Fortios v0.0.6, Jul 9 24

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.webproxy.Global

Explore with Pulumi AI

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";

const trname = new fortios.webproxy.Global("trname", {
    fastPolicyMatch: "enable",
    forwardProxyAuth: "disable",
    forwardServerAffinityTimeout: 30,
    learnClientIp: "disable",
    maxMessageLength: 32,
    maxRequestLength: 4,
    maxWafBodyCacheLength: 32,
    proxyFqdn: "default.fqdn",
    sslCaCert: "Fortinet_CA_SSL",
    sslCert: "Fortinet_Factory",
    strictWebCheck: "disable",
    tunnelNonHttp: "enable",
    unknownHttpVersion: "best-effort",
});

import pulumi
import pulumiverse_fortios as fortios

trname = fortios.webproxy.Global("trname",
    fast_policy_match="enable",
    forward_proxy_auth="disable",
    forward_server_affinity_timeout=30,
    learn_client_ip="disable",
    max_message_length=32,
    max_request_length=4,
    max_waf_body_cache_length=32,
    proxy_fqdn="default.fqdn",
    ssl_ca_cert="Fortinet_CA_SSL",
    ssl_cert="Fortinet_Factory",
    strict_web_check="disable",
    tunnel_non_http="enable",
    unknown_http_version="best-effort")

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/webproxy"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := webproxy.NewGlobal(ctx, "trname", &webproxy.GlobalArgs{
			FastPolicyMatch:              pulumi.String("enable"),
			ForwardProxyAuth:             pulumi.String("disable"),
			ForwardServerAffinityTimeout: pulumi.Int(30),
			LearnClientIp:                pulumi.String("disable"),
			MaxMessageLength:             pulumi.Int(32),
			MaxRequestLength:             pulumi.Int(4),
			MaxWafBodyCacheLength:        pulumi.Int(32),
			ProxyFqdn:                    pulumi.String("default.fqdn"),
			SslCaCert:                    pulumi.String("Fortinet_CA_SSL"),
			SslCert:                      pulumi.String("Fortinet_Factory"),
			StrictWebCheck:               pulumi.String("disable"),
			TunnelNonHttp:                pulumi.String("enable"),
			UnknownHttpVersion:           pulumi.String("best-effort"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortios.Webproxy.Global("trname", new()
    {
        FastPolicyMatch = "enable",
        ForwardProxyAuth = "disable",
        ForwardServerAffinityTimeout = 30,
        LearnClientIp = "disable",
        MaxMessageLength = 32,
        MaxRequestLength = 4,
        MaxWafBodyCacheLength = 32,
        ProxyFqdn = "default.fqdn",
        SslCaCert = "Fortinet_CA_SSL",
        SslCert = "Fortinet_Factory",
        StrictWebCheck = "disable",
        TunnelNonHttp = "enable",
        UnknownHttpVersion = "best-effort",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.webproxy.Global;
import com.pulumi.fortios.webproxy.GlobalArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new Global("trname", GlobalArgs.builder()
            .fastPolicyMatch("enable")
            .forwardProxyAuth("disable")
            .forwardServerAffinityTimeout(30)
            .learnClientIp("disable")
            .maxMessageLength(32)
            .maxRequestLength(4)
            .maxWafBodyCacheLength(32)
            .proxyFqdn("default.fqdn")
            .sslCaCert("Fortinet_CA_SSL")
            .sslCert("Fortinet_Factory")
            .strictWebCheck("disable")
            .tunnelNonHttp("enable")
            .unknownHttpVersion("best-effort")
            .build());

    }
}

resources:
  trname:
    type: fortios:webproxy:Global
    properties:
      fastPolicyMatch: enable
      forwardProxyAuth: disable
      forwardServerAffinityTimeout: 30
      learnClientIp: disable
      maxMessageLength: 32
      maxRequestLength: 4
      maxWafBodyCacheLength: 32
      proxyFqdn: default.fqdn
      sslCaCert: Fortinet_CA_SSL
      sslCert: Fortinet_Factory
      strictWebCheck: disable
      tunnelNonHttp: enable
      unknownHttpVersion: best-effort

Create Global Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Global(name: string, args: GlobalArgs, opts?: CustomResourceOptions);

@overload
def Global(resource_name: str,
           args: GlobalArgs,
           opts: Optional[ResourceOptions] = None)

