Docs Home
fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev
fortimanager.ObjectFirewallProfileprotocoloptionsHttp
Explore with Pulumi AI
fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev
Configure HTTP protocol options.
This resource is a sub resource for variable
httpof resourcefortimanager.ObjectFirewallProfileprotocoloptions. Conflict and overwrite may occur if use both of them.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortimanager from "@pulumi/fortimanager";
const trnameObjectFirewallProfileprotocoloptions = new fortimanager.ObjectFirewallProfileprotocoloptions("trnameObjectFirewallProfileprotocoloptions", {});
const trnameObjectFirewallProfileprotocoloptionsHttp = new fortimanager.ObjectFirewallProfileprotocoloptionsHttp("trnameObjectFirewallProfileprotocoloptionsHttp", {
profileProtocolOptions: trnameObjectFirewallProfileprotocoloptions.name,
addressIpRating: "enable",
blockPageStatusCode: 499,
comfortAmount: 200,
}, {
dependsOn: [trnameObjectFirewallProfileprotocoloptions],
});
import pulumi
import pulumi_fortimanager as fortimanager
trname_object_firewall_profileprotocoloptions = fortimanager.ObjectFirewallProfileprotocoloptions("trnameObjectFirewallProfileprotocoloptions")
trname_object_firewall_profileprotocoloptions_http = fortimanager.ObjectFirewallProfileprotocoloptionsHttp("trnameObjectFirewallProfileprotocoloptionsHttp",
profile_protocol_options=trname_object_firewall_profileprotocoloptions.name,
address_ip_rating="enable",
block_page_status_code=499,
comfort_amount=200,
opts = pulumi.ResourceOptions(depends_on=[trname_object_firewall_profileprotocoloptions]))
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/fortimanager/fortimanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
trnameObjectFirewallProfileprotocoloptions, err := fortimanager.NewObjectFirewallProfileprotocoloptions(ctx, "trnameObjectFirewallProfileprotocoloptions", nil)
if err != nil {
return err
}
_, err = fortimanager.NewObjectFirewallProfileprotocoloptionsHttp(ctx, "trnameObjectFirewallProfileprotocoloptionsHttp", &fortimanager.ObjectFirewallProfileprotocoloptionsHttpArgs{
ProfileProtocolOptions: trnameObjectFirewallProfileprotocoloptions.Name,
AddressIpRating: pulumi.String("enable"),
BlockPageStatusCode: pulumi.Float64(499),
ComfortAmount: pulumi.Float64(200),
}, pulumi.DependsOn([]pulumi.Resource{
trnameObjectFirewallProfileprotocoloptions,
}))
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortimanager = Pulumi.Fortimanager;
return await Deployment.RunAsync(() =>
{
var trnameObjectFirewallProfileprotocoloptions = new Fortimanager.ObjectFirewallProfileprotocoloptions("trnameObjectFirewallProfileprotocoloptions");
var trnameObjectFirewallProfileprotocoloptionsHttp = new Fortimanager.ObjectFirewallProfileprotocoloptionsHttp("trnameObjectFirewallProfileprotocoloptionsHttp", new()
{
ProfileProtocolOptions = trnameObjectFirewallProfileprotocoloptions.Name,
AddressIpRating = "enable",
BlockPageStatusCode = 499,
ComfortAmount = 200,
}, new CustomResourceOptions
{
DependsOn =
{
trnameObjectFirewallProfileprotocoloptions,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortimanager.ObjectFirewallProfileprotocoloptions;
import com.pulumi.fortimanager.ObjectFirewallProfileprotocoloptionsHttp;
import com.pulumi.fortimanager.ObjectFirewallProfileprotocoloptionsHttpArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var trnameObjectFirewallProfileprotocoloptions = new ObjectFirewallProfileprotocoloptions("trnameObjectFirewallProfileprotocoloptions");
var trnameObjectFirewallProfileprotocoloptionsHttp = new ObjectFirewallProfileprotocoloptionsHttp("trnameObjectFirewallProfileprotocoloptionsHttp", ObjectFirewallProfileprotocoloptionsHttpArgs.builder()
.profileProtocolOptions(trnameObjectFirewallProfileprotocoloptions.name())
.addressIpRating("enable")
.blockPageStatusCode(499)
.comfortAmount(200)
.build(), CustomResourceOptions.builder()
.dependsOn(trnameObjectFirewallProfileprotocoloptions)
.build());
}
}
resources:
trnameObjectFirewallProfileprotocoloptionsHttp:
type: fortimanager:ObjectFirewallProfileprotocoloptionsHttp
properties:
profileProtocolOptions: ${trnameObjectFirewallProfileprotocoloptions.name}
addressIpRating: enable
blockPageStatusCode: 499
comfortAmount: 200
options:
dependsOn:
- ${trnameObjectFirewallProfileprotocoloptions}
trnameObjectFirewallProfileprotocoloptions:
type: fortimanager:ObjectFirewallProfileprotocoloptions
Create ObjectFirewallProfileprotocoloptionsHttp Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ObjectFirewallProfileprotocoloptionsHttp(name: string, args: ObjectFirewallProfileprotocoloptionsHttpArgs, opts?: CustomResourceOptions);@overload
def ObjectFirewallProfileprotocoloptionsHttp(resource_name: str,
args: ObjectFirewallProfileprotocoloptionsHttpInitArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ObjectFirewallProfileprotocoloptionsHttp(resource_name: str,
opts: Optional[ResourceOptions] = None,
profile_protocol_options: Optional[str] = None,
proxy_after_tcp_handshake: Optional[str] = None,
retry_count: Optional[float] = None,
comfort_amount: Optional[float] = None,
comfort_interval: Optional[float] = None,
domain_fronting: Optional[str] = None,
fortinet_bar: Optional[str] = None,
fortinet_bar_port: Optional[float] = None,
h2c: Optional[str] = None,
http09: Optional[str] = None,
