Fortios v0.0.5, Apr 9 24

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

fortios.user.Setting

Explore with Pulumi AI

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";

const trname = new fortios.user.Setting("trname", {
    authBlackoutTime: 0,
    authCert: "Fortinet_Factory",
    authHttpBasic: "disable",
    authInvalidMax: 5,
    authLockoutDuration: 0,
    authLockoutThreshold: 3,
    authOnDemand: "implicitly",
    authPortalTimeout: 3,
    authSecureHttp: "disable",
    authSrcMac: "enable",
    authSslAllowRenegotiation: "disable",
    authTimeout: 5,
    authTimeoutType: "idle-timeout",
    authType: "http https ftp telnet",
    radiusSesTimeoutAct: "hard-timeout",
});

import pulumi
import pulumiverse_fortios as fortios

trname = fortios.user.Setting("trname",
    auth_blackout_time=0,
    auth_cert="Fortinet_Factory",
    auth_http_basic="disable",
    auth_invalid_max=5,
    auth_lockout_duration=0,
    auth_lockout_threshold=3,
    auth_on_demand="implicitly",
    auth_portal_timeout=3,
    auth_secure_http="disable",
    auth_src_mac="enable",
    auth_ssl_allow_renegotiation="disable",
    auth_timeout=5,
    auth_timeout_type="idle-timeout",
    auth_type="http https ftp telnet",
    radius_ses_timeout_act="hard-timeout")

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/user"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := user.NewSetting(ctx, "trname", &user.SettingArgs{
			AuthBlackoutTime:          pulumi.Int(0),
			AuthCert:                  pulumi.String("Fortinet_Factory"),
			AuthHttpBasic:             pulumi.String("disable"),
			AuthInvalidMax:            pulumi.Int(5),
			AuthLockoutDuration:       pulumi.Int(0),
			AuthLockoutThreshold:      pulumi.Int(3),
			AuthOnDemand:              pulumi.String("implicitly"),
			AuthPortalTimeout:         pulumi.Int(3),
			AuthSecureHttp:            pulumi.String("disable"),
			AuthSrcMac:                pulumi.String("enable"),
			AuthSslAllowRenegotiation: pulumi.String("disable"),
			AuthTimeout:               pulumi.Int(5),
			AuthTimeoutType:           pulumi.String("idle-timeout"),
			AuthType:                  pulumi.String("http https ftp telnet"),
			RadiusSesTimeoutAct:       pulumi.String("hard-timeout"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortios.User.Setting("trname", new()
    {
        AuthBlackoutTime = 0,
        AuthCert = "Fortinet_Factory",
        AuthHttpBasic = "disable",
        AuthInvalidMax = 5,
        AuthLockoutDuration = 0,
        AuthLockoutThreshold = 3,
        AuthOnDemand = "implicitly",
        AuthPortalTimeout = 3,
        AuthSecureHttp = "disable",
        AuthSrcMac = "enable",
        AuthSslAllowRenegotiation = "disable",
        AuthTimeout = 5,
        AuthTimeoutType = "idle-timeout",
        AuthType = "http https ftp telnet",
        RadiusSesTimeoutAct = "hard-timeout",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.user.Setting;
import com.pulumi.fortios.user.SettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new Setting("trname", SettingArgs.builder()        
            .authBlackoutTime(0)
            .authCert("Fortinet_Factory")
            .authHttpBasic("disable")
            .authInvalidMax(5)
            .authLockoutDuration(0)
            .authLockoutThreshold(3)
            .authOnDemand("implicitly")
            .authPortalTimeout(3)
            .authSecureHttp("disable")
            .authSrcMac("enable")
            .authSslAllowRenegotiation("disable")
            .authTimeout(5)
            .authTimeoutType("idle-timeout")
            .authType("http https ftp telnet")
            .radiusSesTimeoutAct("hard-timeout")
            .build());

    }
}

resources:
  trname:
    type: fortios:user:Setting
    properties:
      authBlackoutTime: 0
      authCert: Fortinet_Factory
      authHttpBasic: disable
      authInvalidMax: 5
      authLockoutDuration: 0
      authLockoutThreshold: 3
      authOnDemand: implicitly
      authPortalTimeout: 3
      authSecureHttp: disable
      authSrcMac: enable
      authSslAllowRenegotiation: disable
      authTimeout: 5
      authTimeoutType: idle-timeout
      authType: http https ftp telnet
      radiusSesTimeoutAct: hard-timeout