@overload
def Global(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           proxy_fqdn: Optional[str] = None,
           max_message_length: Optional[int] = None,
           unknown_http_version: Optional[str] = None,
           forward_proxy_auth: Optional[str] = None,
           forward_server_affinity_timeout: Optional[int] = None,
           get_all_tables: Optional[str] = None,
           ldap_user_cache: Optional[str] = None,
           learn_client_ip: Optional[str] = None,
           learn_client_ip_from_header: Optional[str] = None,
           learn_client_ip_srcaddr6s: Optional[Sequence[GlobalLearnClientIpSrcaddr6Args]] = None,
           learn_client_ip_srcaddrs: Optional[Sequence[GlobalLearnClientIpSrcaddrArgs]] = None,
           log_app_id: Optional[str] = None,
           log_forward_server: Optional[str] = None,
           webproxy_profile: Optional[str] = None,
           fast_policy_match: Optional[str] = None,
           proxy_transparent_cert_inspection: Optional[str] = None,
           max_waf_body_cache_length: Optional[int] = None,
           policy_category_deep_inspect: Optional[str] = None,
           dynamic_sort_subtable: Optional[str] = None,
           max_request_length: Optional[int] = None,
           src_affinity_exempt_addr: Optional[str] = None,
           src_affinity_exempt_addr6: Optional[str] = None,
           ssl_ca_cert: Optional[str] = None,
           ssl_cert: Optional[str] = None,
           strict_web_check: Optional[str] = None,
           tunnel_non_http: Optional[str] = None,
           always_learn_client_ip: Optional[str] = None,
           vdomparam: Optional[str] = None,
           log_policy_pending: Optional[str] = None)

func NewGlobal(ctx *Context, name string, args GlobalArgs, opts ...ResourceOption) (*Global, error)

public Global(string name, GlobalArgs args, CustomResourceOptions? opts = null)

public Global(String name, GlobalArgs args)
public Global(String name, GlobalArgs args, CustomResourceOptions options)

type: fortios:webproxy:Global
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args GlobalArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args GlobalArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args GlobalArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args GlobalArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args GlobalArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var exampleglobalResourceResourceFromWebproxyglobal = new Fortios.Webproxy.Global("exampleglobalResourceResourceFromWebproxyglobal", new()
{
    ProxyFqdn = "string",
    MaxMessageLength = 0,
    UnknownHttpVersion = "string",
    ForwardProxyAuth = "string",
    ForwardServerAffinityTimeout = 0,
    GetAllTables = "string",
    LdapUserCache = "string",
    LearnClientIp = "string",
    LearnClientIpFromHeader = "string",
    LearnClientIpSrcaddr6s = new[]
    {
        new Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr6Args
        {
            Name = "string",
        },
    },
    LearnClientIpSrcaddrs = new[]
    {
        new Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddrArgs
        {
            Name = "string",
        },
    },
    LogAppId = "string",
    LogForwardServer = "string",
    WebproxyProfile = "string",
    FastPolicyMatch = "string",
    ProxyTransparentCertInspection = "string",
    MaxWafBodyCacheLength = 0,
    PolicyCategoryDeepInspect = "string",
    DynamicSortSubtable = "string",
    MaxRequestLength = 0,
    SrcAffinityExemptAddr = "string",
    SrcAffinityExemptAddr6 = "string",
    SslCaCert = "string",
    SslCert = "string",
    StrictWebCheck = "string",
    TunnelNonHttp = "string",
    AlwaysLearnClientIp = "string",
    Vdomparam = "string",
    LogPolicyPending = "string",
});

