    InvalidServerCert = "string",
    MinAllowedSslVersion = "string",
    ObjectFirewallSslsshprofileHttpsId = "string",
    Ports = new[]
    {
        0,
    },
    CertProbeFailure = "string",
    ProxyAfterTcpHandshake = "string",
    Status = "string",
    Scopetype = "string",
    SniServerCertCheck = "string",
    AllowInvalidServerCert = "string",
    RevokedServerCert = "string",
    UdpNotQuic = "string",
    UnsupportedSsl = "string",
    UnsupportedSslCipher = "string",
    Quic = "string",
    UnsupportedSslVersion = "string",
    UntrustedCert = "string",
    UntrustedServerCert = "string",
});

example, err := fortimanager.NewObjectFirewallSslsshprofileHttps(ctx, "objectFirewallSslsshprofileHttpsResource", &fortimanager.ObjectFirewallSslsshprofileHttpsArgs{
SslSshProfile: pulumi.String("string"),
ClientCertificate: pulumi.String("string"),
UnsupportedSslNegotiation: pulumi.String("string"),
CertValidationFailure: pulumi.String("string"),
CertValidationTimeout: pulumi.String("string"),
ClientCertRequest: pulumi.String("string"),
Adom: pulumi.String("string"),
EncryptedClientHello: pulumi.String("string"),
ExpiredServerCert: pulumi.String("string"),
InvalidServerCert: pulumi.String("string"),
MinAllowedSslVersion: pulumi.String("string"),
ObjectFirewallSslsshprofileHttpsId: pulumi.String("string"),
Ports: pulumi.Float64Array{
pulumi.Float64(0),
},
CertProbeFailure: pulumi.String("string"),
ProxyAfterTcpHandshake: pulumi.String("string"),
Status: pulumi.String("string"),
Scopetype: pulumi.String("string"),
SniServerCertCheck: pulumi.String("string"),
AllowInvalidServerCert: pulumi.String("string"),
RevokedServerCert: pulumi.String("string"),
UdpNotQuic: pulumi.String("string"),
UnsupportedSsl: pulumi.String("string"),
UnsupportedSslCipher: pulumi.String("string"),
Quic: pulumi.String("string"),
UnsupportedSslVersion: pulumi.String("string"),
UntrustedCert: pulumi.String("string"),
UntrustedServerCert: pulumi.String("string"),
})

var objectFirewallSslsshprofileHttpsResource = new ObjectFirewallSslsshprofileHttps("objectFirewallSslsshprofileHttpsResource", ObjectFirewallSslsshprofileHttpsArgs.builder()
    .sslSshProfile("string")
    .clientCertificate("string")
    .unsupportedSslNegotiation("string")
    .certValidationFailure("string")
    .certValidationTimeout("string")
    .clientCertRequest("string")
    .adom("string")
    .encryptedClientHello("string")
    .expiredServerCert("string")
    .invalidServerCert("string")
    .minAllowedSslVersion("string")
    .objectFirewallSslsshprofileHttpsId("string")
    .ports(0)
    .certProbeFailure("string")
    .proxyAfterTcpHandshake("string")
    .status("string")
    .scopetype("string")
    .sniServerCertCheck("string")
    .allowInvalidServerCert("string")
    .revokedServerCert("string")
    .udpNotQuic("string")
    .unsupportedSsl("string")
    .unsupportedSslCipher("string")
    .quic("string")
    .unsupportedSslVersion("string")
    .untrustedCert("string")
    .untrustedServerCert("string")
    .build());

object_firewall_sslsshprofile_https_resource = fortimanager.ObjectFirewallSslsshprofileHttps("objectFirewallSslsshprofileHttpsResource",
    ssl_ssh_profile="string",
    client_certificate="string",
    unsupported_ssl_negotiation="string",
    cert_validation_failure="string",
    cert_validation_timeout="string",
    client_cert_request="string",
    adom="string",
    encrypted_client_hello="string",
    expired_server_cert="string",
    invalid_server_cert="string",
    min_allowed_ssl_version="string",
    object_firewall_sslsshprofile_https_id="string",
    ports=[0],
    cert_probe_failure="string",
    proxy_after_tcp_handshake="string",
    status="string",
    scopetype="string",
    sni_server_cert_check="string",
    allow_invalid_server_cert="string",
    revoked_server_cert="string",
    udp_not_quic="string",
    unsupported_ssl="string",
    unsupported_ssl_cipher="string",
    quic="string",
    unsupported_ssl_version="string",
    untrusted_cert="string",
    untrusted_server_cert="string")

