Fortios v0.0.5, Apr 9 24

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

fortios.switchcontroller/securitypolicy.Policy8021X

Explore with Pulumi AI

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";

const trname = new fortios.switchcontroller.securitypolicy.Policy8021X("trname", {
    authFailVlan: "disable",
    authFailVlanid: 0,
    eapPassthru: "disable",
    framevidApply: "enable",
    guestAuthDelay: 30,
    guestVlan: "disable",
    guestVlanid: 100,
    macAuthBypass: "disable",
    openAuth: "disable",
    policyType: "802.1X",
    radiusTimeoutOverwrite: "disable",
    securityMode: "802.1X",
    userGroups: [{
        name: "Guest-group",
    }],
});

import pulumi
import pulumiverse_fortios as fortios

trname = fortios.switchcontroller.securitypolicy.Policy8021X("trname",
    auth_fail_vlan="disable",
    auth_fail_vlanid=0,
    eap_passthru="disable",
    framevid_apply="enable",
    guest_auth_delay=30,
    guest_vlan="disable",
    guest_vlanid=100,
    mac_auth_bypass="disable",
    open_auth="disable",
    policy_type="802.1X",
    radius_timeout_overwrite="disable",
    security_mode="802.1X",
    user_groups=[fortios.switchcontroller.securitypolicy.Policy8021XUserGroupArgs(
        name="Guest-group",
    )])

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/switchcontroller"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := switchcontroller.NewPolicy8021X(ctx, "trname", &switchcontroller.Policy8021XArgs{
			AuthFailVlan:           pulumi.String("disable"),
			AuthFailVlanid:         pulumi.Int(0),
			EapPassthru:            pulumi.String("disable"),
			FramevidApply:          pulumi.String("enable"),
			GuestAuthDelay:         pulumi.Int(30),
			GuestVlan:              pulumi.String("disable"),
			GuestVlanid:            pulumi.Int(100),
			MacAuthBypass:          pulumi.String("disable"),
			OpenAuth:               pulumi.String("disable"),
			PolicyType:             pulumi.String("802.1X"),
			RadiusTimeoutOverwrite: pulumi.String("disable"),
			SecurityMode:           pulumi.String("802.1X"),
			UserGroups: securitypolicy.Policy8021XUserGroupArray{
				&securitypolicy.Policy8021XUserGroupArgs{
					Name: pulumi.String("Guest-group"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortios.Switchcontroller.Securitypolicy.Policy8021X("trname", new()
    {
        AuthFailVlan = "disable",
        AuthFailVlanid = 0,
        EapPassthru = "disable",
        FramevidApply = "enable",
        GuestAuthDelay = 30,
        GuestVlan = "disable",
        GuestVlanid = 100,
        MacAuthBypass = "disable",
        OpenAuth = "disable",
        PolicyType = "802.1X",
        RadiusTimeoutOverwrite = "disable",
        SecurityMode = "802.1X",
        UserGroups = new[]
        {
            new Fortios.Switchcontroller.Securitypolicy.Inputs.Policy8021XUserGroupArgs
            {
                Name = "Guest-group",
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.switchcontroller.Policy8021X;
import com.pulumi.fortios.switchcontroller.Policy8021XArgs;
import com.pulumi.fortios.switchcontroller.inputs.Policy8021XUserGroupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new Policy8021X("trname", Policy8021XArgs.builder()        
            .authFailVlan("disable")
            .authFailVlanid(0)
            .eapPassthru("disable")
            .framevidApply("enable")
            .guestAuthDelay(30)
            .guestVlan("disable")
            .guestVlanid(100)
            .macAuthBypass("disable")
            .openAuth("disable")
            .policyType("802.1X")
            .radiusTimeoutOverwrite("disable")
            .securityMode("802.1X")
            .userGroups(Policy8021XUserGroupArgs.builder()
                .name("Guest-group")
                .build())
            .build());

    }
}

resources:
  trname:
    type: fortios:switchcontroller/securitypolicy:Policy8021X
    properties:
      authFailVlan: disable
      authFailVlanid: 0
      eapPassthru: disable
      framevidApply: enable
      guestAuthDelay: 30
      guestVlan: disable
      guestVlanid: 100
      macAuthBypass: disable
      openAuth: disable
      policyType: 802.1X
      radiusTimeoutOverwrite: disable
      securityMode: 802.1X
      userGroups:
        - name: Guest-group

Create Policy8021X Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Policy8021X(name: string, args?: Policy8021XArgs, opts?: CustomResourceOptions);