example, err := webproxy.NewGlobal(ctx, "exampleglobalResourceResourceFromWebproxyglobal", &webproxy.GlobalArgs{
	ProxyFqdn:                    pulumi.String("string"),
	MaxMessageLength:             pulumi.Int(0),
	UnknownHttpVersion:           pulumi.String("string"),
	ForwardProxyAuth:             pulumi.String("string"),
	ForwardServerAffinityTimeout: pulumi.Int(0),
	GetAllTables:                 pulumi.String("string"),
	LdapUserCache:                pulumi.String("string"),
	LearnClientIp:                pulumi.String("string"),
	LearnClientIpFromHeader:      pulumi.String("string"),
	LearnClientIpSrcaddr6s: webproxy.GlobalLearnClientIpSrcaddr6Array{
		&webproxy.GlobalLearnClientIpSrcaddr6Args{
			Name: pulumi.String("string"),
		},
	},
	LearnClientIpSrcaddrs: webproxy.GlobalLearnClientIpSrcaddrArray{
		&webproxy.GlobalLearnClientIpSrcaddrArgs{
			Name: pulumi.String("string"),
		},
	},
	LogAppId:                       pulumi.String("string"),
	LogForwardServer:               pulumi.String("string"),
	WebproxyProfile:                pulumi.String("string"),
	FastPolicyMatch:                pulumi.String("string"),
	ProxyTransparentCertInspection: pulumi.String("string"),
	MaxWafBodyCacheLength:          pulumi.Int(0),
	PolicyCategoryDeepInspect:      pulumi.String("string"),
	DynamicSortSubtable:            pulumi.String("string"),
	MaxRequestLength:               pulumi.Int(0),
	SrcAffinityExemptAddr:          pulumi.String("string"),
	SrcAffinityExemptAddr6:         pulumi.String("string"),
	SslCaCert:                      pulumi.String("string"),
	SslCert:                        pulumi.String("string"),
	StrictWebCheck:                 pulumi.String("string"),
	TunnelNonHttp:                  pulumi.String("string"),
	AlwaysLearnClientIp:            pulumi.String("string"),
	Vdomparam:                      pulumi.String("string"),
	LogPolicyPending:               pulumi.String("string"),
})

var exampleglobalResourceResourceFromWebproxyglobal = new Global("exampleglobalResourceResourceFromWebproxyglobal", GlobalArgs.builder()
    .proxyFqdn("string")
    .maxMessageLength(0)
    .unknownHttpVersion("string")
    .forwardProxyAuth("string")
    .forwardServerAffinityTimeout(0)
    .getAllTables("string")
    .ldapUserCache("string")
    .learnClientIp("string")
    .learnClientIpFromHeader("string")
    .learnClientIpSrcaddr6s(GlobalLearnClientIpSrcaddr6Args.builder()
        .name("string")
        .build())
    .learnClientIpSrcaddrs(GlobalLearnClientIpSrcaddrArgs.builder()
        .name("string")
        .build())
    .logAppId("string")
    .logForwardServer("string")
    .webproxyProfile("string")
    .fastPolicyMatch("string")
    .proxyTransparentCertInspection("string")
    .maxWafBodyCacheLength(0)
    .policyCategoryDeepInspect("string")
    .dynamicSortSubtable("string")
    .maxRequestLength(0)
    .srcAffinityExemptAddr("string")
    .srcAffinityExemptAddr6("string")
    .sslCaCert("string")
    .sslCert("string")
    .strictWebCheck("string")
    .tunnelNonHttp("string")
    .alwaysLearnClientIp("string")
    .vdomparam("string")
    .logPolicyPending("string")
    .build());

exampleglobal_resource_resource_from_webproxyglobal = fortios.webproxy.Global("exampleglobalResourceResourceFromWebproxyglobal",
    proxy_fqdn="string",
    max_message_length=0,
    unknown_http_version="string",
    forward_proxy_auth="string",
    forward_server_affinity_timeout=0,
    get_all_tables="string",
    ldap_user_cache="string",
    learn_client_ip="string",
    learn_client_ip_from_header="string",
    learn_client_ip_srcaddr6s=[fortios.webproxy.GlobalLearnClientIpSrcaddr6Args(
        name="string",
    )],
    learn_client_ip_srcaddrs=[fortios.webproxy.GlobalLearnClientIpSrcaddrArgs(
        name="string",
    )],
    log_app_id="string",
    log_forward_server="string",
    webproxy_profile="string",
    fast_policy_match="string",
    proxy_transparent_cert_inspection="string",
    max_waf_body_cache_length=0,
    policy_category_deep_inspect="string",
    dynamic_sort_subtable="string",
    max_request_length=0,
    src_affinity_exempt_addr="string",
    src_affinity_exempt_addr6="string",
    ssl_ca_cert="string",
    ssl_cert="string",
    strict_web_check="string",
    tunnel_non_http="string",
    always_learn_client_ip="string",
    vdomparam="string",
    log_policy_pending="string")