Create Setting Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Setting(name: string, args?: SettingArgs, opts?: CustomResourceOptions);

@overload
def Setting(resource_name: str,
            args: Optional[SettingArgs] = None,
            opts: Optional[ResourceOptions] = None)

@overload
def Setting(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            auth_blackout_time: Optional[int] = None,
            auth_ca_cert: Optional[str] = None,
            auth_cert: Optional[str] = None,
            auth_http_basic: Optional[str] = None,
            auth_invalid_max: Optional[int] = None,
            auth_lockout_duration: Optional[int] = None,
            auth_lockout_threshold: Optional[int] = None,
            auth_on_demand: Optional[str] = None,
            auth_portal_timeout: Optional[int] = None,
            auth_ports: Optional[Sequence[SettingAuthPortArgs]] = None,
            auth_secure_http: Optional[str] = None,
            auth_src_mac: Optional[str] = None,
            auth_ssl_allow_renegotiation: Optional[str] = None,
            auth_ssl_max_proto_version: Optional[str] = None,
            auth_ssl_min_proto_version: Optional[str] = None,
            auth_ssl_sigalgs: Optional[str] = None,
            auth_timeout: Optional[int] = None,
            auth_timeout_type: Optional[str] = None,
            auth_type: Optional[str] = None,
            default_user_password_policy: Optional[str] = None,
            dynamic_sort_subtable: Optional[str] = None,
            get_all_tables: Optional[str] = None,
            per_policy_disclaimer: Optional[str] = None,
            radius_ses_timeout_act: Optional[str] = None,
            vdomparam: Optional[str] = None)

func NewSetting(ctx *Context, name string, args *SettingArgs, opts ...ResourceOption) (*Setting, error)

public Setting(string name, SettingArgs? args = null, CustomResourceOptions? opts = null)

public Setting(String name, SettingArgs args)
public Setting(String name, SettingArgs args, CustomResourceOptions options)

type: fortios:user:Setting
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SettingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SettingArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SettingArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SettingArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SettingArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var examplesettingResourceResourceFromUsersetting = new Fortios.User.Setting("examplesettingResourceResourceFromUsersetting", new()
{
    AuthBlackoutTime = 0,
    AuthCaCert = "string",
    AuthCert = "string",
    AuthHttpBasic = "string",
    AuthInvalidMax = 0,
    AuthLockoutDuration = 0,
    AuthLockoutThreshold = 0,
    AuthOnDemand = "string",
    AuthPortalTimeout = 0,
    AuthPorts = new[]
    {
        new Fortios.User.Inputs.SettingAuthPortArgs
        {
            Id = 0,
            Port = 0,
            Type = "string",
        },
    },
    AuthSecureHttp = "string",
    AuthSrcMac = "string",
    AuthSslAllowRenegotiation = "string",
    AuthSslMaxProtoVersion = "string",
    AuthSslMinProtoVersion = "string",
    AuthSslSigalgs = "string",
    AuthTimeout = 0,
    AuthTimeoutType = "string",
    AuthType = "string",
    DefaultUserPasswordPolicy = "string",
    DynamicSortSubtable = "string",
    GetAllTables = "string",
    PerPolicyDisclaimer = "string",
    RadiusSesTimeoutAct = "string",
    Vdomparam = "string",
});

