1. Packages
  2. Fortios
  3. API Docs
  4. user
  5. Setting
Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

fortios.user.Setting

Explore with Pulumi AI

fortios logo
Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse

    Configure user authentication setting.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as fortios from "@pulumiverse/fortios";
    
    const trname = new fortios.user.Setting("trname", {
        authBlackoutTime: 0,
        authCert: "Fortinet_Factory",
        authHttpBasic: "disable",
        authInvalidMax: 5,
        authLockoutDuration: 0,
        authLockoutThreshold: 3,
        authOnDemand: "implicitly",
        authPortalTimeout: 3,
        authSecureHttp: "disable",
        authSrcMac: "enable",
        authSslAllowRenegotiation: "disable",
        authTimeout: 5,
        authTimeoutType: "idle-timeout",
        authType: "http https ftp telnet",
        radiusSesTimeoutAct: "hard-timeout",
    });
    
    import pulumi
    import pulumiverse_fortios as fortios
    
    trname = fortios.user.Setting("trname",
        auth_blackout_time=0,
        auth_cert="Fortinet_Factory",
        auth_http_basic="disable",
        auth_invalid_max=5,
        auth_lockout_duration=0,
        auth_lockout_threshold=3,
        auth_on_demand="implicitly",
        auth_portal_timeout=3,
        auth_secure_http="disable",
        auth_src_mac="enable",
        auth_ssl_allow_renegotiation="disable",
        auth_timeout=5,
        auth_timeout_type="idle-timeout",
        auth_type="http https ftp telnet",
        radius_ses_timeout_act="hard-timeout")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/user"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := user.NewSetting(ctx, "trname", &user.SettingArgs{
    			AuthBlackoutTime:          pulumi.Int(0),
    			AuthCert:                  pulumi.String("Fortinet_Factory"),
    			AuthHttpBasic:             pulumi.String("disable"),
    			AuthInvalidMax:            pulumi.Int(5),
    			AuthLockoutDuration:       pulumi.Int(0),
    			AuthLockoutThreshold:      pulumi.Int(3),
    			AuthOnDemand:              pulumi.String("implicitly"),
    			AuthPortalTimeout:         pulumi.Int(3),
    			AuthSecureHttp:            pulumi.String("disable"),
    			AuthSrcMac:                pulumi.String("enable"),
    			AuthSslAllowRenegotiation: pulumi.String("disable"),
    			AuthTimeout:               pulumi.Int(5),
    			AuthTimeoutType:           pulumi.String("idle-timeout"),
    			AuthType:                  pulumi.String("http https ftp telnet"),
    			RadiusSesTimeoutAct:       pulumi.String("hard-timeout"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Fortios = Pulumiverse.Fortios;
    
    return await Deployment.RunAsync(() => 
    {
        var trname = new Fortios.User.Setting("trname", new()
        {
            AuthBlackoutTime = 0,
            AuthCert = "Fortinet_Factory",
            AuthHttpBasic = "disable",
            AuthInvalidMax = 5,
            AuthLockoutDuration = 0,
            AuthLockoutThreshold = 3,
            AuthOnDemand = "implicitly",
            AuthPortalTimeout = 3,
            AuthSecureHttp = "disable",
            AuthSrcMac = "enable",
            AuthSslAllowRenegotiation = "disable",
            AuthTimeout = 5,
            AuthTimeoutType = "idle-timeout",
            AuthType = "http https ftp telnet",
            RadiusSesTimeoutAct = "hard-timeout",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.fortios.user.Setting;
    import com.pulumi.fortios.user.SettingArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var trname = new Setting("trname", SettingArgs.builder()        
                .authBlackoutTime(0)
                .authCert("Fortinet_Factory")
                .authHttpBasic("disable")
                .authInvalidMax(5)
                .authLockoutDuration(0)
                .authLockoutThreshold(3)
                .authOnDemand("implicitly")
                .authPortalTimeout(3)
                .authSecureHttp("disable")
                .authSrcMac("enable")
                .authSslAllowRenegotiation("disable")
                .authTimeout(5)
                .authTimeoutType("idle-timeout")
                .authType("http https ftp telnet")
                .radiusSesTimeoutAct("hard-timeout")
                .build());
    