const objectFirewallSslsshprofileHttpsResource = new fortimanager.ObjectFirewallSslsshprofileHttps("objectFirewallSslsshprofileHttpsResource", {
    sslSshProfile: "string",
    clientCertificate: "string",
    unsupportedSslNegotiation: "string",
    certValidationFailure: "string",
    certValidationTimeout: "string",
    clientCertRequest: "string",
    adom: "string",
    encryptedClientHello: "string",
    expiredServerCert: "string",
    invalidServerCert: "string",
    minAllowedSslVersion: "string",
    objectFirewallSslsshprofileHttpsId: "string",
    ports: [0],
    certProbeFailure: "string",
    proxyAfterTcpHandshake: "string",
    status: "string",
    scopetype: "string",
    sniServerCertCheck: "string",
    allowInvalidServerCert: "string",
    revokedServerCert: "string",
    udpNotQuic: "string",
    unsupportedSsl: "string",
    unsupportedSslCipher: "string",
    quic: "string",
    unsupportedSslVersion: "string",
    untrustedCert: "string",
    untrustedServerCert: "string",
});

type: fortimanager:ObjectFirewallSslsshprofileHttps
properties:
    adom: string
    allowInvalidServerCert: string
    certProbeFailure: string
    certValidationFailure: string
    certValidationTimeout: string
    clientCertRequest: string
    clientCertificate: string
    encryptedClientHello: string
    expiredServerCert: string
    invalidServerCert: string
    minAllowedSslVersion: string
    objectFirewallSslsshprofileHttpsId: string
    ports:
        - 0
    proxyAfterTcpHandshake: string
    quic: string
    revokedServerCert: string
    scopetype: string
    sniServerCertCheck: string
    sslSshProfile: string
    status: string
    udpNotQuic: string
    unsupportedSsl: string
    unsupportedSslCipher: string
    unsupportedSslNegotiation: string
    unsupportedSslVersion: string
    untrustedCert: string
    untrustedServerCert: string

ObjectFirewallSslsshprofileHttps Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ObjectFirewallSslsshprofileHttps resource accepts the following input properties:

SslSshProfile string: Ssl Ssh Profile.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AllowInvalidServerCert string: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
CertProbeFailure string: Action based on certificate probe failure. Valid values: block, allow.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
EncryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ObjectFirewallSslsshprofileHttpsId string: an identifier for the resource.
Ports List<double>: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
Quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
Status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
UdpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
UntrustedCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

SslSshProfile string: Ssl Ssh Profile.
Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AllowInvalidServerCert string: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
CertProbeFailure string: Action based on certificate probe failure. Valid values: block, allow.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
EncryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ObjectFirewallSslsshprofileHttpsId string: an identifier for the resource.
Ports []float64: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
Quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
Status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
UdpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
UntrustedCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

sslSshProfile String: Ssl Ssh Profile.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
allowInvalidServerCert String: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
certProbeFailure String: Action based on certificate probe failure. Valid values: block, allow.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello String: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileHttpsId String: an identifier for the resource.
ports List<Double>: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic String: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
status String: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
udpNotQuic String: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

sslSshProfile string: Ssl Ssh Profile.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
allowInvalidServerCert string: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
certProbeFailure string: Action based on certificate probe failure. Valid values: block, allow.
certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileHttpsId string: an identifier for the resource.
ports number[]: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
udpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
untrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

ssl_ssh_profile str: Ssl Ssh Profile.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
allow_invalid_server_cert str: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
cert_probe_failure str: Action based on certificate probe failure. Valid values: block, allow.
cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_cert_request str: Action based on client certificate request. Valid values: bypass, inspect, block.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
encrypted_client_hello str: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalid_server_cert str: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
min_allowed_ssl_version str: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
object_firewall_sslsshprofile_https_id str: an identifier for the resource.
ports Sequence[float]: Ports to use for scanning (1 - 65535, default = 443).
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic str: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
status str: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
udp_not_quic str: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupported_ssl str: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupported_ssl_version str: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrusted_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
untrusted_server_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

sslSshProfile String: Ssl Ssh Profile.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
allowInvalidServerCert String: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
certProbeFailure String: Action based on certificate probe failure. Valid values: block, allow.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello String: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileHttpsId String: an identifier for the resource.
ports List<Number>: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic String: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
status String: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
udpNotQuic String: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

