1. Packages
  2. Fortios
  3. API Docs
  4. router
  5. Policy
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.router.Policy

Explore with Pulumi AI

Configure IPv4 routing policies.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";

const trname = new fortios.router.Policy("trname", {
    action: "permit",
    dstNegate: "disable",
    endPort: 25,
    endSourcePort: 65535,
    gateway: "0.0.0.0",
    inputDevices: [{
        name: "port1",
    }],
    outputDevice: "port2",
    protocol: 6,
    seqNum: 1,
    srcNegate: "disable",
    startPort: 25,
    startSourcePort: 0,
    status: "enable",
    tos: "0x00",
    tosMask: "0x00",
});
Copy
import pulumi
import pulumiverse_fortios as fortios

trname = fortios.router.Policy("trname",
    action="permit",
    dst_negate="disable",
    end_port=25,
    end_source_port=65535,
    gateway="0.0.0.0",
    input_devices=[fortios.router.PolicyInputDeviceArgs(
        name="port1",
    )],
    output_device="port2",
    protocol=6,
    seq_num=1,
    src_negate="disable",
    start_port=25,
    start_source_port=0,
    status="enable",
    tos="0x00",
    tos_mask="0x00")
Copy
package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/router"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := router.NewPolicy(ctx, "trname", &router.PolicyArgs{
			Action:        pulumi.String("permit"),
			DstNegate:     pulumi.String("disable"),
			EndPort:       pulumi.Int(25),
			EndSourcePort: pulumi.Int(65535),
			Gateway:       pulumi.String("0.0.0.0"),
			InputDevices: router.PolicyInputDeviceArray{
				&router.PolicyInputDeviceArgs{
					Name: pulumi.String("port1"),
				},
			},
			OutputDevice:    pulumi.String("port2"),
			Protocol:        pulumi.Int(6),
			SeqNum:          pulumi.Int(1),
			SrcNegate:       pulumi.String("disable"),
			StartPort:       pulumi.Int(25),
			StartSourcePort: pulumi.Int(0),
			Status:          pulumi.String("enable"),
			Tos:             pulumi.String("0x00"),
			TosMask:         pulumi.String("0x00"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortios.Router.Policy("trname", new()
    {
        Action = "permit",
        DstNegate = "disable",
        EndPort = 25,
        EndSourcePort = 65535,
        Gateway = "0.0.0.0",
        InputDevices = new[]
        {
            new Fortios.Router.Inputs.PolicyInputDeviceArgs
            {
                Name = "port1",
            },
        },
        OutputDevice = "port2",
        Protocol = 6,
        SeqNum = 1,
        SrcNegate = "disable",
        StartPort = 25,
        StartSourcePort = 0,
        Status = "enable",
        Tos = "0x00",
        TosMask = "0x00",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.router.Policy;
import com.pulumi.fortios.router.PolicyArgs;
import com.pulumi.fortios.router.inputs.PolicyInputDeviceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new Policy("trname", PolicyArgs.builder()
            .action("permit")
            .dstNegate("disable")
            .endPort(25)
            .endSourcePort(65535)
            .gateway("0.0.0.0")
            .inputDevices(PolicyInputDeviceArgs.builder()
                .name("port1")
                .build())
            .outputDevice("port2")
            .protocol(6)
            .seqNum(1)
            .srcNegate("disable")
            .startPort(25)
            .startSourcePort(0)
            .status("enable")
            .tos("0x00")
            .tosMask("0x00")
            .build());

    }
}
Copy
resources:
  trname:
    type: fortios:router:Policy
    properties:
      action: permit
      dstNegate: disable
      endPort: 25
      endSourcePort: 65535
      gateway: 0.0.0.0
      inputDevices:
        - name: port1
      outputDevice: port2
      protocol: 6
      seqNum: 1
      srcNegate: disable
      startPort: 25
      startSourcePort: 0
      status: enable
      tos: 0x00
      tosMask: 0x00
Copy

Create Policy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Policy(name: string, args?: PolicyArgs, opts?: CustomResourceOptions);
@overload
def Policy(resource_name: str,
           args: Optional[PolicyArgs] = None,
           opts: Optional[ResourceOptions] = None)