const exampleglobalResourceResourceFromWebproxyglobal = new fortios.webproxy.Global("exampleglobalResourceResourceFromWebproxyglobal", {
    proxyFqdn: "string",
    maxMessageLength: 0,
    unknownHttpVersion: "string",
    forwardProxyAuth: "string",
    forwardServerAffinityTimeout: 0,
    getAllTables: "string",
    ldapUserCache: "string",
    learnClientIp: "string",
    learnClientIpFromHeader: "string",
    learnClientIpSrcaddr6s: [{
        name: "string",
    }],
    learnClientIpSrcaddrs: [{
        name: "string",
    }],
    logAppId: "string",
    logForwardServer: "string",
    webproxyProfile: "string",
    fastPolicyMatch: "string",
    proxyTransparentCertInspection: "string",
    maxWafBodyCacheLength: 0,
    policyCategoryDeepInspect: "string",
    dynamicSortSubtable: "string",
    maxRequestLength: 0,
    srcAffinityExemptAddr: "string",
    srcAffinityExemptAddr6: "string",
    sslCaCert: "string",
    sslCert: "string",
    strictWebCheck: "string",
    tunnelNonHttp: "string",
    alwaysLearnClientIp: "string",
    vdomparam: "string",
    logPolicyPending: "string",
});

type: fortios:webproxy:Global
properties:
    alwaysLearnClientIp: string
    dynamicSortSubtable: string
    fastPolicyMatch: string
    forwardProxyAuth: string
    forwardServerAffinityTimeout: 0
    getAllTables: string
    ldapUserCache: string
    learnClientIp: string
    learnClientIpFromHeader: string
    learnClientIpSrcaddr6s:
        - name: string
    learnClientIpSrcaddrs:
        - name: string
    logAppId: string
    logForwardServer: string
    logPolicyPending: string
    maxMessageLength: 0
    maxRequestLength: 0
    maxWafBodyCacheLength: 0
    policyCategoryDeepInspect: string
    proxyFqdn: string
    proxyTransparentCertInspection: string
    srcAffinityExemptAddr: string
    srcAffinityExemptAddr6: string
    sslCaCert: string
    sslCert: string
    strictWebCheck: string
    tunnelNonHttp: string
    unknownHttpVersion: string
    vdomparam: string
    webproxyProfile: string

Global Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Global resource accepts the following input properties:

ProxyFqdn string: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
AlwaysLearnClientIp string: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
FastPolicyMatch string: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
ForwardProxyAuth string: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
ForwardServerAffinityTimeout int: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
LdapUserCache string: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
LearnClientIp string: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
LearnClientIpFromHeader string: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
LearnClientIpSrcaddr6s List<Pulumiverse.Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr6>: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
LearnClientIpSrcaddrs List<Pulumiverse.Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr>: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
LogAppId string: Enable/disable always log application type in traffic log. Valid values: enable, disable.
LogForwardServer string: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
LogPolicyPending string: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
MaxMessageLength int: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
MaxRequestLength int: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
MaxWafBodyCacheLength int: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
PolicyCategoryDeepInspect string: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
ProxyTransparentCertInspection string: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
SrcAffinityExemptAddr string: IPv4 source addresses to exempt proxy affinity.
SrcAffinityExemptAddr6 string: IPv6 source addresses to exempt proxy affinity.
SslCaCert string: SSL CA certificate for SSL interception.
SslCert string: SSL certificate for SSL interception.
StrictWebCheck string: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
TunnelNonHttp string: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
UnknownHttpVersion string: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
WebproxyProfile string: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

ProxyFqdn string: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
AlwaysLearnClientIp string: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
FastPolicyMatch string: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
ForwardProxyAuth string: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
ForwardServerAffinityTimeout int: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
LdapUserCache string: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
LearnClientIp string: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
LearnClientIpFromHeader string: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
LearnClientIpSrcaddr6s []GlobalLearnClientIpSrcaddr6Args: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
LearnClientIpSrcaddrs []GlobalLearnClientIpSrcaddrArgs: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
LogAppId string: Enable/disable always log application type in traffic log. Valid values: enable, disable.
LogForwardServer string: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
LogPolicyPending string: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
MaxMessageLength int: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
MaxRequestLength int: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
MaxWafBodyCacheLength int: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
PolicyCategoryDeepInspect string: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
ProxyTransparentCertInspection string: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
SrcAffinityExemptAddr string: IPv4 source addresses to exempt proxy affinity.
SrcAffinityExemptAddr6 string: IPv6 source addresses to exempt proxy affinity.
SslCaCert string: SSL CA certificate for SSL interception.
SslCert string: SSL certificate for SSL interception.
StrictWebCheck string: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
TunnelNonHttp string: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
UnknownHttpVersion string: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
WebproxyProfile string: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