        }
    }
    
    resources:
      trname:
        type: fortios:user:Setting
        properties:
          authBlackoutTime: 0
          authCert: Fortinet_Factory
          authHttpBasic: disable
          authInvalidMax: 5
          authLockoutDuration: 0
          authLockoutThreshold: 3
          authOnDemand: implicitly
          authPortalTimeout: 3
          authSecureHttp: disable
          authSrcMac: enable
          authSslAllowRenegotiation: disable
          authTimeout: 5
          authTimeoutType: idle-timeout
          authType: http https ftp telnet
          radiusSesTimeoutAct: hard-timeout
    

    Create Setting Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Setting(name: string, args?: SettingArgs, opts?: CustomResourceOptions);
    @overload
    def Setting(resource_name: str,
                args: Optional[SettingArgs] = None,
                opts: Optional[ResourceOptions] = None)
    
    @overload
    def Setting(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                auth_blackout_time: Optional[int] = None,
                auth_ca_cert: Optional[str] = None,
                auth_cert: Optional[str] = None,
                auth_http_basic: Optional[str] = None,
                auth_invalid_max: Optional[int] = None,
                auth_lockout_duration: Optional[int] = None,
                auth_lockout_threshold: Optional[int] = None,
                auth_on_demand: Optional[str] = None,
                auth_portal_timeout: Optional[int] = None,
                auth_ports: Optional[Sequence[SettingAuthPortArgs]] = None,
                auth_secure_http: Optional[str] = None,
                auth_src_mac: Optional[str] = None,
                auth_ssl_allow_renegotiation: Optional[str] = None,
                auth_ssl_max_proto_version: Optional[str] = None,
                auth_ssl_min_proto_version: Optional[str] = None,
                auth_ssl_sigalgs: Optional[str] = None,
                auth_timeout: Optional[int] = None,
                auth_timeout_type: Optional[str] = None,
                auth_type: Optional[str] = None,
                default_user_password_policy: Optional[str] = None,
                dynamic_sort_subtable: Optional[str] = None,
                get_all_tables: Optional[str] = None,
                per_policy_disclaimer: Optional[str] = None,
                radius_ses_timeout_act: Optional[str] = None,
                vdomparam: Optional[str] = None)
    func NewSetting(ctx *Context, name string, args *SettingArgs, opts ...ResourceOption) (*Setting, error)
    public Setting(string name, SettingArgs? args = null, CustomResourceOptions? opts = null)
    public Setting(String name, SettingArgs args)
    public Setting(String name, SettingArgs args, CustomResourceOptions options)
    
    type: fortios:user:Setting
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SettingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SettingArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SettingArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SettingArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SettingArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var examplesettingResourceResourceFromUsersetting = new Fortios.User.Setting("examplesettingResourceResourceFromUsersetting", new()
    {
        AuthBlackoutTime = 0,
        AuthCaCert = "string",
        AuthCert = "string",
        AuthHttpBasic = "string",
        AuthInvalidMax = 0,
        AuthLockoutDuration = 0,
        AuthLockoutThreshold = 0,
        AuthOnDemand = "string",
        AuthPortalTimeout = 0,
        AuthPorts = new[]
        {
            new Fortios.User.Inputs.SettingAuthPortArgs
            {
                Id = 0,
                Port = 0,
                Type = "string",
            },
        },
        AuthSecureHttp = "string",
        AuthSrcMac = "string",
        AuthSslAllowRenegotiation = "string",
        AuthSslMaxProtoVersion = "string",
        AuthSslMinProtoVersion = "string",
        AuthSslSigalgs = "string",
        AuthTimeout = 0,
        AuthTimeoutType = "string",
        AuthType = "string",
        DefaultUserPasswordPolicy = "string",
        DynamicSortSubtable = "string",
        GetAllTables = "string",
        PerPolicyDisclaimer = "string",
        RadiusSesTimeoutAct = "string",
        Vdomparam = "string",
    });
    