Outputs

All input properties are implicitly available as output properties. Additionally, the ObjectFirewallSslsshprofileHttps resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ObjectFirewallSslsshprofileHttps Resource

Get an existing ObjectFirewallSslsshprofileHttps resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: ObjectFirewallSslsshprofileHttpsState, opts?: CustomResourceOptions): ObjectFirewallSslsshprofileHttps

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        adom: Optional[str] = None,
        allow_invalid_server_cert: Optional[str] = None,
        cert_probe_failure: Optional[str] = None,
        cert_validation_failure: Optional[str] = None,
        cert_validation_timeout: Optional[str] = None,
        client_cert_request: Optional[str] = None,
        client_certificate: Optional[str] = None,
        encrypted_client_hello: Optional[str] = None,
        expired_server_cert: Optional[str] = None,
        invalid_server_cert: Optional[str] = None,
        min_allowed_ssl_version: Optional[str] = None,
        object_firewall_sslsshprofile_https_id: Optional[str] = None,
        ports: Optional[Sequence[float]] = None,
        proxy_after_tcp_handshake: Optional[str] = None,
        quic: Optional[str] = None,
        revoked_server_cert: Optional[str] = None,
        scopetype: Optional[str] = None,
        sni_server_cert_check: Optional[str] = None,
        ssl_ssh_profile: Optional[str] = None,
        status: Optional[str] = None,
        udp_not_quic: Optional[str] = None,
        unsupported_ssl: Optional[str] = None,
        unsupported_ssl_cipher: Optional[str] = None,
        unsupported_ssl_negotiation: Optional[str] = None,
        unsupported_ssl_version: Optional[str] = None,
        untrusted_cert: Optional[str] = None,
        untrusted_server_cert: Optional[str] = None) -> ObjectFirewallSslsshprofileHttps

func GetObjectFirewallSslsshprofileHttps(ctx *Context, name string, id IDInput, state *ObjectFirewallSslsshprofileHttpsState, opts ...ResourceOption) (*ObjectFirewallSslsshprofileHttps, error)

public static ObjectFirewallSslsshprofileHttps Get(string name, Input<string> id, ObjectFirewallSslsshprofileHttpsState? state, CustomResourceOptions? opts = null)