proxyFqdn String: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
alwaysLearnClientIp String: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
fastPolicyMatch String: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
forwardProxyAuth String: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
forwardServerAffinityTimeout Integer: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
ldapUserCache String: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
learnClientIp String: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
learnClientIpFromHeader String: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
learnClientIpSrcaddr6s List<GlobalLearnClientIpSrcaddr6>: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
learnClientIpSrcaddrs List<GlobalLearnClientIpSrcaddr>: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
logAppId String: Enable/disable always log application type in traffic log. Valid values: enable, disable.
logForwardServer String: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
logPolicyPending String: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
maxMessageLength Integer: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
maxRequestLength Integer: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
maxWafBodyCacheLength Integer: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
policyCategoryDeepInspect String: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
proxyTransparentCertInspection String: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
srcAffinityExemptAddr String: IPv4 source addresses to exempt proxy affinity.
srcAffinityExemptAddr6 String: IPv6 source addresses to exempt proxy affinity.
sslCaCert String: SSL CA certificate for SSL interception.
sslCert String: SSL certificate for SSL interception.
strictWebCheck String: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
tunnelNonHttp String: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
unknownHttpVersion String: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
webproxyProfile String: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

proxyFqdn string: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
alwaysLearnClientIp string: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
fastPolicyMatch string: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
forwardProxyAuth string: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
forwardServerAffinityTimeout number: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
ldapUserCache string: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
learnClientIp string: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
learnClientIpFromHeader string: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
learnClientIpSrcaddr6s GlobalLearnClientIpSrcaddr6[]: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
learnClientIpSrcaddrs GlobalLearnClientIpSrcaddr[]: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
logAppId string: Enable/disable always log application type in traffic log. Valid values: enable, disable.
logForwardServer string: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
logPolicyPending string: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
maxMessageLength number: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
maxRequestLength number: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
maxWafBodyCacheLength number: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
policyCategoryDeepInspect string: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
proxyTransparentCertInspection string: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
srcAffinityExemptAddr string: IPv4 source addresses to exempt proxy affinity.
srcAffinityExemptAddr6 string: IPv6 source addresses to exempt proxy affinity.
sslCaCert string: SSL CA certificate for SSL interception.
sslCert string: SSL certificate for SSL interception.
strictWebCheck string: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
tunnelNonHttp string: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
unknownHttpVersion string: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
webproxyProfile string: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

proxy_fqdn str: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
always_learn_client_ip str: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
fast_policy_match str: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
forward_proxy_auth str: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
forward_server_affinity_timeout int: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
ldap_user_cache str: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
learn_client_ip str: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
learn_client_ip_from_header str: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
learn_client_ip_srcaddr6s Sequence[GlobalLearnClientIpSrcaddr6Args]: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
learn_client_ip_srcaddrs Sequence[GlobalLearnClientIpSrcaddrArgs]: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
log_app_id str: Enable/disable always log application type in traffic log. Valid values: enable, disable.
log_forward_server str: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
log_policy_pending str: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
max_message_length int: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
max_request_length int: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
max_waf_body_cache_length int: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
policy_category_deep_inspect str: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
proxy_transparent_cert_inspection str: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
src_affinity_exempt_addr str: IPv4 source addresses to exempt proxy affinity.
src_affinity_exempt_addr6 str: IPv6 source addresses to exempt proxy affinity.
ssl_ca_cert str: SSL CA certificate for SSL interception.
ssl_cert str: SSL certificate for SSL interception.
strict_web_check str: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
tunnel_non_http str: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
unknown_http_version str: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
webproxy_profile str: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

proxyFqdn String: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
alwaysLearnClientIp String: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
fastPolicyMatch String: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
forwardProxyAuth String: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
forwardServerAffinityTimeout Number: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
ldapUserCache String: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
learnClientIp String: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
learnClientIpFromHeader String: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
learnClientIpSrcaddr6s List<Property Map>: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
learnClientIpSrcaddrs List<Property Map>: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
logAppId String: Enable/disable always log application type in traffic log. Valid values: enable, disable.
logForwardServer String: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
logPolicyPending String: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
maxMessageLength Number: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
maxRequestLength Number: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
maxWafBodyCacheLength Number: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
policyCategoryDeepInspect String: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
proxyTransparentCertInspection String: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
srcAffinityExemptAddr String: IPv4 source addresses to exempt proxy affinity.
srcAffinityExemptAddr6 String: IPv6 source addresses to exempt proxy affinity.
sslCaCert String: SSL CA certificate for SSL interception.
sslCert String: SSL certificate for SSL interception.
strictWebCheck String: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
tunnelNonHttp String: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
unknownHttpVersion String: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
webproxyProfile String: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