@overload
def Policy(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           action: Optional[str] = None,
           comments: Optional[str] = None,
           dst_negate: Optional[str] = None,
           dstaddrs: Optional[Sequence[PolicyDstaddrArgs]] = None,
           dsts: Optional[Sequence[PolicyDstArgs]] = None,
           dynamic_sort_subtable: Optional[str] = None,
           end_port: Optional[int] = None,
           end_source_port: Optional[int] = None,
           gateway: Optional[str] = None,
           get_all_tables: Optional[str] = None,
           input_device_negate: Optional[str] = None,
           input_devices: Optional[Sequence[PolicyInputDeviceArgs]] = None,
           internet_service_customs: Optional[Sequence[PolicyInternetServiceCustomArgs]] = None,
           internet_service_ids: Optional[Sequence[PolicyInternetServiceIdArgs]] = None,
           output_device: Optional[str] = None,
           protocol: Optional[int] = None,
           seq_num: Optional[int] = None,
           src_negate: Optional[str] = None,
           srcaddrs: Optional[Sequence[PolicySrcaddrArgs]] = None,
           srcs: Optional[Sequence[PolicySrcArgs]] = None,
           start_port: Optional[int] = None,
           start_source_port: Optional[int] = None,
           status: Optional[str] = None,
           tos: Optional[str] = None,
           tos_mask: Optional[str] = None,
           vdomparam: Optional[str] = None)
func NewPolicy(ctx *Context, name string, args *PolicyArgs, opts ...ResourceOption) (*Policy, error)
public Policy(string name, PolicyArgs? args = null, CustomResourceOptions? opts = null)
public Policy(String name, PolicyArgs args)
public Policy(String name, PolicyArgs args, CustomResourceOptions options)
type: fortios:router:Policy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args PolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args PolicyArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args PolicyArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args PolicyArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. PolicyArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var examplepolicyResourceResourceFromRouterpolicy = new Fortios.Router.Policy("examplepolicyResourceResourceFromRouterpolicy", new()
{
    Action = "string",
    Comments = "string",
    DstNegate = "string",
    Dstaddrs = new[]
    {
        new Fortios.Router.Inputs.PolicyDstaddrArgs
        {
            Name = "string",
        },
    },
    Dsts = new[]
    {
        new Fortios.Router.Inputs.PolicyDstArgs
        {
            Subnet = "string",
        },
    },
    DynamicSortSubtable = "string",
    EndPort = 0,
    EndSourcePort = 0,
    Gateway = "string",
    GetAllTables = "string",
    InputDeviceNegate = "string",
    InputDevices = new[]
    {
        new Fortios.Router.Inputs.PolicyInputDeviceArgs
        {
            Name = "string",
        },
    },
    InternetServiceCustoms = new[]
    {
        new Fortios.Router.Inputs.PolicyInternetServiceCustomArgs
        {
            Name = "string",
        },
    },
    InternetServiceIds = new[]
    {
        new Fortios.Router.Inputs.PolicyInternetServiceIdArgs
        {
            Id = 0,
        },
    },
    OutputDevice = "string",
    Protocol = 0,
    SeqNum = 0,
    SrcNegate = "string",
    Srcaddrs = new[]
    {
        new Fortios.Router.Inputs.PolicySrcaddrArgs
        {
            Name = "string",
        },
    },
    Srcs = new[]
    {
        new Fortios.Router.Inputs.PolicySrcArgs
        {
            Subnet = "string",
        },
    },
    StartPort = 0,
    StartSourcePort = 0,
    Status = "string",
    Tos = "string",
    TosMask = "string",
    Vdomparam = "string",
});
Copy
example, err := router.NewPolicy(ctx, "examplepolicyResourceResourceFromRouterpolicy", &router.PolicyArgs{
	Action:    pulumi.String("string"),
	Comments:  pulumi.String("string"),
	DstNegate: pulumi.String("string"),
	Dstaddrs: router.PolicyDstaddrArray{
		&router.PolicyDstaddrArgs{
			Name: pulumi.String("string"),
		},
	},
	Dsts: router.PolicyDstArray{
		&router.PolicyDstArgs{
			Subnet: pulumi.String("string"),
		},
	},
	DynamicSortSubtable: pulumi.String("string"),
	EndPort:             pulumi.Int(0),
	EndSourcePort:       pulumi.Int(0),
	Gateway:             pulumi.String("string"),
	GetAllTables:        pulumi.String("string"),
	InputDeviceNegate:   pulumi.String("string"),
	InputDevices: router.PolicyInputDeviceArray{
		&router.PolicyInputDeviceArgs{
			Name: pulumi.String("string"),
		},
	},
	InternetServiceCustoms: router.PolicyInternetServiceCustomArray{