public static ObjectFirewallSslsshprofileHttps get(String name, Output<String> id, ObjectFirewallSslsshprofileHttpsState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:ObjectFirewallSslsshprofileHttps    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AllowInvalidServerCert string: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
CertProbeFailure string: Action based on certificate probe failure. Valid values: block, allow.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
EncryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ObjectFirewallSslsshprofileHttpsId string: an identifier for the resource.
Ports List<double>: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
Quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
SslSshProfile string: Ssl Ssh Profile.
Status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
UdpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
UntrustedCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
AllowInvalidServerCert string: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
CertProbeFailure string: Action based on certificate probe failure. Valid values: block, allow.
CertValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
CertValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
ClientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
ClientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
EncryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
ExpiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
InvalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
MinAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
ObjectFirewallSslsshprofileHttpsId string: an identifier for the resource.
Ports []float64: Ports to use for scanning (1 - 65535, default = 443).
ProxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
Quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
RevokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
SniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
SslSshProfile string: Ssl Ssh Profile.
Status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
UdpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
UnsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
UnsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
UnsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
UnsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
UntrustedCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
UntrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
allowInvalidServerCert String: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
certProbeFailure String: Action based on certificate probe failure. Valid values: block, allow.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello String: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileHttpsId String: an identifier for the resource.
ports List<Double>: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic String: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
sslSshProfile String: Ssl Ssh Profile.
status String: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
udpNotQuic String: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
allowInvalidServerCert string: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
certProbeFailure string: Action based on certificate probe failure. Valid values: block, allow.
certValidationFailure string: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout string: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest string: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate string: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello string: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
expiredServerCert string: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert string: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion string: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileHttpsId string: an identifier for the resource.
ports number[]: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake string: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic string: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert string: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck string: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
sslSshProfile string: Ssl Ssh Profile.
status string: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
udpNotQuic string: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSsl string: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher string: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation string: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion string: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
untrustedServerCert string: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
allow_invalid_server_cert str: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
cert_probe_failure str: Action based on certificate probe failure. Valid values: block, allow.
cert_validation_failure str: Action based on certificate validation failure. Valid values: allow, block, ignore.
cert_validation_timeout str: Action based on certificate validation timeout. Valid values: allow, block, ignore.
client_cert_request str: Action based on client certificate request. Valid values: bypass, inspect, block.
client_certificate str: Action based on received client certificate. Valid values: bypass, inspect, block.
encrypted_client_hello str: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
expired_server_cert str: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalid_server_cert str: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
min_allowed_ssl_version str: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
object_firewall_sslsshprofile_https_id str: an identifier for the resource.
ports Sequence[float]: Ports to use for scanning (1 - 65535, default = 443).
proxy_after_tcp_handshake str: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic str: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revoked_server_cert str: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sni_server_cert_check str: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
ssl_ssh_profile str: Ssl Ssh Profile.
status str: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
udp_not_quic str: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupported_ssl str: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupported_ssl_cipher str: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupported_ssl_negotiation str: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupported_ssl_version str: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrusted_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
untrusted_server_cert str: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
allowInvalidServerCert String: When enabled, allows SSL sessions whose server certificate validation failed. Valid values: disable, enable.
certProbeFailure String: Action based on certificate probe failure. Valid values: block, allow.
certValidationFailure String: Action based on certificate validation failure. Valid values: allow, block, ignore.
certValidationTimeout String: Action based on certificate validation timeout. Valid values: allow, block, ignore.
clientCertRequest String: Action based on client certificate request. Valid values: bypass, inspect, block.
clientCertificate String: Action based on received client certificate. Valid values: bypass, inspect, block.
encryptedClientHello String: Block/allow session based on existence of encrypted-client-hello. Valid values: block, allow.
expiredServerCert String: Action based on server certificate is expired. Valid values: allow, block, ignore.
invalidServerCert String: Allow or block the invalid SSL session server certificate. Valid values: allow, block.
minAllowedSslVersion String: Minimum SSL version to be allowed. Valid values: ssl-3.0, tls-1.0, tls-1.1, tls-1.2, tls-1.3.
objectFirewallSslsshprofileHttpsId String: an identifier for the resource.
ports List<Number>: Ports to use for scanning (1 - 65535, default = 443).
proxyAfterTcpHandshake String: Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values: disable, enable.
quic String: Enable/disable QUIC inspection (default = disable). Valid values: disable, enable.
revokedServerCert String: Action based on server certificate is revoked. Valid values: allow, block, ignore.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
sniServerCertCheck String: Check the SNI in the client hello message with the CN or SAN fields in the returned server certificate. Valid values: disable, enable, strict.
sslSshProfile String: Ssl Ssh Profile.
status String: Configure protocol inspection status. Valid values: disable, certificate-inspection, deep-inspection.
udpNotQuic String: Action to be taken when matched UDP packet is not QUIC. Valid values: block, allow.
unsupportedSsl String: Action based on the SSL encryption used being unsupported. Valid values: bypass, inspect, block.
unsupportedSslCipher String: Action based on the SSL cipher used being unsupported. Valid values: allow, block.
unsupportedSslNegotiation String: Action based on the SSL negotiation used being unsupported. Valid values: allow, block.
unsupportedSslVersion String: Action based on the SSL version used being unsupported. Valid values: block, allow, inspect.
untrustedCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.
untrustedServerCert String: Allow, ignore, or block the untrusted SSL session server certificate. Valid values: allow, block, ignore.

Import

ObjectFirewall SslSshProfileHttps can be imported using any of these accepted formats:

Set import_options = [“ssl_ssh_profile=YOUR_VALUE”] in the provider section.

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/objectFirewallSslsshprofileHttps:ObjectFirewallSslsshprofileHttps labelname ObjectFirewallSslSshProfileHttps

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectFirewallSslsshprofileHttps

On this page

On this page

Example Usage

Create ObjectFirewallSslsshprofileHttps Resource

Constructor syntax

Parameters

Constructor example

ObjectFirewallSslsshprofileHttps Resource Properties

Inputs

Outputs

Look up Existing ObjectFirewallSslsshprofileHttps Resource

Import

Package Details

On this page

On this page