scan_bzip2: Optional[str] = None,
inspect_all: Optional[str] = None,
object_firewall_profileprotocoloptions_http_id: Optional[str] = None,
options: Optional[Sequence[str]] = None,
oversize_limit: Optional[float] = None,
ports: Optional[Sequence[float]] = None,
post_langs: Optional[Sequence[str]] = None,
adom: Optional[str] = None,
address_ip_rating: Optional[str] = None,
block_page_status_code: Optional[float] = None,
range_block: Optional[str] = None,
http_policy: Optional[str] = None,
scopetype: Optional[str] = None,
ssl_offloaded: Optional[str] = None,
status: Optional[str] = None,
stream_based_uncompressed_limit: Optional[float] = None,
streaming_content_bypass: Optional[str] = None,
strip_x_forwarded_for: Optional[str] = None,
switching_protocols: Optional[str] = None,
tcp_window_maximum: Optional[float] = None,
tcp_window_minimum: Optional[float] = None,
tcp_window_size: Optional[float] = None,
tcp_window_type: Optional[str] = None,
tunnel_non_http: Optional[str] = None,
uncompressed_nest_limit: Optional[float] = None,
uncompressed_oversize_limit: Optional[float] = None,
unknown_content_encoding: Optional[str] = None,
unknown_http_version: Optional[str] = None,
verify_dns_for_policy_matching: Optional[str] = None)func NewObjectFirewallProfileprotocoloptionsHttp(ctx *Context, name string, args ObjectFirewallProfileprotocoloptionsHttpArgs, opts ...ResourceOption) (*ObjectFirewallProfileprotocoloptionsHttp, error)public ObjectFirewallProfileprotocoloptionsHttp(string name, ObjectFirewallProfileprotocoloptionsHttpArgs args, CustomResourceOptions? opts = null)public ObjectFirewallProfileprotocoloptionsHttp(String name, ObjectFirewallProfileprotocoloptionsHttpArgs args)
public ObjectFirewallProfileprotocoloptionsHttp(String name, ObjectFirewallProfileprotocoloptionsHttpArgs args, CustomResourceOptions options)
type: fortimanager:ObjectFirewallProfileprotocoloptionsHttp
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ObjectFirewallProfileprotocoloptionsHttpArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. ObjectFirewallProfileprotocoloptionsHttpInitArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ObjectFirewallProfileprotocoloptionsHttpArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. ObjectFirewallProfileprotocoloptionsHttpArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. ObjectFirewallProfileprotocoloptionsHttpArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var objectFirewallProfileprotocoloptionsHttpResource = new Fortimanager.ObjectFirewallProfileprotocoloptionsHttp("objectFirewallProfileprotocoloptionsHttpResource", new()
{
ProfileProtocolOptions = "string",
ProxyAfterTcpHandshake = "string",
RetryCount = 0,
ComfortAmount = 0,
ComfortInterval = 0,
DomainFronting = "string",
FortinetBar = "string",
FortinetBarPort = 0,
H2c = "string",
Http09 = "string",
ScanBzip2 = "string",
InspectAll = "string",
ObjectFirewallProfileprotocoloptionsHttpId = "string",
Options = new[]
{
"string",
},
OversizeLimit = 0,
Ports = new[]
{
0,
},
PostLangs = new[]
{
"string",
},
Adom = "string",
AddressIpRating = "string",
BlockPageStatusCode = 0,
RangeBlock = "string",
HttpPolicy = "string",
Scopetype = "string",
SslOffloaded = "string",
Status = "string",
StreamBasedUncompressedLimit = 0,
StreamingContentBypass = "string",
StripXForwardedFor = "string",
SwitchingProtocols = "string",
TcpWindowMaximum = 0,
TcpWindowMinimum = 0,
TcpWindowSize = 0,
TcpWindowType = "string",
TunnelNonHttp = "string",
UncompressedNestLimit = 0,
UncompressedOversizeLimit = 0,
UnknownContentEncoding = "string",
UnknownHttpVersion = "string",
VerifyDnsForPolicyMatching = "string",
});
example, err := fortimanager.NewObjectFirewallProfileprotocoloptionsHttp(ctx, "objectFirewallProfileprotocoloptionsHttpResource", &fortimanager.ObjectFirewallProfileprotocoloptionsHttpArgs{
ProfileProtocolOptions: pulumi.String("string"),
ProxyAfterTcpHandshake: pulumi.String("string"),
RetryCount: pulumi.Float64(0),
ComfortAmount: pulumi.Float64(0),
ComfortInterval: pulumi.Float64(0),
DomainFronting: pulumi.String("string"),
FortinetBar: pulumi.String("string"),
FortinetBarPort: pulumi.Float64(0),
H2c: pulumi.String("string"),
Http09: pulumi.String("string"),
ScanBzip2: pulumi.String("string"),
InspectAll: pulumi.String("string"),
ObjectFirewallProfileprotocoloptionsHttpId: pulumi.String("string"),
Options: pulumi.StringArray{
pulumi.String("string"),
},
OversizeLimit: pulumi.Float64(0),
Ports: pulumi.Float64Array{
pulumi.Float64(0),
},
PostLangs: pulumi.StringArray{
pulumi.String("string"),
},
Adom: pulumi.String("string"),
AddressIpRating: pulumi.String("string"),
BlockPageStatusCode: pulumi.Float64(0),
RangeBlock: pulumi.String("string"),
HttpPolicy: pulumi.String("string"),
Scopetype: pulumi.String("string"),
SslOffloaded: pulumi.String("string"),
Status: pulumi.String("string"),
StreamBasedUncompressedLimit: pulumi.Float64(0),
StreamingContentBypass: pulumi.String("string"),
StripXForwardedFor: pulumi.String("string"),
SwitchingProtocols: pulumi.String("string"),
TcpWindowMaximum: pulumi.Float64(0),
TcpWindowMinimum: pulumi.Float64(0),
TcpWindowSize: pulumi.Float64(0),
TcpWindowType: pulumi.String("string"),
TunnelNonHttp: pulumi.String("string"),
UncompressedNestLimit: pulumi.Float64(0),
UncompressedOversizeLimit: pulumi.Float64(0),
UnknownContentEncoding: pulumi.String("string"),