Outputs

All input properties are implicitly available as output properties. Additionally, the Global resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Global Resource

Get an existing Global resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: GlobalState, opts?: CustomResourceOptions): Global

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        always_learn_client_ip: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        fast_policy_match: Optional[str] = None,
        forward_proxy_auth: Optional[str] = None,
        forward_server_affinity_timeout: Optional[int] = None,
        get_all_tables: Optional[str] = None,
        ldap_user_cache: Optional[str] = None,
        learn_client_ip: Optional[str] = None,
        learn_client_ip_from_header: Optional[str] = None,
        learn_client_ip_srcaddr6s: Optional[Sequence[GlobalLearnClientIpSrcaddr6Args]] = None,
        learn_client_ip_srcaddrs: Optional[Sequence[GlobalLearnClientIpSrcaddrArgs]] = None,
        log_app_id: Optional[str] = None,
        log_forward_server: Optional[str] = None,
        log_policy_pending: Optional[str] = None,
        max_message_length: Optional[int] = None,
        max_request_length: Optional[int] = None,
        max_waf_body_cache_length: Optional[int] = None,
        policy_category_deep_inspect: Optional[str] = None,
        proxy_fqdn: Optional[str] = None,
        proxy_transparent_cert_inspection: Optional[str] = None,
        src_affinity_exempt_addr: Optional[str] = None,
        src_affinity_exempt_addr6: Optional[str] = None,
        ssl_ca_cert: Optional[str] = None,
        ssl_cert: Optional[str] = None,
        strict_web_check: Optional[str] = None,
        tunnel_non_http: Optional[str] = None,
        unknown_http_version: Optional[str] = None,
        vdomparam: Optional[str] = None,
        webproxy_profile: Optional[str] = None) -> Global

func GetGlobal(ctx *Context, name string, id IDInput, state *GlobalState, opts ...ResourceOption) (*Global, error)

public static Global Get(string name, Input<string> id, GlobalState? state, CustomResourceOptions? opts = null)

public static Global get(String name, Output<String> id, GlobalState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AlwaysLearnClientIp string: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
FastPolicyMatch string: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
ForwardProxyAuth string: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
ForwardServerAffinityTimeout int: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
LdapUserCache string: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
LearnClientIp string: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
LearnClientIpFromHeader string: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
LearnClientIpSrcaddr6s List<Pulumiverse.Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr6>: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
LearnClientIpSrcaddrs List<Pulumiverse.Fortios.Webproxy.Inputs.GlobalLearnClientIpSrcaddr>: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
LogAppId string: Enable/disable always log application type in traffic log. Valid values: enable, disable.
LogForwardServer string: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
LogPolicyPending string: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
MaxMessageLength int: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
MaxRequestLength int: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
MaxWafBodyCacheLength int: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
PolicyCategoryDeepInspect string: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
ProxyFqdn string: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
ProxyTransparentCertInspection string: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
SrcAffinityExemptAddr string: IPv4 source addresses to exempt proxy affinity.
SrcAffinityExemptAddr6 string: IPv6 source addresses to exempt proxy affinity.
SslCaCert string: SSL CA certificate for SSL interception.
SslCert string: SSL certificate for SSL interception.
StrictWebCheck string: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
TunnelNonHttp string: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
UnknownHttpVersion string: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
WebproxyProfile string: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