    example, err := user.NewSetting(ctx, "examplesettingResourceResourceFromUsersetting", &user.SettingArgs{
    	AuthBlackoutTime:     pulumi.Int(0),
    	AuthCaCert:           pulumi.String("string"),
    	AuthCert:             pulumi.String("string"),
    	AuthHttpBasic:        pulumi.String("string"),
    	AuthInvalidMax:       pulumi.Int(0),
    	AuthLockoutDuration:  pulumi.Int(0),
    	AuthLockoutThreshold: pulumi.Int(0),
    	AuthOnDemand:         pulumi.String("string"),
    	AuthPortalTimeout:    pulumi.Int(0),
    	AuthPorts: user.SettingAuthPortArray{
    		&user.SettingAuthPortArgs{
    			Id:   pulumi.Int(0),
    			Port: pulumi.Int(0),
    			Type: pulumi.String("string"),
    		},
    	},
    	AuthSecureHttp:            pulumi.String("string"),
    	AuthSrcMac:                pulumi.String("string"),
    	AuthSslAllowRenegotiation: pulumi.String("string"),
    	AuthSslMaxProtoVersion:    pulumi.String("string"),
    	AuthSslMinProtoVersion:    pulumi.String("string"),
    	AuthSslSigalgs:            pulumi.String("string"),
    	AuthTimeout:               pulumi.Int(0),
    	AuthTimeoutType:           pulumi.String("string"),
    	AuthType:                  pulumi.String("string"),
    	DefaultUserPasswordPolicy: pulumi.String("string"),
    	DynamicSortSubtable:       pulumi.String("string"),
    	GetAllTables:              pulumi.String("string"),
    	PerPolicyDisclaimer:       pulumi.String("string"),
    	RadiusSesTimeoutAct:       pulumi.String("string"),
    	Vdomparam:                 pulumi.String("string"),
    })
    
    var examplesettingResourceResourceFromUsersetting = new Setting("examplesettingResourceResourceFromUsersetting", SettingArgs.builder()
        .authBlackoutTime(0)
        .authCaCert("string")
        .authCert("string")
        .authHttpBasic("string")
        .authInvalidMax(0)
        .authLockoutDuration(0)
        .authLockoutThreshold(0)
        .authOnDemand("string")
        .authPortalTimeout(0)
        .authPorts(SettingAuthPortArgs.builder()
            .id(0)
            .port(0)
            .type("string")
            .build())
        .authSecureHttp("string")
        .authSrcMac("string")
        .authSslAllowRenegotiation("string")
        .authSslMaxProtoVersion("string")
        .authSslMinProtoVersion("string")
        .authSslSigalgs("string")
        .authTimeout(0)
        .authTimeoutType("string")
        .authType("string")
        .defaultUserPasswordPolicy("string")
        .dynamicSortSubtable("string")
        .getAllTables("string")
        .perPolicyDisclaimer("string")
        .radiusSesTimeoutAct("string")
        .vdomparam("string")
        .build());
    