UnknownHttpVersion: pulumi.String("string"),
VerifyDnsForPolicyMatching: pulumi.String("string"),
})
var objectFirewallProfileprotocoloptionsHttpResource = new ObjectFirewallProfileprotocoloptionsHttp("objectFirewallProfileprotocoloptionsHttpResource", ObjectFirewallProfileprotocoloptionsHttpArgs.builder()
.profileProtocolOptions("string")
.proxyAfterTcpHandshake("string")
.retryCount(0)
.comfortAmount(0)
.comfortInterval(0)
.domainFronting("string")
.fortinetBar("string")
.fortinetBarPort(0)
.h2c("string")
.http09("string")
.scanBzip2("string")
.inspectAll("string")
.objectFirewallProfileprotocoloptionsHttpId("string")
.options("string")
.oversizeLimit(0)
.ports(0)
.postLangs("string")
.adom("string")
.addressIpRating("string")
.blockPageStatusCode(0)
.rangeBlock("string")
.httpPolicy("string")
.scopetype("string")
.sslOffloaded("string")
.status("string")
.streamBasedUncompressedLimit(0)
.streamingContentBypass("string")
.stripXForwardedFor("string")
.switchingProtocols("string")
.tcpWindowMaximum(0)
.tcpWindowMinimum(0)
.tcpWindowSize(0)
.tcpWindowType("string")
.tunnelNonHttp("string")
.uncompressedNestLimit(0)
.uncompressedOversizeLimit(0)
.unknownContentEncoding("string")
.unknownHttpVersion("string")
.verifyDnsForPolicyMatching("string")
.build());
object_firewall_profileprotocoloptions_http_resource = fortimanager.ObjectFirewallProfileprotocoloptionsHttp("objectFirewallProfileprotocoloptionsHttpResource",
profile_protocol_options="string",
proxy_after_tcp_handshake="string",
retry_count=0,
comfort_amount=0,
comfort_interval=0,
domain_fronting="string",
fortinet_bar="string",
fortinet_bar_port=0,
h2c="string",
http09="string",
scan_bzip2="string",
inspect_all="string",
object_firewall_profileprotocoloptions_http_id="string",
options=["string"],
oversize_limit=0,
ports=[0],
post_langs=["string"],
adom="string",
address_ip_rating="string",
block_page_status_code=0,
range_block="string",
http_policy="string",
scopetype="string",
ssl_offloaded="string",
status="string",
stream_based_uncompressed_limit=0,
streaming_content_bypass="string",
strip_x_forwarded_for="string",
switching_protocols="string",
tcp_window_maximum=0,
tcp_window_minimum=0,
tcp_window_size=0,
tcp_window_type="string",
tunnel_non_http="string",
uncompressed_nest_limit=0,
uncompressed_oversize_limit=0,
unknown_content_encoding="string",
unknown_http_version="string",
verify_dns_for_policy_matching="string")
const objectFirewallProfileprotocoloptionsHttpResource = new fortimanager.ObjectFirewallProfileprotocoloptionsHttp("objectFirewallProfileprotocoloptionsHttpResource", {
profileProtocolOptions: "string",
proxyAfterTcpHandshake: "string",
retryCount: 0,
comfortAmount: 0,
comfortInterval: 0,
domainFronting: "string",
fortinetBar: "string",
fortinetBarPort: 0,
h2c: "string",
http09: "string",
scanBzip2: "string",
inspectAll: "string",
objectFirewallProfileprotocoloptionsHttpId: "string",
options: ["string"],
oversizeLimit: 0,
ports: [0],
postLangs: ["string"],
adom: "string",
addressIpRating: "string",
blockPageStatusCode: 0,
rangeBlock: "string",
httpPolicy: "string",
scopetype: "string",
sslOffloaded: "string",
status: "string",
streamBasedUncompressedLimit: 0,
streamingContentBypass: "string",
stripXForwardedFor: "string",
switchingProtocols: "string",
tcpWindowMaximum: 0,
tcpWindowMinimum: 0,
tcpWindowSize: 0,
tcpWindowType: "string",
tunnelNonHttp: "string",
uncompressedNestLimit: 0,
uncompressedOversizeLimit: 0,
unknownContentEncoding: "string",
unknownHttpVersion: "string",
verifyDnsForPolicyMatching: "string",
});
type: fortimanager:ObjectFirewallProfileprotocoloptionsHttp
properties:
addressIpRating: string
adom: string
blockPageStatusCode: 0
comfortAmount: 0
comfortInterval: 0
domainFronting: string
fortinetBar: string
fortinetBarPort: 0
h2c: string
http09: string
httpPolicy: string
inspectAll: string
objectFirewallProfileprotocoloptionsHttpId: string
options:
- string
oversizeLimit: 0
ports:
- 0
postLangs:
- string
profileProtocolOptions: string
proxyAfterTcpHandshake: string
rangeBlock: string
retryCount: 0
scanBzip2: string
scopetype: string
sslOffloaded: string
status: string
streamBasedUncompressedLimit: 0
streamingContentBypass: string
stripXForwardedFor: string
switchingProtocols: string
tcpWindowMaximum: 0
tcpWindowMinimum: 0
tcpWindowSize: 0
tcpWindowType: string
tunnelNonHttp: string
uncompressedNestLimit: 0
uncompressedOversizeLimit: 0
unknownContentEncoding: string
unknownHttpVersion: string
verifyDnsForPolicyMatching: string
ObjectFirewallProfileprotocoloptionsHttp Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ObjectFirewallProfileprotocoloptionsHttp resource accepts the following input properties:
- Profile
Protocol Options This property is required. string - Profile Protocol Options.
- Address
Ip stringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - Adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - Block
Page doubleStatus Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- Comfort
Amount double - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- Comfort
Interval double - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- Domain
Fronting string - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - Fortinet
Bar string - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - Fortinet
Bar doublePort - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- H2c string