example, err := user.NewSetting(ctx, "examplesettingResourceResourceFromUsersetting", &user.SettingArgs{
	AuthBlackoutTime:     pulumi.Int(0),
	AuthCaCert:           pulumi.String("string"),
	AuthCert:             pulumi.String("string"),
	AuthHttpBasic:        pulumi.String("string"),
	AuthInvalidMax:       pulumi.Int(0),
	AuthLockoutDuration:  pulumi.Int(0),
	AuthLockoutThreshold: pulumi.Int(0),
	AuthOnDemand:         pulumi.String("string"),
	AuthPortalTimeout:    pulumi.Int(0),
	AuthPorts: user.SettingAuthPortArray{
		&user.SettingAuthPortArgs{
			Id:   pulumi.Int(0),
			Port: pulumi.Int(0),
			Type: pulumi.String("string"),
		},
	},
	AuthSecureHttp:            pulumi.String("string"),
	AuthSrcMac:                pulumi.String("string"),
	AuthSslAllowRenegotiation: pulumi.String("string"),
	AuthSslMaxProtoVersion:    pulumi.String("string"),
	AuthSslMinProtoVersion:    pulumi.String("string"),
	AuthSslSigalgs:            pulumi.String("string"),
	AuthTimeout:               pulumi.Int(0),
	AuthTimeoutType:           pulumi.String("string"),
	AuthType:                  pulumi.String("string"),
	DefaultUserPasswordPolicy: pulumi.String("string"),
	DynamicSortSubtable:       pulumi.String("string"),
	GetAllTables:              pulumi.String("string"),
	PerPolicyDisclaimer:       pulumi.String("string"),
	RadiusSesTimeoutAct:       pulumi.String("string"),
	Vdomparam:                 pulumi.String("string"),
})

var examplesettingResourceResourceFromUsersetting = new Setting("examplesettingResourceResourceFromUsersetting", SettingArgs.builder()
    .authBlackoutTime(0)
    .authCaCert("string")
    .authCert("string")
    .authHttpBasic("string")
    .authInvalidMax(0)
    .authLockoutDuration(0)
    .authLockoutThreshold(0)
    .authOnDemand("string")
    .authPortalTimeout(0)
    .authPorts(SettingAuthPortArgs.builder()
        .id(0)
        .port(0)
        .type("string")
        .build())
    .authSecureHttp("string")
    .authSrcMac("string")
    .authSslAllowRenegotiation("string")
    .authSslMaxProtoVersion("string")
    .authSslMinProtoVersion("string")
    .authSslSigalgs("string")
    .authTimeout(0)
    .authTimeoutType("string")
    .authType("string")
    .defaultUserPasswordPolicy("string")
    .dynamicSortSubtable("string")
    .getAllTables("string")
    .perPolicyDisclaimer("string")
    .radiusSesTimeoutAct("string")
    .vdomparam("string")
    .build());

examplesetting_resource_resource_from_usersetting = fortios.user.Setting("examplesettingResourceResourceFromUsersetting",
    auth_blackout_time=0,
    auth_ca_cert="string",
    auth_cert="string",
    auth_http_basic="string",
    auth_invalid_max=0,
    auth_lockout_duration=0,
    auth_lockout_threshold=0,
    auth_on_demand="string",
    auth_portal_timeout=0,
    auth_ports=[fortios.user.SettingAuthPortArgs(
        id=0,
        port=0,
        type="string",
    )],
    auth_secure_http="string",
    auth_src_mac="string",
    auth_ssl_allow_renegotiation="string",
    auth_ssl_max_proto_version="string",
    auth_ssl_min_proto_version="string",
    auth_ssl_sigalgs="string",
    auth_timeout=0,
    auth_timeout_type="string",
    auth_type="string",
    default_user_password_policy="string",
    dynamic_sort_subtable="string",
    get_all_tables="string",
    per_policy_disclaimer="string",
    radius_ses_timeout_act="string",
    vdomparam="string")

const examplesettingResourceResourceFromUsersetting = new fortios.user.Setting("examplesettingResourceResourceFromUsersetting", {
    authBlackoutTime: 0,
    authCaCert: "string",
    authCert: "string",
    authHttpBasic: "string",
    authInvalidMax: 0,
    authLockoutDuration: 0,
    authLockoutThreshold: 0,
    authOnDemand: "string",
    authPortalTimeout: 0,
    authPorts: [{
        id: 0,
        port: 0,
        type: "string",
    }],
    authSecureHttp: "string",
    authSrcMac: "string",
    authSslAllowRenegotiation: "string",
    authSslMaxProtoVersion: "string",
    authSslMinProtoVersion: "string",
    authSslSigalgs: "string",
    authTimeout: 0,
    authTimeoutType: "string",
    authType: "string",
    defaultUserPasswordPolicy: "string",
    dynamicSortSubtable: "string",
    getAllTables: "string",
    perPolicyDisclaimer: "string",
    radiusSesTimeoutAct: "string",
    vdomparam: "string",
});