    examplesetting_resource_resource_from_usersetting = fortios.user.Setting("examplesettingResourceResourceFromUsersetting",
        auth_blackout_time=0,
        auth_ca_cert="string",
        auth_cert="string",
        auth_http_basic="string",
        auth_invalid_max=0,
        auth_lockout_duration=0,
        auth_lockout_threshold=0,
        auth_on_demand="string",
        auth_portal_timeout=0,
        auth_ports=[fortios.user.SettingAuthPortArgs(
            id=0,
            port=0,
            type="string",
        )],
        auth_secure_http="string",
        auth_src_mac="string",
        auth_ssl_allow_renegotiation="string",
        auth_ssl_max_proto_version="string",
        auth_ssl_min_proto_version="string",
        auth_ssl_sigalgs="string",
        auth_timeout=0,
        auth_timeout_type="string",
        auth_type="string",
        default_user_password_policy="string",
        dynamic_sort_subtable="string",
        get_all_tables="string",
        per_policy_disclaimer="string",
        radius_ses_timeout_act="string",
        vdomparam="string")
    
    const examplesettingResourceResourceFromUsersetting = new fortios.user.Setting("examplesettingResourceResourceFromUsersetting", {
        authBlackoutTime: 0,
        authCaCert: "string",
        authCert: "string",
        authHttpBasic: "string",
        authInvalidMax: 0,
        authLockoutDuration: 0,
        authLockoutThreshold: 0,
        authOnDemand: "string",
        authPortalTimeout: 0,
        authPorts: [{
            id: 0,
            port: 0,
            type: "string",
        }],
        authSecureHttp: "string",
        authSrcMac: "string",
        authSslAllowRenegotiation: "string",
        authSslMaxProtoVersion: "string",
        authSslMinProtoVersion: "string",
        authSslSigalgs: "string",
        authTimeout: 0,
        authTimeoutType: "string",
        authType: "string",
        defaultUserPasswordPolicy: "string",
        dynamicSortSubtable: "string",
        getAllTables: "string",
        perPolicyDisclaimer: "string",
        radiusSesTimeoutAct: "string",
        vdomparam: "string",
    });
    
    type: fortios:user:Setting
    properties:
        authBlackoutTime: 0
        authCaCert: string
        authCert: string
        authHttpBasic: string
        authInvalidMax: 0
        authLockoutDuration: 0
        authLockoutThreshold: 0
        authOnDemand: string
        authPortalTimeout: 0
        authPorts:
            - id: 0
              port: 0
              type: string
        authSecureHttp: string
        authSrcMac: string
        authSslAllowRenegotiation: string
        authSslMaxProtoVersion: string
        authSslMinProtoVersion: string
        authSslSigalgs: string
        authTimeout: 0
        authTimeoutType: string
        authType: string
        defaultUserPasswordPolicy: string
        dynamicSortSubtable: string
        getAllTables: string
        perPolicyDisclaimer: string
        radiusSesTimeoutAct: string
        vdomparam: string
    

    Setting Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Setting resource accepts the following input properties:

    AuthBlackoutTime int
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    AuthCaCert string
    HTTPS CA certificate for policy authentication.
    AuthCert string
    HTTPS server certificate for policy authentication.
    AuthHttpBasic string
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    AuthInvalidMax int
    Maximum number of failed authentication attempts before the user is blocked.
    AuthLockoutDuration int
    Lockout period in seconds after too many login failures.
    AuthLockoutThreshold int
    Maximum number of failed login attempts before login lockout is triggered.
    AuthOnDemand string
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    AuthPortalTimeout int
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    AuthPorts List<Pulumiverse.Fortios.User.Inputs.SettingAuthPort>
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    AuthSecureHttp string
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    AuthSrcMac string
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    AuthSslAllowRenegotiation string
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    AuthSslMaxProtoVersion string
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    AuthSslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    AuthSslSigalgs string
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    AuthTimeout int
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    AuthTimeoutType string
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    AuthType string
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    DefaultUserPasswordPolicy string
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    PerPolicyDisclaimer string
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    RadiusSesTimeoutAct string
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    AuthBlackoutTime int
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    AuthCaCert string
    HTTPS CA certificate for policy authentication.
    AuthCert string
    HTTPS server certificate for policy authentication.
    AuthHttpBasic string
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    AuthInvalidMax int
    Maximum number of failed authentication attempts before the user is blocked.
    AuthLockoutDuration int
    Lockout period in seconds after too many login failures.
    AuthLockoutThreshold int
    Maximum number of failed login attempts before login lockout is triggered.
    AuthOnDemand string
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    AuthPortalTimeout int
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    AuthPorts []SettingAuthPortArgs
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    AuthSecureHttp string
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    AuthSrcMac string
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    AuthSslAllowRenegotiation string
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    AuthSslMaxProtoVersion string
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    AuthSslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    AuthSslSigalgs string
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    AuthTimeout int
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    AuthTimeoutType string
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    AuthType string
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    DefaultUserPasswordPolicy string
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    PerPolicyDisclaimer string
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    RadiusSesTimeoutAct string
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    authBlackoutTime Integer
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    authCaCert String
    HTTPS CA certificate for policy authentication.
    authCert String
    HTTPS server certificate for policy authentication.
    authHttpBasic String
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    authInvalidMax Integer
    Maximum number of failed authentication attempts before the user is blocked.
    authLockoutDuration Integer
    Lockout period in seconds after too many login failures.
    authLockoutThreshold Integer
    Maximum number of failed login attempts before login lockout is triggered.
    authOnDemand String
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    authPortalTimeout Integer
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    authPorts List<SettingAuthPort>
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    authSecureHttp String
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    authSrcMac String
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    authSslAllowRenegotiation String
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    authSslMaxProtoVersion String
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    authSslMinProtoVersion String
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    authSslSigalgs String
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    authTimeout Integer
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    authTimeoutType String
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    authType String
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    defaultUserPasswordPolicy String
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    perPolicyDisclaimer String
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    radiusSesTimeoutAct String
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    authBlackoutTime number
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    authCaCert string
    HTTPS CA certificate for policy authentication.
    authCert string
    HTTPS server certificate for policy authentication.
    authHttpBasic string
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    authInvalidMax number
    Maximum number of failed authentication attempts before the user is blocked.
    authLockoutDuration number
    Lockout period in seconds after too many login failures.
    authLockoutThreshold number
    Maximum number of failed login attempts before login lockout is triggered.
    authOnDemand string
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    authPortalTimeout number
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    authPorts SettingAuthPort[]
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    authSecureHttp string
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    authSrcMac string
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    authSslAllowRenegotiation string
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    authSslMaxProtoVersion string
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    authSslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    authSslSigalgs string
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    authTimeout number
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    authTimeoutType string
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    authType string
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    defaultUserPasswordPolicy string
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    dynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    perPolicyDisclaimer string
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    radiusSesTimeoutAct string
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    auth_blackout_time int
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    auth_ca_cert str
    HTTPS CA certificate for policy authentication.
    auth_cert str
    HTTPS server certificate for policy authentication.
    auth_http_basic str
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    auth_invalid_max int
    Maximum number of failed authentication attempts before the user is blocked.
    auth_lockout_duration int
    Lockout period in seconds after too many login failures.
    auth_lockout_threshold int
    Maximum number of failed login attempts before login lockout is triggered.
    auth_on_demand str
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    auth_portal_timeout int
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    auth_ports Sequence[SettingAuthPortArgs]
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    auth_secure_http str
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    auth_src_mac str
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    auth_ssl_allow_renegotiation str
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    auth_ssl_max_proto_version str
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    auth_ssl_min_proto_version str
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    auth_ssl_sigalgs str
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    auth_timeout int
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    auth_timeout_type str
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    auth_type str
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    default_user_password_policy str
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    dynamic_sort_subtable str
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    get_all_tables str
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    per_policy_disclaimer str
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    radius_ses_timeout_act str
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    authBlackoutTime Number
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    authCaCert String
    HTTPS CA certificate for policy authentication.
    authCert String
    HTTPS server certificate for policy authentication.
    authHttpBasic String
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    authInvalidMax Number
    Maximum number of failed authentication attempts before the user is blocked.
    authLockoutDuration Number
    Lockout period in seconds after too many login failures.
    authLockoutThreshold Number
    Maximum number of failed login attempts before login lockout is triggered.
    authOnDemand String
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    authPortalTimeout Number
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    authPorts List<Property Map>
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    authSecureHttp String
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    authSrcMac String
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    authSslAllowRenegotiation String
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    authSslMaxProtoVersion String
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    authSslMinProtoVersion String
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    authSslSigalgs String
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    authTimeout Number
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    authTimeoutType String
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    authType String
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    defaultUserPasswordPolicy String
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    perPolicyDisclaimer String
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    radiusSesTimeoutAct String
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Setting resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Setting Resource