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - Http09 string
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - Http
Policy string - Enable/disable HTTP policy check. Valid values:
disable,enable. - Inspect
All string - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - Object
Firewall stringProfileprotocoloptions Http Id - an identifier for the resource.
- Options List<string>
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - Oversize
Limit double - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- Ports List<double>
- Ports to scan for content (1 - 65535, default = 80).
- Post
Langs List<string> - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - Proxy
After stringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - Range
Block string - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - Retry
Count double - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- Scan
Bzip2 string - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - Scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - Ssl
Offloaded string - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - Status string
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - Stream
Based doubleUncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- Streaming
Content stringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - Strip
XForwarded stringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - Switching
Protocols string - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - Tcp
Window doubleMaximum - Maximum dynamic TCP window size (default = 8MB).
- Tcp
Window doubleMinimum - Minimum dynamic TCP window size (default = 128KB).
- Tcp
Window doubleSize - Set TCP static window size (default = 256KB).
- Tcp
Window stringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - Tunnel
Non stringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - Uncompressed
Nest doubleLimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- Uncompressed
Oversize doubleLimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- Unknown
Content stringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - Unknown
Http stringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - Verify
Dns stringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- Profile
Protocol Options This property is required. string - Profile Protocol Options.
- Address
Ip stringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - Adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - Block
Page float64Status Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- Comfort
Amount float64 - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- Comfort
Interval float64 - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- Domain
Fronting string - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - Fortinet
Bar string - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - Fortinet
Bar float64Port - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- H2c string
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - Http09 string
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - Http
Policy string - Enable/disable HTTP policy check. Valid values:
disable,enable. - Inspect
All string - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - Object
Firewall stringProfileprotocoloptions Http Id - an identifier for the resource.
- Options []string
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - Oversize
Limit float64 - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- Ports []float64
- Ports to scan for content (1 - 65535, default = 80).
- Post
Langs []string - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - Proxy
After stringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - Range
Block string - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - Retry
Count float64 - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- Scan
Bzip2 string - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - Scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - Ssl
Offloaded string - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - Status string
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - Stream
Based float64Uncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- Streaming
Content stringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - Strip
XForwarded stringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - Switching
Protocols string - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - Tcp
Window float64Maximum - Maximum dynamic TCP window size (default = 8MB).
- Tcp
Window float64Minimum - Minimum dynamic TCP window size (default = 128KB).
- Tcp
Window float64Size - Set TCP static window size (default = 256KB).
- Tcp
Window stringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - Tunnel
Non stringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - Uncompressed
Nest float64Limit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- Uncompressed
Oversize float64Limit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- Unknown
Content stringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - Unknown
Http stringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - Verify
Dns stringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- profile
Protocol Options This property is required. String - Profile Protocol Options.