type: fortios:user:Setting
properties:
    authBlackoutTime: 0
    authCaCert: string
    authCert: string
    authHttpBasic: string
    authInvalidMax: 0
    authLockoutDuration: 0
    authLockoutThreshold: 0
    authOnDemand: string
    authPortalTimeout: 0
    authPorts:
        - id: 0
          port: 0
          type: string
    authSecureHttp: string
    authSrcMac: string
    authSslAllowRenegotiation: string
    authSslMaxProtoVersion: string
    authSslMinProtoVersion: string
    authSslSigalgs: string
    authTimeout: 0
    authTimeoutType: string
    authType: string
    defaultUserPasswordPolicy: string
    dynamicSortSubtable: string
    getAllTables: string
    perPolicyDisclaimer: string
    radiusSesTimeoutAct: string
    vdomparam: string

Setting Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Setting resource accepts the following input properties:

AuthBlackoutTime int: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
AuthCaCert string: HTTPS CA certificate for policy authentication.
AuthCert string: HTTPS server certificate for policy authentication.
AuthHttpBasic string: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
AuthInvalidMax int: Maximum number of failed authentication attempts before the user is blocked.
AuthLockoutDuration int: Lockout period in seconds after too many login failures.
AuthLockoutThreshold int: Maximum number of failed login attempts before login lockout is triggered.
AuthOnDemand string: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
AuthPortalTimeout int: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
AuthPorts List<Pulumiverse.Fortios.User.Inputs.SettingAuthPort>: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
AuthSecureHttp string: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
AuthSrcMac string: Enable/disable source MAC for user identity. Valid values: enable, disable.
AuthSslAllowRenegotiation string: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
AuthSslMaxProtoVersion string: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
AuthSslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
AuthSslSigalgs string: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
AuthTimeout int: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
AuthTimeoutType string: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
AuthType string: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
DefaultUserPasswordPolicy string: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
PerPolicyDisclaimer string: Enable/disable per policy disclaimer. Valid values: enable, disable.
RadiusSesTimeoutAct string: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

AuthBlackoutTime int: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
AuthCaCert string: HTTPS CA certificate for policy authentication.
AuthCert string: HTTPS server certificate for policy authentication.
AuthHttpBasic string: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
AuthInvalidMax int: Maximum number of failed authentication attempts before the user is blocked.
AuthLockoutDuration int: Lockout period in seconds after too many login failures.
AuthLockoutThreshold int: Maximum number of failed login attempts before login lockout is triggered.
AuthOnDemand string: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
AuthPortalTimeout int: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
AuthPorts []SettingAuthPortArgs: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
AuthSecureHttp string: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
AuthSrcMac string: Enable/disable source MAC for user identity. Valid values: enable, disable.
AuthSslAllowRenegotiation string: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
AuthSslMaxProtoVersion string: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
AuthSslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
AuthSslSigalgs string: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
AuthTimeout int: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
AuthTimeoutType string: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
AuthType string: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
DefaultUserPasswordPolicy string: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
PerPolicyDisclaimer string: Enable/disable per policy disclaimer. Valid values: enable, disable.
RadiusSesTimeoutAct string: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authBlackoutTime Integer: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
authCaCert String: HTTPS CA certificate for policy authentication.
authCert String: HTTPS server certificate for policy authentication.
authHttpBasic String: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
authInvalidMax Integer: Maximum number of failed authentication attempts before the user is blocked.
authLockoutDuration Integer: Lockout period in seconds after too many login failures.
authLockoutThreshold Integer: Maximum number of failed login attempts before login lockout is triggered.
authOnDemand String: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
authPortalTimeout Integer: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
authPorts List<SettingAuthPort>: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
authSecureHttp String: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
authSrcMac String: Enable/disable source MAC for user identity. Valid values: enable, disable.
authSslAllowRenegotiation String: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
authSslMaxProtoVersion String: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
authSslMinProtoVersion String: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
authSslSigalgs String: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
authTimeout Integer: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
authTimeoutType String: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
authType String: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
defaultUserPasswordPolicy String: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
perPolicyDisclaimer String: Enable/disable per policy disclaimer. Valid values: enable, disable.
radiusSesTimeoutAct String: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authBlackoutTime number: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
authCaCert string: HTTPS CA certificate for policy authentication.
authCert string: HTTPS server certificate for policy authentication.
authHttpBasic string: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
authInvalidMax number: Maximum number of failed authentication attempts before the user is blocked.
authLockoutDuration number: Lockout period in seconds after too many login failures.
authLockoutThreshold number: Maximum number of failed login attempts before login lockout is triggered.
authOnDemand string: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
authPortalTimeout number: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
authPorts SettingAuthPort[]: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
authSecureHttp string: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
authSrcMac string: Enable/disable source MAC for user identity. Valid values: enable, disable.
authSslAllowRenegotiation string: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
authSslMaxProtoVersion string: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
authSslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
authSslSigalgs string: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
authTimeout number: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
authTimeoutType string: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
authType string: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
defaultUserPasswordPolicy string: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
perPolicyDisclaimer string: Enable/disable per policy disclaimer. Valid values: enable, disable.
radiusSesTimeoutAct string: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

auth_blackout_time int: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
auth_ca_cert str: HTTPS CA certificate for policy authentication.
auth_cert str: HTTPS server certificate for policy authentication.
auth_http_basic str: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
auth_invalid_max int: Maximum number of failed authentication attempts before the user is blocked.
auth_lockout_duration int: Lockout period in seconds after too many login failures.
auth_lockout_threshold int: Maximum number of failed login attempts before login lockout is triggered.
auth_on_demand str: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
auth_portal_timeout int: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
auth_ports Sequence[SettingAuthPortArgs]: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
auth_secure_http str: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
auth_src_mac str: Enable/disable source MAC for user identity. Valid values: enable, disable.
auth_ssl_allow_renegotiation str: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
auth_ssl_max_proto_version str: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
auth_ssl_min_proto_version str: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
auth_ssl_sigalgs str: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
auth_timeout int: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
auth_timeout_type str: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
auth_type str: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
default_user_password_policy str: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
per_policy_disclaimer str: Enable/disable per policy disclaimer. Valid values: enable, disable.
radius_ses_timeout_act str: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authBlackoutTime Number: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
authCaCert String: HTTPS CA certificate for policy authentication.
authCert String: HTTPS server certificate for policy authentication.
authHttpBasic String: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
authInvalidMax Number: Maximum number of failed authentication attempts before the user is blocked.
authLockoutDuration Number: Lockout period in seconds after too many login failures.
authLockoutThreshold Number: Maximum number of failed login attempts before login lockout is triggered.
authOnDemand String: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
authPortalTimeout Number: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
authPorts List<Property Map>: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
authSecureHttp String: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
authSrcMac String: Enable/disable source MAC for user identity. Valid values: enable, disable.
authSslAllowRenegotiation String: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
authSslMaxProtoVersion String: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
authSslMinProtoVersion String: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
authSslSigalgs String: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
authTimeout Number: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
authTimeoutType String: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
authType String: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
defaultUserPasswordPolicy String: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
perPolicyDisclaimer String: Enable/disable per policy disclaimer. Valid values: enable, disable.
radiusSesTimeoutAct String: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Outputs

All input properties are implicitly available as output properties. Additionally, the Setting resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Setting Resource

Get an existing Setting resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SettingState, opts?: CustomResourceOptions): Setting

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        auth_blackout_time: Optional[int] = None,
        auth_ca_cert: Optional[str] = None,
        auth_cert: Optional[str] = None,
        auth_http_basic: Optional[str] = None,
        auth_invalid_max: Optional[int] = None,
        auth_lockout_duration: Optional[int] = None,
        auth_lockout_threshold: Optional[int] = None,
        auth_on_demand: Optional[str] = None,
        auth_portal_timeout: Optional[int] = None,
        auth_ports: Optional[Sequence[SettingAuthPortArgs]] = None,
        auth_secure_http: Optional[str] = None,
        auth_src_mac: Optional[str] = None,
        auth_ssl_allow_renegotiation: Optional[str] = None,
        auth_ssl_max_proto_version: Optional[str] = None,
        auth_ssl_min_proto_version: Optional[str] = None,
        auth_ssl_sigalgs: Optional[str] = None,
        auth_timeout: Optional[int] = None,
        auth_timeout_type: Optional[str] = None,
        auth_type: Optional[str] = None,
        default_user_password_policy: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        get_all_tables: Optional[str] = None,
        per_policy_disclaimer: Optional[str] = None,
        radius_ses_timeout_act: Optional[str] = None,
        vdomparam: Optional[str] = None) -> Setting