		&router.PolicyInternetServiceCustomArgs{
			Name: pulumi.String("string"),
		},
	},
	InternetServiceIds: router.PolicyInternetServiceIdArray{
		&router.PolicyInternetServiceIdArgs{
			Id: pulumi.Int(0),
		},
	},
	OutputDevice: pulumi.String("string"),
	Protocol:     pulumi.Int(0),
	SeqNum:       pulumi.Int(0),
	SrcNegate:    pulumi.String("string"),
	Srcaddrs: router.PolicySrcaddrArray{
		&router.PolicySrcaddrArgs{
			Name: pulumi.String("string"),
		},
	},
	Srcs: router.PolicySrcArray{
		&router.PolicySrcArgs{
			Subnet: pulumi.String("string"),
		},
	},
	StartPort:       pulumi.Int(0),
	StartSourcePort: pulumi.Int(0),
	Status:          pulumi.String("string"),
	Tos:             pulumi.String("string"),
	TosMask:         pulumi.String("string"),
	Vdomparam:       pulumi.String("string"),
})
Copy
var examplepolicyResourceResourceFromRouterpolicy = new Policy("examplepolicyResourceResourceFromRouterpolicy", PolicyArgs.builder()
    .action("string")
    .comments("string")
    .dstNegate("string")
    .dstaddrs(PolicyDstaddrArgs.builder()
        .name("string")
        .build())
    .dsts(PolicyDstArgs.builder()
        .subnet("string")
        .build())
    .dynamicSortSubtable("string")
    .endPort(0)
    .endSourcePort(0)
    .gateway("string")
    .getAllTables("string")
    .inputDeviceNegate("string")
    .inputDevices(PolicyInputDeviceArgs.builder()
        .name("string")
        .build())
    .internetServiceCustoms(PolicyInternetServiceCustomArgs.builder()
        .name("string")
        .build())
    .internetServiceIds(PolicyInternetServiceIdArgs.builder()
        .id(0)
        .build())
    .outputDevice("string")
    .protocol(0)
    .seqNum(0)
    .srcNegate("string")
    .srcaddrs(PolicySrcaddrArgs.builder()
        .name("string")
        .build())
    .srcs(PolicySrcArgs.builder()
        .subnet("string")
        .build())
    .startPort(0)
    .startSourcePort(0)
    .status("string")
    .tos("string")
    .tosMask("string")
    .vdomparam("string")
    .build());
Copy
examplepolicy_resource_resource_from_routerpolicy = fortios.router.Policy("examplepolicyResourceResourceFromRouterpolicy",
    action="string",
    comments="string",
    dst_negate="string",
    dstaddrs=[{
        "name": "string",
    }],
    dsts=[{
        "subnet": "string",
    }],
    dynamic_sort_subtable="string",
    end_port=0,
    end_source_port=0,
    gateway="string",
    get_all_tables="string",
    input_device_negate="string",
    input_devices=[{
        "name": "string",
    }],
    internet_service_customs=[{
        "name": "string",
    }],
    internet_service_ids=[{
        "id": 0,
    }],
    output_device="string",
    protocol=0,
    seq_num=0,
    src_negate="string",
    srcaddrs=[{
        "name": "string",
    }],
    srcs=[{
        "subnet": "string",
    }],
    start_port=0,
    start_source_port=0,
    status="string",
    tos="string",
    tos_mask="string",
    vdomparam="string")
Copy
const examplepolicyResourceResourceFromRouterpolicy = new fortios.router.Policy("examplepolicyResourceResourceFromRouterpolicy", {
    action: "string",
    comments: "string",
    dstNegate: "string",
    dstaddrs: [{
        name: "string",
    }],
    dsts: [{
        subnet: "string",
    }],
    dynamicSortSubtable: "string",
    endPort: 0,
    endSourcePort: 0,
    gateway: "string",
    getAllTables: "string",
    inputDeviceNegate: "string",
    inputDevices: [{
        name: "string",
    }],
    internetServiceCustoms: [{
        name: "string",
    }],
    internetServiceIds: [{
        id: 0,
    }],
    outputDevice: "string",
    protocol: 0,
    seqNum: 0,
    srcNegate: "string",
    srcaddrs: [{
        name: "string",
    }],
    srcs: [{
        subnet: "string",
    }],
    startPort: 0,
    startSourcePort: 0,
    status: "string",
    tos: "string",
    tosMask: "string",
    vdomparam: "string",
});
Copy
type: fortios:router:Policy
properties:
    action: string
    comments: string
    dstNegate: string
    dstaddrs:
        - name: string
    dsts:
        - subnet: string
    dynamicSortSubtable: string
    endPort: 0
    endSourcePort: 0
    gateway: string
    getAllTables: string
    inputDeviceNegate: string
    inputDevices:
        - name: string
    internetServiceCustoms:
        - name: string
    internetServiceIds:
        - id: 0
    outputDevice: string
    protocol: 0
    seqNum: 0
    srcNegate: string
    srcaddrs:
        - name: string
    srcs:
        - subnet: string
    startPort: 0
    startSourcePort: 0
    status: string
    tos: string
    tosMask: string
    vdomparam: string
Copy