- address
Ip StringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - adom String
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - block
Page DoubleStatus Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- comfort
Amount Double - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- comfort
Interval Double - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- domain
Fronting String - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - fortinet
Bar String - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - fortinet
Bar DoublePort - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- h2c String
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - http09 String
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - http
Policy String - Enable/disable HTTP policy check. Valid values:
disable,enable. - inspect
All String - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - object
Firewall StringProfileprotocoloptions Http Id - an identifier for the resource.
- options List<String>
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - oversize
Limit Double - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- ports List<Double>
- Ports to scan for content (1 - 65535, default = 80).
- post
Langs List<String> - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - proxy
After StringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - range
Block String - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - retry
Count Double - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- scan
Bzip2 String - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - scopetype String
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - ssl
Offloaded String - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - status String
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - stream
Based DoubleUncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- streaming
Content StringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - strip
XForwarded StringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - switching
Protocols String - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - tcp
Window DoubleMaximum - Maximum dynamic TCP window size (default = 8MB).
- tcp
Window DoubleMinimum - Minimum dynamic TCP window size (default = 128KB).
- tcp
Window DoubleSize - Set TCP static window size (default = 256KB).
- tcp
Window StringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - tunnel
Non StringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - uncompressed
Nest DoubleLimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- uncompressed
Oversize DoubleLimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- unknown
Content StringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - unknown
Http StringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - verify
Dns StringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- profile
Protocol Options This property is required. string - Profile Protocol Options.
- address
Ip stringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - block
Page numberStatus Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- comfort
Amount number - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- comfort
Interval number - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- domain
Fronting string - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - fortinet
Bar string - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - fortinet
Bar numberPort - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- h2c string
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - http09 string
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - http
Policy string - Enable/disable HTTP policy check. Valid values:
disable,enable. - inspect
All string - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - object
Firewall stringProfileprotocoloptions Http Id - an identifier for the resource.
- options string[]
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - oversize
Limit number - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- ports number[]
- Ports to scan for content (1 - 65535, default = 80).
- post
Langs string[] - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - proxy
After stringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - range
Block string - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - retry
Count number - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- scan
Bzip2 string - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - ssl
Offloaded string - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - status string
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - stream
Based numberUncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- streaming
Content stringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - strip
XForwarded stringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - switching
Protocols string - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - tcp
Window numberMaximum - Maximum dynamic TCP window size (default = 8MB).
- tcp
Window numberMinimum - Minimum dynamic TCP window size (default = 128KB).
- tcp
Window numberSize - Set TCP static window size (default = 256KB).
- tcp
Window stringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - tunnel
Non stringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - uncompressed
Nest numberLimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- uncompressed
Oversize numberLimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- unknown
Content stringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - unknown
Http stringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - verify
Dns stringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- profile_
protocol_ options This property is required. str - Profile Protocol Options.
- address_
ip_ strrating - Enable/disable IP based URL rating. Valid values:
disable,enable. - adom str
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - block_
page_ floatstatus_ code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- comfort_
amount float - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- comfort_
interval float - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- domain_
fronting str - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - fortinet_
bar str - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - fortinet_
bar_ floatport - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- h2c str
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - http09 str
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - http_
policy str - Enable/disable HTTP policy check. Valid values:
disable,enable. - inspect_
all str - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - object_
firewall_ strprofileprotocoloptions_ http_ id - an identifier for the resource.
- options Sequence[str]
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - oversize_
limit float - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- ports Sequence[float]
- Ports to scan for content (1 - 65535, default = 80).
- post_
langs Sequence[str] - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - proxy_
after_ strtcp_ handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - range_
block str - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - retry_
count float - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- scan_
bzip2 str - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - scopetype str
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - ssl_
offloaded str - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - status str
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - stream_
based_ floatuncompressed_ limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- streaming_
content_ strbypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - strip_
x_ strforwarded_ for - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - switching_
protocols str - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - tcp_
window_ floatmaximum - Maximum dynamic TCP window size (default = 8MB).
- tcp_
window_ floatminimum - Minimum dynamic TCP window size (default = 128KB).
- tcp_
window_ floatsize - Set TCP static window size (default = 256KB).
- tcp_
window_ strtype - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - tunnel_
non_ strhttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - uncompressed_
nest_ floatlimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- uncompressed_
oversize_ floatlimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- unknown_
content_ strencoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - unknown_
http_ strversion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - verify_
dns_ strfor_ policy_ matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- profile
Protocol Options This property is required. String - Profile Protocol Options.
- address
Ip StringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - adom String
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - block
Page NumberStatus Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- comfort
Amount Number - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- comfort
Interval Number - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- domain
Fronting String - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - fortinet
Bar String - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - fortinet
Bar NumberPort - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- h2c String
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - http09 String
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - http
Policy String - Enable/disable HTTP policy check. Valid values:
disable,enable. - inspect
All String - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - object
Firewall StringProfileprotocoloptions Http Id - an identifier for the resource.
- options List<String>
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - oversize
Limit Number - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- ports List<Number>
- Ports to scan for content (1 - 65535, default = 80).
- post
Langs List<String> - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - proxy
After StringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - range
Block String - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - retry
Count Number - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- scan
Bzip2 String - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - scopetype String
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - ssl
Offloaded String - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - status String
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - stream
Based NumberUncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- streaming
Content StringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - strip
XForwarded StringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - switching
Protocols String - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - tcp
Window NumberMaximum - Maximum dynamic TCP window size (default = 8MB).