@overload
def Policy8021X(resource_name: str,
                args: Optional[Policy8021XArgs] = None,
                opts: Optional[ResourceOptions] = None)

@overload
def Policy8021X(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                auth_fail_vlan: Optional[str] = None,
                auth_fail_vlan_id: Optional[str] = None,
                auth_fail_vlanid: Optional[int] = None,
                authserver_timeout_period: Optional[int] = None,
                authserver_timeout_vlan: Optional[str] = None,
                authserver_timeout_vlanid: Optional[str] = None,
                dynamic_sort_subtable: Optional[str] = None,
                eap_auto_untagged_vlans: Optional[str] = None,
                eap_passthru: Optional[str] = None,
                framevid_apply: Optional[str] = None,
                get_all_tables: Optional[str] = None,
                guest_auth_delay: Optional[int] = None,
                guest_vlan: Optional[str] = None,
                guest_vlan_id: Optional[str] = None,
                guest_vlanid: Optional[int] = None,
                mac_auth_bypass: Optional[str] = None,
                name: Optional[str] = None,
                open_auth: Optional[str] = None,
                policy_type: Optional[str] = None,
                radius_timeout_overwrite: Optional[str] = None,
                security_mode: Optional[str] = None,
                user_groups: Optional[Sequence[Policy8021XUserGroupArgs]] = None,
                vdomparam: Optional[str] = None)

func NewPolicy8021X(ctx *Context, name string, args *Policy8021XArgs, opts ...ResourceOption) (*Policy8021X, error)

public Policy8021X(string name, Policy8021XArgs? args = null, CustomResourceOptions? opts = null)

public Policy8021X(String name, Policy8021XArgs args)
public Policy8021X(String name, Policy8021XArgs args, CustomResourceOptions options)

type: fortios:switchcontroller/securitypolicy/policy8021X:Policy8021X
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args Policy8021XArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args Policy8021XArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args Policy8021XArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args Policy8021XArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args Policy8021XArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Policy8021X Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Policy8021X resource accepts the following input properties:

AuthFailVlan string: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
AuthFailVlanId string: VLAN ID on which authentication failed.
AuthFailVlanid int: VLAN ID on which authentication failed.
AuthserverTimeoutPeriod int: Authentication server timeout period (3 - 15 sec, default = 3).
AuthserverTimeoutVlan string: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
AuthserverTimeoutVlanid string: Authentication server timeout VLAN name.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EapAutoUntaggedVlans string: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
EapPassthru string: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
FramevidApply string: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
GuestAuthDelay int: Guest authentication delay (1 - 900 sec, default = 30).
GuestVlan string: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
GuestVlanId string: Guest VLAN name.
GuestVlanid int: Guest VLAN ID.
MacAuthBypass string: Enable/disable MAB for this policy. Valid values: disable, enable.
Name string: Policy name.
OpenAuth string: Enable/disable open authentication for this policy. Valid values: disable, enable.
PolicyType string: Policy type. Valid values: 802.1X.
RadiusTimeoutOverwrite string: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
SecurityMode string: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
UserGroups List<Pulumiverse.Fortios.Switchcontroller.Securitypolicy.Inputs.Policy8021XUserGroup>: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