Policy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Policy resource accepts the following input properties:

Action string
Action of the policy route. Valid values: deny, permit.
Comments string
Optional comments.
DstNegate string
Enable/disable negating destination address match. Valid values: enable, disable.
Dstaddrs List<Pulumiverse.Fortios.Router.Inputs.PolicyDstaddr>
Destination address name. The structure of dstaddr block is documented below.
Dsts List<Pulumiverse.Fortios.Router.Inputs.PolicyDst>
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
DynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EndPort int
End destination port number (0 - 65535).
EndSourcePort int
End source port number (0 - 65535).
Gateway string
IP address of the gateway.
GetAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
InputDeviceNegate string
Enable/disable negation of input device match. Valid values: enable, disable.
InputDevices List<Pulumiverse.Fortios.Router.Inputs.PolicyInputDevice>
Incoming interface name. The structure of input_device block is documented below.
InternetServiceCustoms List<Pulumiverse.Fortios.Router.Inputs.PolicyInternetServiceCustom>
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
InternetServiceIds List<Pulumiverse.Fortios.Router.Inputs.PolicyInternetServiceId>
Destination Internet Service ID. The structure of internet_service_id block is documented below.
OutputDevice string
Outgoing interface name.
Protocol int
Protocol number (0 - 255).
SeqNum Changes to this property will trigger replacement. int
Sequence number.
SrcNegate string
Enable/disable negating source address match. Valid values: enable, disable.
Srcaddrs List<Pulumiverse.Fortios.Router.Inputs.PolicySrcaddr>
Source address name. The structure of srcaddr block is documented below.
Srcs List<Pulumiverse.Fortios.Router.Inputs.PolicySrc>
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
StartPort int
Start destination port number (0 - 65535).
StartSourcePort int
Start source port number (0 - 65535).
Status string
Enable/disable this policy route. Valid values: enable, disable.
Tos string
Type of service bit pattern.
TosMask string
Type of service evaluated bits.
Vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Action string
Action of the policy route. Valid values: deny, permit.
Comments string
Optional comments.
DstNegate string
Enable/disable negating destination address match. Valid values: enable, disable.
Dstaddrs []PolicyDstaddrArgs
Destination address name. The structure of dstaddr block is documented below.
Dsts []PolicyDstArgs
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
DynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EndPort int
End destination port number (0 - 65535).
EndSourcePort int
End source port number (0 - 65535).
Gateway string
IP address of the gateway.
GetAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
InputDeviceNegate string
Enable/disable negation of input device match. Valid values: enable, disable.
InputDevices []PolicyInputDeviceArgs
Incoming interface name. The structure of input_device block is documented below.
InternetServiceCustoms []PolicyInternetServiceCustomArgs
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
InternetServiceIds []PolicyInternetServiceIdArgs
Destination Internet Service ID. The structure of internet_service_id block is documented below.
OutputDevice string
Outgoing interface name.
Protocol int
Protocol number (0 - 255).
SeqNum Changes to this property will trigger replacement. int
Sequence number.
SrcNegate string
Enable/disable negating source address match. Valid values: enable, disable.
Srcaddrs []PolicySrcaddrArgs
Source address name. The structure of srcaddr block is documented below.
Srcs []PolicySrcArgs
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
StartPort int
Start destination port number (0 - 65535).
StartSourcePort int
Start source port number (0 - 65535).
Status string
Enable/disable this policy route. Valid values: enable, disable.
Tos string
Type of service bit pattern.
TosMask string
Type of service evaluated bits.
Vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
action String
Action of the policy route. Valid values: deny, permit.
comments String
Optional comments.
dstNegate String
Enable/disable negating destination address match. Valid values: enable, disable.
dstaddrs List<PolicyDstaddr>
Destination address name. The structure of dstaddr block is documented below.
dsts List<PolicyDst>
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
dynamicSortSubtable String
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
endPort Integer
End destination port number (0 - 65535).
endSourcePort Integer
End source port number (0 - 65535).
gateway String
IP address of the gateway.
getAllTables String
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
inputDeviceNegate String
Enable/disable negation of input device match. Valid values: enable, disable.
inputDevices List<PolicyInputDevice>
Incoming interface name. The structure of input_device block is documented below.
internetServiceCustoms List<PolicyInternetServiceCustom>
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
internetServiceIds List<PolicyInternetServiceId>
Destination Internet Service ID. The structure of internet_service_id block is documented below.
outputDevice String
Outgoing interface name.
protocol Integer
Protocol number (0 - 255).
seqNum Changes to this property will trigger replacement. Integer
Sequence number.
srcNegate String
Enable/disable negating source address match. Valid values: enable, disable.
srcaddrs List<PolicySrcaddr>
Source address name. The structure of srcaddr block is documented below.
srcs List<PolicySrc>
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
startPort Integer
Start destination port number (0 - 65535).
startSourcePort Integer
Start source port number (0 - 65535).
status String
Enable/disable this policy route. Valid values: enable, disable.
tos String
Type of service bit pattern.
tosMask String
Type of service evaluated bits.