- tcp
Window NumberMinimum - Minimum dynamic TCP window size (default = 128KB).
- tcp
Window NumberSize - Set TCP static window size (default = 256KB).
- tcp
Window StringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - tunnel
Non StringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - uncompressed
Nest NumberLimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- uncompressed
Oversize NumberLimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- unknown
Content StringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - unknown
Http StringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - verify
Dns StringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
Outputs
All input properties are implicitly available as output properties. Additionally, the ObjectFirewallProfileprotocoloptionsHttp resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ObjectFirewallProfileprotocoloptionsHttp Resource
Get an existing ObjectFirewallProfileprotocoloptionsHttp resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ObjectFirewallProfileprotocoloptionsHttpState, opts?: CustomResourceOptions): ObjectFirewallProfileprotocoloptionsHttp@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
address_ip_rating: Optional[str] = None,
adom: Optional[str] = None,
block_page_status_code: Optional[float] = None,
comfort_amount: Optional[float] = None,
comfort_interval: Optional[float] = None,
domain_fronting: Optional[str] = None,
fortinet_bar: Optional[str] = None,
fortinet_bar_port: Optional[float] = None,
h2c: Optional[str] = None,
http09: Optional[str] = None,
http_policy: Optional[str] = None,
inspect_all: Optional[str] = None,
object_firewall_profileprotocoloptions_http_id: Optional[str] = None,
options: Optional[Sequence[str]] = None,
oversize_limit: Optional[float] = None,
ports: Optional[Sequence[float]] = None,
post_langs: Optional[Sequence[str]] = None,
profile_protocol_options: Optional[str] = None,
proxy_after_tcp_handshake: Optional[str] = None,
range_block: Optional[str] = None,
retry_count: Optional[float] = None,
scan_bzip2: Optional[str] = None,
scopetype: Optional[str] = None,
ssl_offloaded: Optional[str] = None,
status: Optional[str] = None,
stream_based_uncompressed_limit: Optional[float] = None,
streaming_content_bypass: Optional[str] = None,
strip_x_forwarded_for: Optional[str] = None,
switching_protocols: Optional[str] = None,
tcp_window_maximum: Optional[float] = None,
tcp_window_minimum: Optional[float] = None,
tcp_window_size: Optional[float] = None,
tcp_window_type: Optional[str] = None,
tunnel_non_http: Optional[str] = None,
uncompressed_nest_limit: Optional[float] = None,
uncompressed_oversize_limit: Optional[float] = None,
unknown_content_encoding: Optional[str] = None,
unknown_http_version: Optional[str] = None,
verify_dns_for_policy_matching: Optional[str] = None) -> ObjectFirewallProfileprotocoloptionsHttpfunc GetObjectFirewallProfileprotocoloptionsHttp(ctx *Context, name string, id IDInput, state *ObjectFirewallProfileprotocoloptionsHttpState, opts ...ResourceOption) (*ObjectFirewallProfileprotocoloptionsHttp, error)public static ObjectFirewallProfileprotocoloptionsHttp Get(string name, Input<string> id, ObjectFirewallProfileprotocoloptionsHttpState? state, CustomResourceOptions? opts = null)public static ObjectFirewallProfileprotocoloptionsHttp get(String name, Output<String> id, ObjectFirewallProfileprotocoloptionsHttpState state, CustomResourceOptions options)resources: _: type: fortimanager:ObjectFirewallProfileprotocoloptionsHttp get: id: ${id}- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
The following state arguments are supported:
- Address
Ip stringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - Adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - Block
Page doubleStatus Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- Comfort
Amount double - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- Comfort
Interval double - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- Domain
Fronting string - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - Fortinet
Bar string - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - Fortinet
Bar doublePort - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- H2c string
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - Http09 string
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - Http
Policy string - Enable/disable HTTP policy check. Valid values:
disable,enable. - Inspect
All string - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - Object
Firewall stringProfileprotocoloptions Http Id - an identifier for the resource.
- Options List<string>
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - Oversize
Limit double - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- Ports List<double>
- Ports to scan for content (1 - 65535, default = 80).
- Post
Langs List<string> - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - Profile
Protocol stringOptions - Profile Protocol Options.
- Proxy
After stringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - Range
Block string - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - Retry
Count double - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- Scan
Bzip2 string - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - Scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - Ssl
Offloaded string - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - Status string
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - Stream
Based doubleUncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- Streaming
Content stringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - Strip
XForwarded stringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - Switching
Protocols string - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - Tcp
Window doubleMaximum - Maximum dynamic TCP window size (default = 8MB).
- Tcp
Window doubleMinimum - Minimum dynamic TCP window size (default = 128KB).
- Tcp
Window doubleSize - Set TCP static window size (default = 256KB).
- Tcp
Window stringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - Tunnel
Non stringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - Uncompressed
Nest doubleLimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- Uncompressed
Oversize doubleLimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- Unknown
Content stringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - Unknown
Http stringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - Verify
Dns stringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- Address
Ip stringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - Adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - Block
Page float64Status Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- Comfort
Amount float64 - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- Comfort
Interval float64 - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- Domain
Fronting string - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - Fortinet
Bar string - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - Fortinet
Bar float64Port - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- H2c string
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - Http09 string
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - Http
Policy string - Enable/disable HTTP policy check. Valid values:
disable,enable. - Inspect
All string - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - Object
Firewall stringProfileprotocoloptions Http Id - an identifier for the resource.