AuthFailVlan string: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
AuthFailVlanId string: VLAN ID on which authentication failed.
AuthFailVlanid int: VLAN ID on which authentication failed.
AuthserverTimeoutPeriod int: Authentication server timeout period (3 - 15 sec, default = 3).
AuthserverTimeoutVlan string: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
AuthserverTimeoutVlanid string: Authentication server timeout VLAN name.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EapAutoUntaggedVlans string: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
EapPassthru string: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
FramevidApply string: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
GuestAuthDelay int: Guest authentication delay (1 - 900 sec, default = 30).
GuestVlan string: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
GuestVlanId string: Guest VLAN name.
GuestVlanid int: Guest VLAN ID.
MacAuthBypass string: Enable/disable MAB for this policy. Valid values: disable, enable.
Name string: Policy name.
OpenAuth string: Enable/disable open authentication for this policy. Valid values: disable, enable.
PolicyType string: Policy type. Valid values: 802.1X.
RadiusTimeoutOverwrite string: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
SecurityMode string: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
UserGroups []Policy8021XUserGroupArgs: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authFailVlan String: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
authFailVlanId String: VLAN ID on which authentication failed.
authFailVlanid Integer: VLAN ID on which authentication failed.
authserverTimeoutPeriod Integer: Authentication server timeout period (3 - 15 sec, default = 3).
authserverTimeoutVlan String: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
authserverTimeoutVlanid String: Authentication server timeout VLAN name.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
eapAutoUntaggedVlans String: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
eapPassthru String: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
framevidApply String: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
guestAuthDelay Integer: Guest authentication delay (1 - 900 sec, default = 30).
guestVlan String: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
guestVlanId String: Guest VLAN name.
guestVlanid Integer: Guest VLAN ID.
macAuthBypass String: Enable/disable MAB for this policy. Valid values: disable, enable.
name String: Policy name.
openAuth String: Enable/disable open authentication for this policy. Valid values: disable, enable.
policyType String: Policy type. Valid values: 802.1X.
radiusTimeoutOverwrite String: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
securityMode String: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
userGroups List<Policy8021XUserGroup>: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authFailVlan string: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
authFailVlanId string: VLAN ID on which authentication failed.
authFailVlanid number: VLAN ID on which authentication failed.
authserverTimeoutPeriod number: Authentication server timeout period (3 - 15 sec, default = 3).
authserverTimeoutVlan string: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
authserverTimeoutVlanid string: Authentication server timeout VLAN name.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
eapAutoUntaggedVlans string: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
eapPassthru string: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
framevidApply string: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
guestAuthDelay number: Guest authentication delay (1 - 900 sec, default = 30).
guestVlan string: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
guestVlanId string: Guest VLAN name.
guestVlanid number: Guest VLAN ID.
macAuthBypass string: Enable/disable MAB for this policy. Valid values: disable, enable.
name string: Policy name.
openAuth string: Enable/disable open authentication for this policy. Valid values: disable, enable.
policyType string: Policy type. Valid values: 802.1X.
radiusTimeoutOverwrite string: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
securityMode string: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
userGroups Policy8021XUserGroup[]: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

auth_fail_vlan str: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
auth_fail_vlan_id str: VLAN ID on which authentication failed.
auth_fail_vlanid int: VLAN ID on which authentication failed.
authserver_timeout_period int: Authentication server timeout period (3 - 15 sec, default = 3).
authserver_timeout_vlan str: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
authserver_timeout_vlanid str: Authentication server timeout VLAN name.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
eap_auto_untagged_vlans str: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
eap_passthru str: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
framevid_apply str: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
guest_auth_delay int: Guest authentication delay (1 - 900 sec, default = 30).
guest_vlan str: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
guest_vlan_id str: Guest VLAN name.
guest_vlanid int: Guest VLAN ID.
mac_auth_bypass str: Enable/disable MAB for this policy. Valid values: disable, enable.
name str: Policy name.
open_auth str: Enable/disable open authentication for this policy. Valid values: disable, enable.
policy_type str: Policy type. Valid values: 802.1X.
radius_timeout_overwrite str: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
security_mode str: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
user_groups Sequence[Policy8021XUserGroupArgs]: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authFailVlan String: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
authFailVlanId String: VLAN ID on which authentication failed.
authFailVlanid Number: VLAN ID on which authentication failed.
authserverTimeoutPeriod Number: Authentication server timeout period (3 - 15 sec, default = 3).
authserverTimeoutVlan String: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
authserverTimeoutVlanid String: Authentication server timeout VLAN name.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
eapAutoUntaggedVlans String: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
eapPassthru String: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
framevidApply String: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
guestAuthDelay Number: Guest authentication delay (1 - 900 sec, default = 30).
guestVlan String: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
guestVlanId String: Guest VLAN name.
guestVlanid Number: Guest VLAN ID.
macAuthBypass String: Enable/disable MAB for this policy. Valid values: disable, enable.
name String: Policy name.
openAuth String: Enable/disable open authentication for this policy. Valid values: disable, enable.
policyType String: Policy type. Valid values: 802.1X.
radiusTimeoutOverwrite String: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
securityMode String: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
userGroups List<Property Map>: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Outputs

All input properties are implicitly available as output properties. Additionally, the Policy8021X resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Policy8021X Resource

Get an existing Policy8021X resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: Policy8021XState, opts?: CustomResourceOptions): Policy8021X

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        auth_fail_vlan: Optional[str] = None,
        auth_fail_vlan_id: Optional[str] = None,
        auth_fail_vlanid: Optional[int] = None,
        authserver_timeout_period: Optional[int] = None,
        authserver_timeout_vlan: Optional[str] = None,
        authserver_timeout_vlanid: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        eap_auto_untagged_vlans: Optional[str] = None,
        eap_passthru: Optional[str] = None,
        framevid_apply: Optional[str] = None,
        get_all_tables: Optional[str] = None,
        guest_auth_delay: Optional[int] = None,
        guest_vlan: Optional[str] = None,
        guest_vlan_id: Optional[str] = None,
        guest_vlanid: Optional[int] = None,
        mac_auth_bypass: Optional[str] = None,
        name: Optional[str] = None,
        open_auth: Optional[str] = None,
        policy_type: Optional[str] = None,
        radius_timeout_overwrite: Optional[str] = None,
        security_mode: Optional[str] = None,
        user_groups: Optional[Sequence[Policy8021XUserGroupArgs]] = None,
        vdomparam: Optional[str] = None) -> Policy8021X

func GetPolicy8021X(ctx *Context, name string, id IDInput, state *Policy8021XState, opts ...ResourceOption) (*Policy8021X, error)

public static Policy8021X Get(string name, Input<string> id, Policy8021XState? state, CustomResourceOptions? opts = null)

public static Policy8021X get(String name, Output<String> id, Policy8021XState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AuthFailVlan string: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
AuthFailVlanId string: VLAN ID on which authentication failed.
AuthFailVlanid int: VLAN ID on which authentication failed.
AuthserverTimeoutPeriod int: Authentication server timeout period (3 - 15 sec, default = 3).
AuthserverTimeoutVlan string: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
AuthserverTimeoutVlanid string: Authentication server timeout VLAN name.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EapAutoUntaggedVlans string: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
EapPassthru string: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
FramevidApply string: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
GuestAuthDelay int: Guest authentication delay (1 - 900 sec, default = 30).
GuestVlan string: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
GuestVlanId string: Guest VLAN name.
GuestVlanid int: Guest VLAN ID.
MacAuthBypass string: Enable/disable MAB for this policy. Valid values: disable, enable.
Name string: Policy name.
OpenAuth string: Enable/disable open authentication for this policy. Valid values: disable, enable.
PolicyType string: Policy type. Valid values: 802.1X.
RadiusTimeoutOverwrite string: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
SecurityMode string: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
UserGroups List<Pulumiverse.Fortios.Switchcontroller.Securitypolicy.Inputs.Policy8021XUserGroup>: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

AuthFailVlan string: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
AuthFailVlanId string: VLAN ID on which authentication failed.
AuthFailVlanid int: VLAN ID on which authentication failed.
AuthserverTimeoutPeriod int: Authentication server timeout period (3 - 15 sec, default = 3).
AuthserverTimeoutVlan string: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
AuthserverTimeoutVlanid string: Authentication server timeout VLAN name.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
EapAutoUntaggedVlans string: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
EapPassthru string: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
FramevidApply string: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
GuestAuthDelay int: Guest authentication delay (1 - 900 sec, default = 30).
GuestVlan string: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
GuestVlanId string: Guest VLAN name.
GuestVlanid int: Guest VLAN ID.
MacAuthBypass string: Enable/disable MAB for this policy. Valid values: disable, enable.
Name string: Policy name.
OpenAuth string: Enable/disable open authentication for this policy. Valid values: disable, enable.
PolicyType string: Policy type. Valid values: 802.1X.
RadiusTimeoutOverwrite string: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
SecurityMode string: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
UserGroups []Policy8021XUserGroupArgs: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authFailVlan String: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
authFailVlanId String: VLAN ID on which authentication failed.
authFailVlanid Integer: VLAN ID on which authentication failed.
authserverTimeoutPeriod Integer: Authentication server timeout period (3 - 15 sec, default = 3).
authserverTimeoutVlan String: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
authserverTimeoutVlanid String: Authentication server timeout VLAN name.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
eapAutoUntaggedVlans String: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
eapPassthru String: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
framevidApply String: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
guestAuthDelay Integer: Guest authentication delay (1 - 900 sec, default = 30).
guestVlan String: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
guestVlanId String: Guest VLAN name.
guestVlanid Integer: Guest VLAN ID.
macAuthBypass String: Enable/disable MAB for this policy. Valid values: disable, enable.
name String: Policy name.
openAuth String: Enable/disable open authentication for this policy. Valid values: disable, enable.
policyType String: Policy type. Valid values: 802.1X.
radiusTimeoutOverwrite String: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
securityMode String: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
userGroups List<Policy8021XUserGroup>: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authFailVlan string: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
authFailVlanId string: VLAN ID on which authentication failed.
authFailVlanid number: VLAN ID on which authentication failed.
authserverTimeoutPeriod number: Authentication server timeout period (3 - 15 sec, default = 3).
authserverTimeoutVlan string: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
authserverTimeoutVlanid string: Authentication server timeout VLAN name.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
eapAutoUntaggedVlans string: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
eapPassthru string: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
framevidApply string: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
guestAuthDelay number: Guest authentication delay (1 - 900 sec, default = 30).
guestVlan string: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
guestVlanId string: Guest VLAN name.
guestVlanid number: Guest VLAN ID.
macAuthBypass string: Enable/disable MAB for this policy. Valid values: disable, enable.
name string: Policy name.
openAuth string: Enable/disable open authentication for this policy. Valid values: disable, enable.
policyType string: Policy type. Valid values: 802.1X.
radiusTimeoutOverwrite string: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
securityMode string: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
userGroups Policy8021XUserGroup[]: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

auth_fail_vlan str: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
auth_fail_vlan_id str: VLAN ID on which authentication failed.
auth_fail_vlanid int: VLAN ID on which authentication failed.
authserver_timeout_period int: Authentication server timeout period (3 - 15 sec, default = 3).
authserver_timeout_vlan str: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
authserver_timeout_vlanid str: Authentication server timeout VLAN name.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
eap_auto_untagged_vlans str: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
eap_passthru str: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
framevid_apply str: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
guest_auth_delay int: Guest authentication delay (1 - 900 sec, default = 30).
guest_vlan str: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
guest_vlan_id str: Guest VLAN name.
guest_vlanid int: Guest VLAN ID.
mac_auth_bypass str: Enable/disable MAB for this policy. Valid values: disable, enable.
name str: Policy name.
open_auth str: Enable/disable open authentication for this policy. Valid values: disable, enable.
policy_type str: Policy type. Valid values: 802.1X.
radius_timeout_overwrite str: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
security_mode str: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
user_groups Sequence[Policy8021XUserGroupArgs]: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authFailVlan String: Enable to allow limited access to clients that cannot authenticate. Valid values: disable, enable.
authFailVlanId String: VLAN ID on which authentication failed.
authFailVlanid Number: VLAN ID on which authentication failed.
authserverTimeoutPeriod Number: Authentication server timeout period (3 - 15 sec, default = 3).
authserverTimeoutVlan String: Enable/disable the authentication server timeout VLAN to allow limited access when RADIUS is unavailable. Valid values: disable, enable.
authserverTimeoutVlanid String: Authentication server timeout VLAN name.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
eapAutoUntaggedVlans String: Enable/disable automatic inclusion of untagged VLANs. Valid values: disable, enable.
eapPassthru String: Enable/disable EAP pass-through mode, allowing protocols (such as LLDP) to pass through ports for more flexible authentication. Valid values: disable, enable.
framevidApply String: Enable/disable the capability to apply the EAP/MAB frame VLAN to the port native VLAN. Valid values: disable, enable.
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
guestAuthDelay Number: Guest authentication delay (1 - 900 sec, default = 30).
guestVlan String: Enable the guest VLAN feature to allow limited access to non-802.1X-compliant clients. Valid values: disable, enable.
guestVlanId String: Guest VLAN name.
guestVlanid Number: Guest VLAN ID.
macAuthBypass String: Enable/disable MAB for this policy. Valid values: disable, enable.
name String: Policy name.
openAuth String: Enable/disable open authentication for this policy. Valid values: disable, enable.
policyType String: Policy type. Valid values: 802.1X.
radiusTimeoutOverwrite String: Enable to override the global RADIUS session timeout. Valid values: disable, enable.
securityMode String: Port or MAC based 802.1X security mode. Valid values: 802.1X, 802.1X-mac-based.
userGroups List<Property Map>: Name of user-group to assign to this MAC Authentication Bypass (MAB) policy. The structure of user_group block is documented below.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Supporting Types

Policy8021XUserGroup, Policy8021XUserGroupArgs

Name string: Group name.

Name string: Group name.

name String: Group name.

name string: Group name.

name str: Group name.

name String: Group name.

Import

SwitchControllerSecurityPolicy 8021X can be imported using any of these accepted formats:

$ pulumi import fortios:switchcontroller/securitypolicy/policy8021X:Policy8021X labelname {{name}}

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:switchcontroller/securitypolicy/policy8021X:Policy8021X labelname {{name}}

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortios pulumiverse/pulumi-fortios
License: Apache-2.0
Notes: This Pulumi package is based on the fortios Terraform Provider.

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

pulumiverse/pulumi-fortios

fortios.switchcontroller/securitypolicy.Policy8021X

On this page

On this page

Example Usage

Create Policy8021X Resource

Constructor syntax

Parameters

Policy8021X Resource Properties

Inputs

Outputs

Look up Existing Policy8021X Resource

Supporting Types

Policy8021XUserGroup, Policy8021XUserGroupArgs

Import

Package Details

On this page

On this page