vdomparam Changes to this property will trigger replacement. String
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
action string
Action of the policy route. Valid values: deny, permit.
comments string
Optional comments.
dstNegate string
Enable/disable negating destination address match. Valid values: enable, disable.
dstaddrs PolicyDstaddr[]
Destination address name. The structure of dstaddr block is documented below.
dsts PolicyDst[]
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
dynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
endPort number
End destination port number (0 - 65535).
endSourcePort number
End source port number (0 - 65535).
gateway string
IP address of the gateway.
getAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
inputDeviceNegate string
Enable/disable negation of input device match. Valid values: enable, disable.
inputDevices PolicyInputDevice[]
Incoming interface name. The structure of input_device block is documented below.
internetServiceCustoms PolicyInternetServiceCustom[]
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
internetServiceIds PolicyInternetServiceId[]
Destination Internet Service ID. The structure of internet_service_id block is documented below.
outputDevice string
Outgoing interface name.
protocol number
Protocol number (0 - 255).
seqNum Changes to this property will trigger replacement. number
Sequence number.
srcNegate string
Enable/disable negating source address match. Valid values: enable, disable.
srcaddrs PolicySrcaddr[]
Source address name. The structure of srcaddr block is documented below.
srcs PolicySrc[]
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
startPort number
Start destination port number (0 - 65535).
startSourcePort number
Start source port number (0 - 65535).
status string
Enable/disable this policy route. Valid values: enable, disable.
tos string
Type of service bit pattern.
tosMask string
Type of service evaluated bits.
vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
action str
Action of the policy route. Valid values: deny, permit.
comments str
Optional comments.
dst_negate str
Enable/disable negating destination address match. Valid values: enable, disable.
dstaddrs Sequence[PolicyDstaddrArgs]
Destination address name. The structure of dstaddr block is documented below.
dsts Sequence[PolicyDstArgs]
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
dynamic_sort_subtable str
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
end_port int
End destination port number (0 - 65535).
end_source_port int
End source port number (0 - 65535).
gateway str
IP address of the gateway.
get_all_tables str
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
input_device_negate str
Enable/disable negation of input device match. Valid values: enable, disable.
input_devices Sequence[PolicyInputDeviceArgs]
Incoming interface name. The structure of input_device block is documented below.
internet_service_customs Sequence[PolicyInternetServiceCustomArgs]
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
internet_service_ids Sequence[PolicyInternetServiceIdArgs]
Destination Internet Service ID. The structure of internet_service_id block is documented below.
output_device str
Outgoing interface name.
protocol int
Protocol number (0 - 255).
seq_num Changes to this property will trigger replacement. int
Sequence number.
src_negate str
Enable/disable negating source address match. Valid values: enable, disable.
srcaddrs Sequence[PolicySrcaddrArgs]
Source address name. The structure of srcaddr block is documented below.
srcs Sequence[PolicySrcArgs]
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
start_port int
Start destination port number (0 - 65535).
start_source_port int
Start source port number (0 - 65535).
status str
Enable/disable this policy route. Valid values: enable, disable.
tos str
Type of service bit pattern.
tos_mask str
Type of service evaluated bits.
vdomparam Changes to this property will trigger replacement. str
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
action String
Action of the policy route. Valid values: deny, permit.
comments String
Optional comments.
dstNegate String
Enable/disable negating destination address match. Valid values: enable, disable.
dstaddrs List<Property Map>
Destination address name. The structure of dstaddr block is documented below.
dsts List<Property Map>
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
dynamicSortSubtable String
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
endPort Number
End destination port number (0 - 65535).
endSourcePort Number
End source port number (0 - 65535).
gateway String
IP address of the gateway.
getAllTables String
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
inputDeviceNegate String
Enable/disable negation of input device match. Valid values: enable, disable.
inputDevices List<Property Map>
Incoming interface name. The structure of input_device block is documented below.
internetServiceCustoms List<Property Map>
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
internetServiceIds List<Property Map>
Destination Internet Service ID. The structure of internet_service_id block is documented below.
outputDevice String
Outgoing interface name.
protocol Number
Protocol number (0 - 255).
seqNum Changes to this property will trigger replacement. Number
Sequence number.
srcNegate String
Enable/disable negating source address match. Valid values: enable, disable.
srcaddrs List<Property Map>
Source address name. The structure of srcaddr block is documented below.
srcs List<Property Map>
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
startPort Number
Start destination port number (0 - 65535).
startSourcePort Number
Start source port number (0 - 65535).
status String
Enable/disable this policy route. Valid values: enable, disable.
tos String
Type of service bit pattern.
tosMask String
Type of service evaluated bits.
vdomparam Changes to this property will trigger replacement. String
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Outputs