- Options []string
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - Oversize
Limit float64 - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- Ports []float64
- Ports to scan for content (1 - 65535, default = 80).
- Post
Langs []string - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - Profile
Protocol stringOptions - Profile Protocol Options.
- Proxy
After stringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - Range
Block string - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - Retry
Count float64 - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- Scan
Bzip2 string - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - Scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - Ssl
Offloaded string - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - Status string
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - Stream
Based float64Uncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- Streaming
Content stringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - Strip
XForwarded stringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - Switching
Protocols string - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - Tcp
Window float64Maximum - Maximum dynamic TCP window size (default = 8MB).
- Tcp
Window float64Minimum - Minimum dynamic TCP window size (default = 128KB).
- Tcp
Window float64Size - Set TCP static window size (default = 256KB).
- Tcp
Window stringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - Tunnel
Non stringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - Uncompressed
Nest float64Limit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- Uncompressed
Oversize float64Limit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- Unknown
Content stringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - Unknown
Http stringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - Verify
Dns stringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- address
Ip StringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - adom String
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - block
Page DoubleStatus Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- comfort
Amount Double - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- comfort
Interval Double - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- domain
Fronting String - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - fortinet
Bar String - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - fortinet
Bar DoublePort - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- h2c String
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - http09 String
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - http
Policy String - Enable/disable HTTP policy check. Valid values:
disable,enable. - inspect
All String - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - object
Firewall StringProfileprotocoloptions Http Id - an identifier for the resource.
- options List<String>
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - oversize
Limit Double - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- ports List<Double>
- Ports to scan for content (1 - 65535, default = 80).
- post
Langs List<String> - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - profile
Protocol StringOptions - Profile Protocol Options.
- proxy
After StringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - range
Block String - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - retry
Count Double - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- scan
Bzip2 String - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - scopetype String
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - ssl
Offloaded String - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - status String
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - stream
Based DoubleUncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- streaming
Content StringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - strip
XForwarded StringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - switching
Protocols String - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - tcp
Window DoubleMaximum - Maximum dynamic TCP window size (default = 8MB).
- tcp
Window DoubleMinimum - Minimum dynamic TCP window size (default = 128KB).
- tcp
Window DoubleSize - Set TCP static window size (default = 256KB).
- tcp
Window StringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - tunnel
Non StringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - uncompressed
Nest DoubleLimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- uncompressed
Oversize DoubleLimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- unknown
Content StringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - unknown
Http StringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - verify
Dns StringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- address
Ip stringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - block
Page numberStatus Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- comfort
Amount number - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- comfort
Interval number - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- domain
Fronting string - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - fortinet
Bar string - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - fortinet
Bar numberPort - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- h2c string
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - http09 string
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - http
Policy string - Enable/disable HTTP policy check. Valid values:
disable,enable. - inspect
All string - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - object
Firewall stringProfileprotocoloptions Http Id - an identifier for the resource.
- options string[]
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - oversize
Limit number - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- ports number[]
- Ports to scan for content (1 - 65535, default = 80).
- post
Langs string[] - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - profile
Protocol stringOptions - Profile Protocol Options.
- proxy
After stringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - range
Block string - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - retry
Count number - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- scan
Bzip2 string - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - ssl
Offloaded string - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - status string
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - stream
Based numberUncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- streaming
Content stringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - strip
XForwarded stringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - switching
Protocols string - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - tcp
Window numberMaximum - Maximum dynamic TCP window size (default = 8MB).
- tcp
Window numberMinimum - Minimum dynamic TCP window size (default = 128KB).
- tcp
Window numberSize - Set TCP static window size (default = 256KB).
- tcp
Window stringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - tunnel
Non stringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - uncompressed
Nest numberLimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- uncompressed
Oversize numberLimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- unknown
Content stringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - unknown
Http stringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - verify
Dns stringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- address_
ip_ strrating - Enable/disable IP based URL rating. Valid values:
disable,enable. - adom str
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - block_
page_ floatstatus_ code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- comfort_
amount float - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- comfort_
interval float - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- domain_
fronting str - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - fortinet_
bar str - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - fortinet_
bar_ floatport - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- h2c str
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - http09 str
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - http_
policy str - Enable/disable HTTP policy check. Valid values:
disable,enable. - inspect_
all str - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - object_
firewall_ strprofileprotocoloptions_ http_ id - an identifier for the resource.
- options Sequence[str]
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - oversize_
limit float - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- ports Sequence[float]
- Ports to scan for content (1 - 65535, default = 80).
- post_
langs Sequence[str] - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - profile_
protocol_ stroptions - Profile Protocol Options.
- proxy_
after_ strtcp_ handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - range_
block str - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - retry_
count float - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- scan_
bzip2 str - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - scopetype str
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - ssl_
offloaded str - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - status str
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - stream_
based_ floatuncompressed_ limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- streaming_
content_ strbypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - strip_
x_ strforwarded_ for - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - switching_
protocols str - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - tcp_
window_ floatmaximum - Maximum dynamic TCP window size (default = 8MB).