AlwaysLearnClientIp string: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
FastPolicyMatch string: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
ForwardProxyAuth string: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
ForwardServerAffinityTimeout int: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
LdapUserCache string: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
LearnClientIp string: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
LearnClientIpFromHeader string: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
LearnClientIpSrcaddr6s []GlobalLearnClientIpSrcaddr6Args: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
LearnClientIpSrcaddrs []GlobalLearnClientIpSrcaddrArgs: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
LogAppId string: Enable/disable always log application type in traffic log. Valid values: enable, disable.
LogForwardServer string: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
LogPolicyPending string: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
MaxMessageLength int: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
MaxRequestLength int: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
MaxWafBodyCacheLength int: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
PolicyCategoryDeepInspect string: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
ProxyFqdn string: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
ProxyTransparentCertInspection string: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
SrcAffinityExemptAddr string: IPv4 source addresses to exempt proxy affinity.
SrcAffinityExemptAddr6 string: IPv6 source addresses to exempt proxy affinity.
SslCaCert string: SSL CA certificate for SSL interception.
SslCert string: SSL certificate for SSL interception.
StrictWebCheck string: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
TunnelNonHttp string: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
UnknownHttpVersion string: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
WebproxyProfile string: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

alwaysLearnClientIp String: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
fastPolicyMatch String: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
forwardProxyAuth String: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
forwardServerAffinityTimeout Integer: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
ldapUserCache String: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
learnClientIp String: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
learnClientIpFromHeader String: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
learnClientIpSrcaddr6s List<GlobalLearnClientIpSrcaddr6>: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
learnClientIpSrcaddrs List<GlobalLearnClientIpSrcaddr>: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
logAppId String: Enable/disable always log application type in traffic log. Valid values: enable, disable.
logForwardServer String: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
logPolicyPending String: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
maxMessageLength Integer: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
maxRequestLength Integer: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
maxWafBodyCacheLength Integer: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
policyCategoryDeepInspect String: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
proxyFqdn String: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
proxyTransparentCertInspection String: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
srcAffinityExemptAddr String: IPv4 source addresses to exempt proxy affinity.
srcAffinityExemptAddr6 String: IPv6 source addresses to exempt proxy affinity.
sslCaCert String: SSL CA certificate for SSL interception.
sslCert String: SSL certificate for SSL interception.
strictWebCheck String: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
tunnelNonHttp String: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
unknownHttpVersion String: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
webproxyProfile String: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

alwaysLearnClientIp string: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
fastPolicyMatch string: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
forwardProxyAuth string: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
forwardServerAffinityTimeout number: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
ldapUserCache string: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
learnClientIp string: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
learnClientIpFromHeader string: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
learnClientIpSrcaddr6s GlobalLearnClientIpSrcaddr6[]: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
learnClientIpSrcaddrs GlobalLearnClientIpSrcaddr[]: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
logAppId string: Enable/disable always log application type in traffic log. Valid values: enable, disable.
logForwardServer string: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
logPolicyPending string: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
maxMessageLength number: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
maxRequestLength number: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
maxWafBodyCacheLength number: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
policyCategoryDeepInspect string: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
proxyFqdn string: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
proxyTransparentCertInspection string: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
srcAffinityExemptAddr string: IPv4 source addresses to exempt proxy affinity.
srcAffinityExemptAddr6 string: IPv6 source addresses to exempt proxy affinity.
sslCaCert string: SSL CA certificate for SSL interception.
sslCert string: SSL certificate for SSL interception.
strictWebCheck string: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
tunnelNonHttp string: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
unknownHttpVersion string: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
webproxyProfile string: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

always_learn_client_ip str: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
fast_policy_match str: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
forward_proxy_auth str: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
forward_server_affinity_timeout int: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
ldap_user_cache str: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
learn_client_ip str: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
learn_client_ip_from_header str: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
learn_client_ip_srcaddr6s Sequence[GlobalLearnClientIpSrcaddr6Args]: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
learn_client_ip_srcaddrs Sequence[GlobalLearnClientIpSrcaddrArgs]: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
log_app_id str: Enable/disable always log application type in traffic log. Valid values: enable, disable.
log_forward_server str: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
log_policy_pending str: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
max_message_length int: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
max_request_length int: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
max_waf_body_cache_length int: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
policy_category_deep_inspect str: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
proxy_fqdn str: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
proxy_transparent_cert_inspection str: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
src_affinity_exempt_addr str: IPv4 source addresses to exempt proxy affinity.
src_affinity_exempt_addr6 str: IPv6 source addresses to exempt proxy affinity.
ssl_ca_cert str: SSL CA certificate for SSL interception.
ssl_cert str: SSL certificate for SSL interception.
strict_web_check str: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
tunnel_non_http str: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
unknown_http_version str: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
webproxy_profile str: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