All input properties are implicitly available as output properties. Additionally, the Policy resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing Policy Resource

Get an existing Policy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PolicyState, opts?: CustomResourceOptions): Policy
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        action: Optional[str] = None,
        comments: Optional[str] = None,
        dst_negate: Optional[str] = None,
        dstaddrs: Optional[Sequence[PolicyDstaddrArgs]] = None,
        dsts: Optional[Sequence[PolicyDstArgs]] = None,
        dynamic_sort_subtable: Optional[str] = None,
        end_port: Optional[int] = None,
        end_source_port: Optional[int] = None,
        gateway: Optional[str] = None,
        get_all_tables: Optional[str] = None,
        input_device_negate: Optional[str] = None,
        input_devices: Optional[Sequence[PolicyInputDeviceArgs]] = None,
        internet_service_customs: Optional[Sequence[PolicyInternetServiceCustomArgs]] = None,
        internet_service_ids: Optional[Sequence[PolicyInternetServiceIdArgs]] = None,
        output_device: Optional[str] = None,
        protocol: Optional[int] = None,
        seq_num: Optional[int] = None,
        src_negate: Optional[str] = None,
        srcaddrs: Optional[Sequence[PolicySrcaddrArgs]] = None,
        srcs: Optional[Sequence[PolicySrcArgs]] = None,
        start_port: Optional[int] = None,
        start_source_port: Optional[int] = None,
        status: Optional[str] = None,
        tos: Optional[str] = None,
        tos_mask: Optional[str] = None,
        vdomparam: Optional[str] = None) -> Policy
func GetPolicy(ctx *Context, name string, id IDInput, state *PolicyState, opts ...ResourceOption) (*Policy, error)
public static Policy Get(string name, Input<string> id, PolicyState? state, CustomResourceOptions? opts = null)
public static Policy get(String name, Output<String> id, PolicyState state, CustomResourceOptions options)
resources:  _:    type: fortios:router:Policy    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Action string
Action of the policy route. Valid values: deny, permit.
Comments string
Optional comments.
DstNegate string
Enable/disable negating destination address match. Valid values: enable, disable.
Dstaddrs List<Pulumiverse.Fortios.Router.Inputs.PolicyDstaddr>
Destination address name. The structure of dstaddr block is documented below.
Dsts List<Pulumiverse.Fortios.Router.Inputs.PolicyDst>
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
DynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EndPort int
End destination port number (0 - 65535).
EndSourcePort int
End source port number (0 - 65535).
Gateway string
IP address of the gateway.
GetAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
InputDeviceNegate string
Enable/disable negation of input device match. Valid values: enable, disable.
InputDevices List<Pulumiverse.Fortios.Router.Inputs.PolicyInputDevice>
Incoming interface name. The structure of input_device block is documented below.
InternetServiceCustoms List<Pulumiverse.Fortios.Router.Inputs.PolicyInternetServiceCustom>
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
InternetServiceIds List<Pulumiverse.Fortios.Router.Inputs.PolicyInternetServiceId>
Destination Internet Service ID. The structure of internet_service_id block is documented below.
OutputDevice string
Outgoing interface name.
Protocol int
Protocol number (0 - 255).
SeqNum Changes to this property will trigger replacement. int
Sequence number.
SrcNegate string
Enable/disable negating source address match. Valid values: enable, disable.
Srcaddrs List<Pulumiverse.Fortios.Router.Inputs.PolicySrcaddr>
Source address name. The structure of srcaddr block is documented below.
Srcs List<Pulumiverse.Fortios.Router.Inputs.PolicySrc>
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
StartPort int
Start destination port number (0 - 65535).
StartSourcePort int
Start source port number (0 - 65535).
Status string
Enable/disable this policy route. Valid values: enable, disable.
Tos string
Type of service bit pattern.
TosMask string
Type of service evaluated bits.
Vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Action string
Action of the policy route. Valid values: deny, permit.
Comments string
Optional comments.
DstNegate string
Enable/disable negating destination address match. Valid values: enable, disable.
Dstaddrs []PolicyDstaddrArgs
Destination address name. The structure of dstaddr block is documented below.
Dsts []PolicyDstArgs
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
DynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EndPort int
End destination port number (0 - 65535).
EndSourcePort int
End source port number (0 - 65535).
Gateway string
IP address of the gateway.
GetAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
InputDeviceNegate string
Enable/disable negation of input device match. Valid values: enable, disable.
InputDevices []PolicyInputDeviceArgs
Incoming interface name. The structure of input_device block is documented below.
InternetServiceCustoms []PolicyInternetServiceCustomArgs
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
InternetServiceIds []PolicyInternetServiceIdArgs
Destination Internet Service ID. The structure of internet_service_id block is documented below.
OutputDevice string
Outgoing interface name.
Protocol int
Protocol number (0 - 255).
SeqNum Changes to this property will trigger replacement. int
Sequence number.
SrcNegate string
Enable/disable negating source address match. Valid values: enable, disable.
Srcaddrs []PolicySrcaddrArgs
Source address name. The structure of srcaddr block is documented below.
Srcs []PolicySrcArgs
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
StartPort int
Start destination port number (0 - 65535).
StartSourcePort int
Start source port number (0 - 65535).
Status string
Enable/disable this policy route. Valid values: enable, disable.
Tos string
Type of service bit pattern.
TosMask string
Type of service evaluated bits.
Vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
action String
Action of the policy route. Valid values: deny, permit.
comments String
Optional comments.
dstNegate String
Enable/disable negating destination address match. Valid values: enable, disable.
dstaddrs List<PolicyDstaddr>
Destination address name. The structure of dstaddr block is documented below.
dsts List<PolicyDst>
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
dynamicSortSubtable String
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
endPort Integer
End destination port number (0 - 65535).
endSourcePort Integer
End source port number (0 - 65535).
gateway String
IP address of the gateway.
getAllTables String
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
inputDeviceNegate String
Enable/disable negation of input device match. Valid values: enable, disable.
inputDevices List<PolicyInputDevice>
Incoming interface name. The structure of input_device block is documented below.
internetServiceCustoms List<PolicyInternetServiceCustom>
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
internetServiceIds List<PolicyInternetServiceId>
Destination Internet Service ID. The structure of internet_service_id block is documented below.
outputDevice String
Outgoing interface name.
protocol Integer
Protocol number (0 - 255).
seqNum Changes to this property will trigger replacement. Integer
Sequence number.
srcNegate String
Enable/disable negating source address match. Valid values: enable, disable.
srcaddrs List<PolicySrcaddr>
Source address name. The structure of srcaddr block is documented below.
srcs List<PolicySrc>
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
startPort Integer
Start destination port number (0 - 65535).
startSourcePort Integer
Start source port number (0 - 65535).
status String
Enable/disable this policy route. Valid values: enable, disable.
tos String
Type of service bit pattern.
tosMask String
Type of service evaluated bits.
vdomparam Changes to this property will trigger replacement. String
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
action string
Action of the policy route. Valid values: deny, permit.
comments string
Optional comments.
dstNegate string
Enable/disable negating destination address match. Valid values: enable, disable.
dstaddrs PolicyDstaddr[]
Destination address name. The structure of dstaddr block is documented below.
dsts PolicyDst[]
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
dynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
endPort number
End destination port number (0 - 65535).
endSourcePort number
End source port number (0 - 65535).
gateway string
IP address of the gateway.
getAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
inputDeviceNegate string
Enable/disable negation of input device match. Valid values: enable, disable.
inputDevices PolicyInputDevice[]
Incoming interface name. The structure of input_device block is documented below.
internetServiceCustoms PolicyInternetServiceCustom[]
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
internetServiceIds PolicyInternetServiceId[]
Destination Internet Service ID. The structure of internet_service_id block is documented below.
outputDevice string
Outgoing interface name.
protocol number
Protocol number (0 - 255).
seqNum Changes to this property will trigger replacement. number
Sequence number.
srcNegate string
Enable/disable negating source address match. Valid values: enable, disable.
srcaddrs PolicySrcaddr[]
Source address name. The structure of srcaddr block is documented below.
srcs PolicySrc[]
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
startPort number
Start destination port number (0 - 65535).
startSourcePort number
Start source port number (0 - 65535).
status string
Enable/disable this policy route. Valid values: enable, disable.
tos string
Type of service bit pattern.
tosMask string
Type of service evaluated bits.
vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
action str
Action of the policy route. Valid values: deny, permit.
comments str
Optional comments.
dst_negate str
Enable/disable negating destination address match. Valid values: enable, disable.
dstaddrs Sequence[PolicyDstaddrArgs]
Destination address name. The structure of dstaddr block is documented below.
dsts Sequence[PolicyDstArgs]
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
dynamic_sort_subtable str
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
end_port int
End destination port number (0 - 65535).
end_source_port int
End source port number (0 - 65535).
gateway str
IP address of the gateway.
get_all_tables str
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
input_device_negate str
Enable/disable negation of input device match. Valid values: enable, disable.
input_devices Sequence[PolicyInputDeviceArgs]
Incoming interface name. The structure of input_device block is documented below.
internet_service_customs Sequence[PolicyInternetServiceCustomArgs]
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
internet_service_ids Sequence[PolicyInternetServiceIdArgs]
Destination Internet Service ID. The structure of internet_service_id block is documented below.
output_device str
Outgoing interface name.
protocol int
Protocol number (0 - 255).
seq_num Changes to this property will trigger replacement. int
Sequence number.
src_negate str
Enable/disable negating source address match. Valid values: enable, disable.
srcaddrs Sequence[PolicySrcaddrArgs]
Source address name. The structure of srcaddr block is documented below.
srcs Sequence[PolicySrcArgs]
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
start_port int
Start destination port number (0 - 65535).
start_source_port int
Start source port number (0 - 65535).
status str
Enable/disable this policy route. Valid values: enable, disable.
tos str
Type of service bit pattern.
tos_mask str
Type of service evaluated bits.
vdomparam Changes to this property will trigger replacement. str
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
action String
Action of the policy route. Valid values: deny, permit.
comments String
Optional comments.
dstNegate String
Enable/disable negating destination address match. Valid values: enable, disable.
dstaddrs List<Property Map>
Destination address name. The structure of dstaddr block is documented below.
dsts List<Property Map>
Destination IP and mask (x.x.x.x/x). The structure of dst block is documented below.
dynamicSortSubtable String
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
endPort Number
End destination port number (0 - 65535).
endSourcePort Number
End source port number (0 - 65535).
gateway String
IP address of the gateway.
getAllTables String
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
inputDeviceNegate String
Enable/disable negation of input device match. Valid values: enable, disable.
inputDevices List<Property Map>
Incoming interface name. The structure of input_device block is documented below.
internetServiceCustoms List<Property Map>
Custom Destination Internet Service name. The structure of internet_service_custom block is documented below.
internetServiceIds List<Property Map>
Destination Internet Service ID. The structure of internet_service_id block is documented below.
outputDevice String
Outgoing interface name.
protocol Number
Protocol number (0 - 255).
seqNum Changes to this property will trigger replacement. Number
Sequence number.
srcNegate String
Enable/disable negating source address match. Valid values: enable, disable.
srcaddrs List<Property Map>
Source address name. The structure of srcaddr block is documented below.
srcs List<Property Map>
Source IP and mask (x.x.x.x/x). The structure of src block is documented below.
startPort Number
Start destination port number (0 - 65535).
startSourcePort Number
Start source port number (0 - 65535).
status String
Enable/disable this policy route. Valid values: enable, disable.
tos String
Type of service bit pattern.
tosMask String
Type of service evaluated bits.
vdomparam Changes to this property will trigger replacement. String
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Supporting Types