    Get an existing Setting resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SettingState, opts?: CustomResourceOptions): Setting
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            auth_blackout_time: Optional[int] = None,
            auth_ca_cert: Optional[str] = None,
            auth_cert: Optional[str] = None,
            auth_http_basic: Optional[str] = None,
            auth_invalid_max: Optional[int] = None,
            auth_lockout_duration: Optional[int] = None,
            auth_lockout_threshold: Optional[int] = None,
            auth_on_demand: Optional[str] = None,
            auth_portal_timeout: Optional[int] = None,
            auth_ports: Optional[Sequence[SettingAuthPortArgs]] = None,
            auth_secure_http: Optional[str] = None,
            auth_src_mac: Optional[str] = None,
            auth_ssl_allow_renegotiation: Optional[str] = None,
            auth_ssl_max_proto_version: Optional[str] = None,
            auth_ssl_min_proto_version: Optional[str] = None,
            auth_ssl_sigalgs: Optional[str] = None,
            auth_timeout: Optional[int] = None,
            auth_timeout_type: Optional[str] = None,
            auth_type: Optional[str] = None,
            default_user_password_policy: Optional[str] = None,
            dynamic_sort_subtable: Optional[str] = None,
            get_all_tables: Optional[str] = None,
            per_policy_disclaimer: Optional[str] = None,
            radius_ses_timeout_act: Optional[str] = None,
            vdomparam: Optional[str] = None) -> Setting
    func GetSetting(ctx *Context, name string, id IDInput, state *SettingState, opts ...ResourceOption) (*Setting, error)
    public static Setting Get(string name, Input<string> id, SettingState? state, CustomResourceOptions? opts = null)
    public static Setting get(String name, Output<String> id, SettingState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AuthBlackoutTime int
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    AuthCaCert string
    HTTPS CA certificate for policy authentication.
    AuthCert string
    HTTPS server certificate for policy authentication.
    AuthHttpBasic string
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    AuthInvalidMax int
    Maximum number of failed authentication attempts before the user is blocked.
    AuthLockoutDuration int
    Lockout period in seconds after too many login failures.
    AuthLockoutThreshold int
    Maximum number of failed login attempts before login lockout is triggered.
    AuthOnDemand string
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    AuthPortalTimeout int
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    AuthPorts List<Pulumiverse.Fortios.User.Inputs.SettingAuthPort>
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    AuthSecureHttp string
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    AuthSrcMac string
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    AuthSslAllowRenegotiation string
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    AuthSslMaxProtoVersion string
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    AuthSslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    AuthSslSigalgs string
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    AuthTimeout int
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    AuthTimeoutType string
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    AuthType string
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    DefaultUserPasswordPolicy string
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    PerPolicyDisclaimer string
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    RadiusSesTimeoutAct string
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    AuthBlackoutTime int
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    AuthCaCert string
    HTTPS CA certificate for policy authentication.
    AuthCert string
    HTTPS server certificate for policy authentication.
    AuthHttpBasic string
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    AuthInvalidMax int
    Maximum number of failed authentication attempts before the user is blocked.
    AuthLockoutDuration int
    Lockout period in seconds after too many login failures.
    AuthLockoutThreshold int
    Maximum number of failed login attempts before login lockout is triggered.
    AuthOnDemand string
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    AuthPortalTimeout int
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    AuthPorts []SettingAuthPortArgs
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    AuthSecureHttp string
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    AuthSrcMac string
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    AuthSslAllowRenegotiation string
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    AuthSslMaxProtoVersion string
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    AuthSslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    AuthSslSigalgs string
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    AuthTimeout int
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    AuthTimeoutType string
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    AuthType string
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    DefaultUserPasswordPolicy string
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    DynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    GetAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    PerPolicyDisclaimer string
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    RadiusSesTimeoutAct string
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    authBlackoutTime Integer
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    authCaCert String
    HTTPS CA certificate for policy authentication.
    authCert String
    HTTPS server certificate for policy authentication.
    authHttpBasic String
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    authInvalidMax Integer
    Maximum number of failed authentication attempts before the user is blocked.
    authLockoutDuration Integer
    Lockout period in seconds after too many login failures.
    authLockoutThreshold Integer
    Maximum number of failed login attempts before login lockout is triggered.
    authOnDemand String
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    authPortalTimeout Integer
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    authPorts List<SettingAuthPort>
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    authSecureHttp String
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    authSrcMac String
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    authSslAllowRenegotiation String
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    authSslMaxProtoVersion String
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    authSslMinProtoVersion String
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    authSslSigalgs String
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    authTimeout Integer
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    authTimeoutType String
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    authType String
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    defaultUserPasswordPolicy String
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    perPolicyDisclaimer String
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    radiusSesTimeoutAct String
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    authBlackoutTime number
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    authCaCert string
    HTTPS CA certificate for policy authentication.
    authCert string
    HTTPS server certificate for policy authentication.
    authHttpBasic string
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    authInvalidMax number
    Maximum number of failed authentication attempts before the user is blocked.
    authLockoutDuration number
    Lockout period in seconds after too many login failures.
    authLockoutThreshold number
    Maximum number of failed login attempts before login lockout is triggered.
    authOnDemand string
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    authPortalTimeout number
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    authPorts SettingAuthPort[]
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    authSecureHttp string
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    authSrcMac string
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    authSslAllowRenegotiation string
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    authSslMaxProtoVersion string
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    authSslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    authSslSigalgs string
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    authTimeout number
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    authTimeoutType string
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    authType string
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    defaultUserPasswordPolicy string
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    dynamicSortSubtable string
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables string
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    perPolicyDisclaimer string
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    radiusSesTimeoutAct string
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    auth_blackout_time int
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    auth_ca_cert str
    HTTPS CA certificate for policy authentication.
    auth_cert str
    HTTPS server certificate for policy authentication.
    auth_http_basic str
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    auth_invalid_max int
    Maximum number of failed authentication attempts before the user is blocked.
    auth_lockout_duration int
    Lockout period in seconds after too many login failures.
    auth_lockout_threshold int
    Maximum number of failed login attempts before login lockout is triggered.
    auth_on_demand str
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    auth_portal_timeout int
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    auth_ports Sequence[SettingAuthPortArgs]
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    auth_secure_http str
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    auth_src_mac str
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    auth_ssl_allow_renegotiation str
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    auth_ssl_max_proto_version str
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    auth_ssl_min_proto_version str
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    auth_ssl_sigalgs str
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    auth_timeout int
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    auth_timeout_type str
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    auth_type str
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    default_user_password_policy str
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    dynamic_sort_subtable str
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    get_all_tables str
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    per_policy_disclaimer str
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    radius_ses_timeout_act str
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    authBlackoutTime Number
    Time in seconds an IP address is denied access after failing to authenticate five times within one minute.
    authCaCert String
    HTTPS CA certificate for policy authentication.
    authCert String
    HTTPS server certificate for policy authentication.
    authHttpBasic String
    Enable/disable use of HTTP basic authentication for identity-based firewall policies. Valid values: enable, disable.
    authInvalidMax Number
    Maximum number of failed authentication attempts before the user is blocked.
    authLockoutDuration Number
    Lockout period in seconds after too many login failures.
    authLockoutThreshold Number
    Maximum number of failed login attempts before login lockout is triggered.
    authOnDemand String
    Always/implicitly trigger firewall authentication on demand. Valid values: always, implicitly.
    authPortalTimeout Number
    Time in minutes before captive portal user have to re-authenticate (1 - 30 min, default 3 min).
    authPorts List<Property Map>
    Set up non-standard ports for authentication with HTTP, HTTPS, FTP, and TELNET. The structure of auth_ports block is documented below.
    authSecureHttp String
    Enable/disable redirecting HTTP user authentication to more secure HTTPS. Valid values: enable, disable.
    authSrcMac String
    Enable/disable source MAC for user identity. Valid values: enable, disable.
    authSslAllowRenegotiation String
    Allow/forbid SSL re-negotiation for HTTPS authentication. Valid values: enable, disable.
    authSslMaxProtoVersion String
    Maximum supported protocol version for SSL/TLS connections (default is no limit). Valid values: sslv3, tlsv1, tlsv1-1, tlsv1-2, tlsv1-3.
    authSslMinProtoVersion String
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    authSslSigalgs String
    Set signature algorithms related to HTTPS authentication (affects TLS version <= 1.2 only, default is to enable all). Valid values: no-rsa-pss, all.
    authTimeout Number
    Time in minutes before the firewall user authentication timeout requires the user to re-authenticate.
    authTimeoutType String
    Control if authenticated users have to login again after a hard timeout, after an idle timeout, or after a session timeout. Valid values: idle-timeout, hard-timeout, new-session.
    authType String
    Supported firewall policy authentication protocols/methods. Valid values: http, https, ftp, telnet.
    defaultUserPasswordPolicy String
    Default password policy to apply to all local users unless otherwise specified, as defined in config user password-policy.
    dynamicSortSubtable String
    Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
    getAllTables String
    Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwish conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
    perPolicyDisclaimer String
    Enable/disable per policy disclaimer. Valid values: enable, disable.
    radiusSesTimeoutAct String
    Set the RADIUS session timeout to a hard timeout or to ignore RADIUS server session timeouts. Valid values: hard-timeout, ignore-timeout.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

    Supporting Types

    SettingAuthPort, SettingAuthPortArgs

    Id int
    ID.
    Port int
    Non-standard port for firewall user authentication.
    Type string
    Service type. Valid values: http, https, ftp, telnet.
    Id int
    ID.
    Port int
    Non-standard port for firewall user authentication.
    Type string
    Service type. Valid values: http, https, ftp, telnet.
    id Integer
    ID.
    port Integer
    Non-standard port for firewall user authentication.
    type String
    Service type. Valid values: http, https, ftp, telnet.
    id number
    ID.
    port number
    Non-standard port for firewall user authentication.
    type string
    Service type. Valid values: http, https, ftp, telnet.
    id int
    ID.
    port int
    Non-standard port for firewall user authentication.
    type str
    Service type. Valid values: http, https, ftp, telnet.
    id Number
    ID.
    port Number
    Non-standard port for firewall user authentication.
    type String
    Service type. Valid values: http, https, ftp, telnet.

    Import

    User Setting can be imported using any of these accepted formats:

    $ pulumi import fortios:user/setting:Setting labelname UserSetting
    

    If you do not want to import arguments of block:

    $ export “FORTIOS_IMPORT_TABLE”=“false”

    $ pulumi import fortios:user/setting:Setting labelname UserSetting
    

    $ unset “FORTIOS_IMPORT_TABLE”

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    fortios pulumiverse/pulumi-fortios
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the fortios Terraform Provider.
    fortios logo
    Fortios v0.0.5 published on Tuesday, Apr 9, 2024 by pulumiverse