func GetSetting(ctx *Context, name string, id IDInput, state *SettingState, opts ...ResourceOption) (*Setting, error)

public static Setting Get(string name, Input<string> id, SettingState? state, CustomResourceOptions? opts = null)

public static Setting get(String name, Output<String> id, SettingState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AuthBlackoutTime int: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
AuthCaCert string: HTTPS CA certificate for policy authentication.
AuthCert string: HTTPS server certificate for policy authentication.
AuthHttpBasic string: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
AuthInvalidMax int: Maximum number of failed authentication attempts before the user is blocked.
AuthLockoutDuration int: Lockout period in seconds after too many login failures.
AuthLockoutThreshold int: Maximum number of failed login attempts before login lockout is triggered.
AuthOnDemand string: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
AuthPortalTimeout int: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
AuthPorts List<Pulumiverse.Fortios.User.Inputs.SettingAuthPort>: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
AuthSecureHttp string: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
AuthSrcMac string: Enable/disable source MAC for user identity. Valid values: enable, disable.
AuthSslAllowRenegotiation string: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
AuthSslMaxProtoVersion string: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
AuthSslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
AuthSslSigalgs string: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
AuthTimeout int: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
AuthTimeoutType string: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
AuthType string: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
DefaultUserPasswordPolicy string: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
PerPolicyDisclaimer string: Enable/disable per policy disclaimer. Valid values: enable, disable.
RadiusSesTimeoutAct string: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

AuthBlackoutTime int: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
AuthCaCert string: HTTPS CA certificate for policy authentication.
AuthCert string: HTTPS server certificate for policy authentication.
AuthHttpBasic string: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
AuthInvalidMax int: Maximum number of failed authentication attempts before the user is blocked.
AuthLockoutDuration int: Lockout period in seconds after too many login failures.
AuthLockoutThreshold int: Maximum number of failed login attempts before login lockout is triggered.
AuthOnDemand string: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
AuthPortalTimeout int: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
AuthPorts []SettingAuthPortArgs: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
AuthSecureHttp string: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
AuthSrcMac string: Enable/disable source MAC for user identity. Valid values: enable, disable.
AuthSslAllowRenegotiation string: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
AuthSslMaxProtoVersion string: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
AuthSslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
AuthSslSigalgs string: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
AuthTimeout int: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
AuthTimeoutType string: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
AuthType string: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
DefaultUserPasswordPolicy string: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
DynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
GetAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
PerPolicyDisclaimer string: Enable/disable per policy disclaimer. Valid values: enable, disable.
RadiusSesTimeoutAct string: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authBlackoutTime Integer: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
authCaCert String: HTTPS CA certificate for policy authentication.
authCert String: HTTPS server certificate for policy authentication.
authHttpBasic String: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
authInvalidMax Integer: Maximum number of failed authentication attempts before the user is blocked.
authLockoutDuration Integer: Lockout period in seconds after too many login failures.
authLockoutThreshold Integer: Maximum number of failed login attempts before login lockout is triggered.
authOnDemand String: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
authPortalTimeout Integer: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
authPorts List<SettingAuthPort>: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
authSecureHttp String: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
authSrcMac String: Enable/disable source MAC for user identity. Valid values: enable, disable.
authSslAllowRenegotiation String: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
authSslMaxProtoVersion String: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
authSslMinProtoVersion String: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
authSslSigalgs String: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
authTimeout Integer: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
authTimeoutType String: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
authType String: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
defaultUserPasswordPolicy String: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
perPolicyDisclaimer String: Enable/disable per policy disclaimer. Valid values: enable, disable.
radiusSesTimeoutAct String: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authBlackoutTime number: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
authCaCert string: HTTPS CA certificate for policy authentication.
authCert string: HTTPS server certificate for policy authentication.
authHttpBasic string: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
authInvalidMax number: Maximum number of failed authentication attempts before the user is blocked.
authLockoutDuration number: Lockout period in seconds after too many login failures.
authLockoutThreshold number: Maximum number of failed login attempts before login lockout is triggered.
authOnDemand string: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
authPortalTimeout number: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
authPorts SettingAuthPort[]: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
authSecureHttp string: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
authSrcMac string: Enable/disable source MAC for user identity. Valid values: enable, disable.
authSslAllowRenegotiation string: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
authSslMaxProtoVersion string: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
authSslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
authSslSigalgs string: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
authTimeout number: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
authTimeoutType string: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
authType string: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
defaultUserPasswordPolicy string: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
dynamicSortSubtable string: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
getAllTables string: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
perPolicyDisclaimer string: Enable/disable per policy disclaimer. Valid values: enable, disable.
radiusSesTimeoutAct string: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

auth_blackout_time int: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
auth_ca_cert str: HTTPS CA certificate for policy authentication.
auth_cert str: HTTPS server certificate for policy authentication.
auth_http_basic str: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
auth_invalid_max int: Maximum number of failed authentication attempts before the user is blocked.
auth_lockout_duration int: Lockout period in seconds after too many login failures.
auth_lockout_threshold int: Maximum number of failed login attempts before login lockout is triggered.
auth_on_demand str: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
auth_portal_timeout int: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
auth_ports Sequence[SettingAuthPortArgs]: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
auth_secure_http str: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
auth_src_mac str: Enable/disable source MAC for user identity. Valid values: enable, disable.
auth_ssl_allow_renegotiation str: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
auth_ssl_max_proto_version str: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
auth_ssl_min_proto_version str: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
auth_ssl_sigalgs str: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
auth_timeout int: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
auth_timeout_type str: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
auth_type str: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
default_user_password_policy str: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
dynamic_sort_subtable str: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
get_all_tables str: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
per_policy_disclaimer str: Enable/disable per policy disclaimer. Valid values: enable, disable.
radius_ses_timeout_act str: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

authBlackoutTime Number: Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
authCaCert String: HTTPS CA certificate for policy authentication.
authCert String: HTTPS server certificate for policy authentication.
authHttpBasic String: Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
authInvalidMax Number: Maximum number of failed authentication attempts before the user is blocked.
authLockoutDuration Number: Lockout period in seconds after too many login failures.
authLockoutThreshold Number: Maximum number of failed login attempts before login lockout is triggered.
authOnDemand String: Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
authPortalTimeout Number: Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
authPorts List<Property Map>: Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
authSecureHttp String: Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
authSrcMac String: Enable/disable source MAC for user identity. Valid values: enable, disable.
authSslAllowRenegotiation String: Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
authSslMaxProtoVersion String: Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
authSslMinProtoVersion String: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
authSslSigalgs String: Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
authTimeout Number: Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
authTimeoutType String: Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
authType String: Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
defaultUserPasswordPolicy String: Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
dynamicSortSubtable String: Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
getAllTables String: Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
perPolicyDisclaimer String: Enable/disable per policy disclaimer. Valid values: enable, disable.
radiusSesTimeoutAct String: Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Supporting Types

SettingAuthPort, SettingAuthPortArgs

Id int: ID.
Port int: Non-standard port for firewall user authentication.
Type string: Service type. Valid values: http, https, ftp, telnet.

Id int: ID.
Port int: Non-standard port for firewall user authentication.
Type string: Service type. Valid values: http, https, ftp, telnet.

id Integer: ID.
port Integer: Non-standard port for firewall user authentication.
type String: Service type. Valid values: http, https, ftp, telnet.

id number: ID.
port number: Non-standard port for firewall user authentication.
type string: Service type. Valid values: http, https, ftp, telnet.

id int: ID.
port int: Non-standard port for firewall user authentication.
type str: Service type. Valid values: http, https, ftp, telnet.

id Number: ID.
port Number: Non-standard port for firewall user authentication.
type String: Service type. Valid values: http, https, ftp, telnet.

Import

User Setting can be imported using any of these accepted formats:

$ pulumi import fortios:user/setting:Setting labelname UserSetting

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:user/setting:Setting labelname UserSetting

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortios pulumiverse/pulumi-fortios
License: Apache-2.0
Notes: This Pulumi package is based on the fortios Terraform Provider.

Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

pulumiverse/pulumi-fortios

fortios.user.Setting

On this page

On this page

Example Usage

Create Setting Resource

Constructor syntax

Parameters

Constructor example

Setting Resource Properties

Inputs

Outputs

Look up Existing Setting Resource

Supporting Types

SettingAuthPort, SettingAuthPortArgs

Import

Package Details

On this page

On this page