PolicyDst
, PolicyDstArgs

Subnet string
IP and mask.
Subnet string
IP and mask.
subnet String
IP and mask.
subnet string
IP and mask.
subnet str
IP and mask.
subnet String
IP and mask.

PolicyDstaddr
, PolicyDstaddrArgs

Name string
Address/group name.
Name string
Address/group name.
name String
Address/group name.
name string
Address/group name.
name str
Address/group name.
name String
Address/group name.

PolicyInputDevice
, PolicyInputDeviceArgs

Name string
Interface name.
Name string
Interface name.
name String
Interface name.
name string
Interface name.
name str
Interface name.
name String
Interface name.

PolicyInternetServiceCustom
, PolicyInternetServiceCustomArgs

Name string
Custom Destination Internet Service name.
Name string
Custom Destination Internet Service name.
name String
Custom Destination Internet Service name.
name string
Custom Destination Internet Service name.
name str
Custom Destination Internet Service name.
name String
Custom Destination Internet Service name.

PolicyInternetServiceId
, PolicyInternetServiceIdArgs

Id int
Destination Internet Service ID.
Id int
Destination Internet Service ID.
id Integer
Destination Internet Service ID.
id number
Destination Internet Service ID.
id int
Destination Internet Service ID.
id Number
Destination Internet Service ID.

PolicySrc
, PolicySrcArgs

Subnet string
IP and mask.
Subnet string
IP and mask.
subnet String
IP and mask.
subnet string
IP and mask.
subnet str
IP and mask.
subnet String
IP and mask.

PolicySrcaddr
, PolicySrcaddrArgs

Name string
Address/group name.
Name string
Address/group name.
name String
Address/group name.
name string
Address/group name.
name str
Address/group name.
name String
Address/group name.

Import

Router Policy can be imported using any of these accepted formats:

$ pulumi import fortios:router/policy:Policy labelname {{seq_num}}
Copy

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:router/policy:Policy labelname {{seq_num}}
Copy

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
fortios pulumiverse/pulumi-fortios
License
Apache-2.0
Notes
This Pulumi package is based on the fortios Terraform Provider.