alwaysLearnClientIp String: Enable/disable learning the client's IP address from headers for every request. Valid values: enable, disable.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
fastPolicyMatch String: Enable/disable fast matching algorithm for explicit and transparent proxy policy. Valid values: enable, disable.
forwardProxyAuth String: Enable/disable forwarding proxy authentication headers. Valid values: enable, disable.
forwardServerAffinityTimeout Number: Period of time before the source IP's traffic is no longer assigned to the forwarding server (6 - 60 min, default = 30).
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
ldapUserCache String: Enable/disable LDAP user cache for explicit and transparent proxy user. Valid values: enable, disable.
learnClientIp String: Enable/disable learning the client's IP address from headers. Valid values: enable, disable.
learnClientIpFromHeader String: Learn client IP address from the specified headers. Valid values: true-client-ip, x-real-ip, x-forwarded-for.
learnClientIpSrcaddr6s List<Property Map>: IPv6 Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr6 block is documented below.
learnClientIpSrcaddrs List<Property Map>: Source address name (srcaddr or srcaddr6 must be set). The structure of learn_client_ip_srcaddr block is documented below.
logAppId String: Enable/disable always log application type in traffic log. Valid values: enable, disable.
logForwardServer String: Enable/disable forward server name logging in forward traffic log. Valid values: enable, disable.
logPolicyPending String: Enable/disable logging sessions that are pending on policy matching. Valid values: enable, disable.
maxMessageLength Number: Maximum length of HTTP message, not including body (16 - 256 Kbytes, default = 32).
maxRequestLength Number: Maximum length of HTTP request line (2 - 64 Kbytes). On FortiOS versions 6.2.0: default = 4. On FortiOS versions >= 6.2.4: default = 8.
maxWafBodyCacheLength Number: Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes, default = 32).
policyCategoryDeepInspect String: Enable/disable deep inspection for application level category policy matching. Valid values: enable, disable.
proxyFqdn String: Fully Qualified Domain Name (FQDN) that clients connect to (default = default.fqdn) to connect to the explicit web proxy.
proxyTransparentCertInspection String: Enable/disable transparent proxy certificate inspection. Valid values: enable, disable.
srcAffinityExemptAddr String: IPv4 source addresses to exempt proxy affinity.
srcAffinityExemptAddr6 String: IPv6 source addresses to exempt proxy affinity.
sslCaCert String: SSL CA certificate for SSL interception.
sslCert String: SSL certificate for SSL interception.
strictWebCheck String: Enable/disable strict web checking to block web sites that send incorrect headers that don't conform to HTTP 1.1. Valid values: enable, disable.
tunnelNonHttp String: Enable/disable allowing non-HTTP traffic. Allowed non-HTTP traffic is tunneled. Valid values: enable, disable.
unknownHttpVersion String: Action to take when an unknown version of HTTP is encountered: reject, allow (tunnel), or proceed with best-effort. Valid values: reject, tunnel, best-effort.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
webproxyProfile String: Name of the web proxy profile to apply when explicit proxy traffic is allowed by default and traffic is accepted that does not match an explicit proxy policy.

Supporting Types

GlobalLearnClientIpSrcaddr, GlobalLearnClientIpSrcaddrArgs

Name string: Address name.

Name string: Address name.

name String: Address name.

name string: Address name.

name str: Address name.

name String: Address name.

GlobalLearnClientIpSrcaddr6, GlobalLearnClientIpSrcaddr6Args

Name string

Name string

name String

name string

name str

name String

Import

WebProxy Global can be imported using any of these accepted formats:

$ pulumi import fortios:webproxy/global:Global labelname WebProxyGlobal

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:webproxy/global:Global labelname WebProxyGlobal

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortios pulumiverse/pulumi-fortios
License: Apache-2.0
Notes: This Pulumi package is based on the fortios Terraform Provider.

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

pulumiverse/pulumi-fortios

fortios.webproxy.Global

On this page

On this page

Example Usage

Create Global Resource

Constructor syntax

Parameters

Constructor example

Global Resource Properties

Inputs

Outputs

Look up Existing Global Resource

Supporting Types

GlobalLearnClientIpSrcaddr, GlobalLearnClientIpSrcaddrArgs

GlobalLearnClientIpSrcaddr6, GlobalLearnClientIpSrcaddr6Args

Import

Package Details

On this page

On this page