- tcp_
window_ floatminimum - Minimum dynamic TCP window size (default = 128KB).
- tcp_
window_ floatsize - Set TCP static window size (default = 256KB).
- tcp_
window_ strtype - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - tunnel_
non_ strhttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - uncompressed_
nest_ floatlimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- uncompressed_
oversize_ floatlimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- unknown_
content_ strencoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - unknown_
http_ strversion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - verify_
dns_ strfor_ policy_ matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
- address
Ip StringRating - Enable/disable IP based URL rating. Valid values:
disable,enable. - adom String
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - block
Page NumberStatus Code - Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599, default = 403).
- comfort
Amount Number - Amount of data to send in a transmission for client comforting (1 - 65535 bytes, default = 1).
- comfort
Interval Number - Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec, default = 10).
- domain
Fronting String - Configure HTTP domain fronting (default = block). Valid values:
block,monitor,allow. - fortinet
Bar String - Enable/disable Fortinet bar on HTML content. Valid values:
disable,enable. - fortinet
Bar NumberPort - Port for use by Fortinet Bar (1 - 65535, default = 8011).
- h2c String
- Enable/disable h2c HTTP connection upgrade. Valid values:
disable,enable. - http09 String
- Configure action to take upon receipt of HTTP 0.9 request. Valid values:
block,allow. - http
Policy String - Enable/disable HTTP policy check. Valid values:
disable,enable. - inspect
All String - Enable/disable the inspection of all ports for the protocol. Valid values:
disable,enable. - object
Firewall StringProfileprotocoloptions Http Id - an identifier for the resource.
- options List<String>
- One or more options that can be applied to the session. Valid values:
oversize,chunkedbypass,clientcomfort,no-content-summary,servercomfort. - oversize
Limit Number - Maximum in-memory file size that can be scanned (1 - 383 MB, default = 10).
- ports List<Number>
- Ports to scan for content (1 - 65535, default = 80).
- post
Langs List<String> - ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets). Valid values:
jisx0201,jisx0208,jisx0212,gb2312,ksc5601-ex,euc-jp,sjis,iso2022-jp,iso2022-jp-1,iso2022-jp-2,euc-cn,ces-gbk,hz,ces-big5,euc-kr,iso2022-jp-3,iso8859-1,tis620,cp874,cp1252,cp1251. - profile
Protocol StringOptions - Profile Protocol Options.
- proxy
After StringTcp Handshake - Proxy traffic after the TCP 3-way handshake has been established (not before). Valid values:
disable,enable. - range
Block String - Enable/disable blocking of partial downloads. Valid values:
disable,enable. - retry
Count Number - Number of attempts to retry HTTP connection (0 - 100, default = 0).
- scan
Bzip2 String - Enable/disable scanning of BZip2 compressed files. Valid values:
disable,enable. - scopetype String
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - ssl
Offloaded String - SSL decryption and encryption performed by an external device. Valid values:
no,yes. - status String
- Enable/disable the active status of scanning for this protocol. Valid values:
disable,enable. - stream
Based NumberUncompressed Limit - Maximum stream-based uncompressed data size that will be scanned (MB, 0 = unlimited (default). Stream-based uncompression used only under certain conditions.).
- streaming
Content StringBypass - Enable/disable bypassing of streaming content from buffering. Valid values:
disable,enable. - strip
XForwarded StringFor - Enable/disable stripping of HTTP X-Forwarded-For header. Valid values:
disable,enable. - switching
Protocols String - Bypass from scanning, or block a connection that attempts to switch protocol. Valid values:
bypass,block. - tcp
Window NumberMaximum - Maximum dynamic TCP window size (default = 8MB).
- tcp
Window NumberMinimum - Minimum dynamic TCP window size (default = 128KB).
- tcp
Window NumberSize - Set TCP static window size (default = 256KB).
- tcp
Window StringType - Specify type of TCP window to use for this protocol. Valid values:
system,static,dynamic. - tunnel
Non StringHttp - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. Valid values:
disable,enable. - uncompressed
Nest NumberLimit - Maximum nested levels of compression that can be uncompressed and scanned (2 - 100, default = 12).
- uncompressed
Oversize NumberLimit - Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited, default = 10).
- unknown
Content StringEncoding - Configure the action the FortiGate unit will take on unknown content-encoding. Valid values:
block,inspect,bypass. - unknown
Http StringVersion - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. Valid values:
best-effort,reject,tunnel. - verify
Dns StringFor Policy Matching - Enable/disable verification of DNS for policy matching. Valid values:
disable,enable.
Import
ObjectFirewall ProfileProtocolOptionsHttp can be imported using any of these accepted formats:
Set import_options = [“profile_protocol_options=YOUR_VALUE”] in the provider section.
$ export “FORTIMANAGER_IMPORT_TABLE”=“true”
$ pulumi import fortimanager:index/objectFirewallProfileprotocoloptionsHttp:ObjectFirewallProfileprotocoloptionsHttp labelname ObjectFirewallProfileProtocolOptionsHttp
$ unset “FORTIMANAGER_IMPORT_TABLE”
-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortimanager fortinetdev/terraform-provider-fortimanager
- License
- Notes
- This Pulumi package is based on the
fortimanagerTerraform Provider.
fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev