fortimanager 1.14.0, Apr 15 25

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectIpsSensor

Explore with Pulumi AI

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

import * as pulumi from "@pulumi/pulumi";
import * as fortimanager from "@pulumi/fortimanager";

const trname = new fortimanager.ObjectIpsSensor("trname", {
    blockMaliciousUrl: "disable",
    comment: "terraform-comment",
});

import pulumi
import pulumi_fortimanager as fortimanager

trname = fortimanager.ObjectIpsSensor("trname",
    block_malicious_url="disable",
    comment="terraform-comment")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/fortimanager/fortimanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fortimanager.NewObjectIpsSensor(ctx, "trname", &fortimanager.ObjectIpsSensorArgs{
			BlockMaliciousUrl: pulumi.String("disable"),
			Comment:           pulumi.String("terraform-comment"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortimanager = Pulumi.Fortimanager;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortimanager.ObjectIpsSensor("trname", new()
    {
        BlockMaliciousUrl = "disable",
        Comment = "terraform-comment",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortimanager.ObjectIpsSensor;
import com.pulumi.fortimanager.ObjectIpsSensorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new ObjectIpsSensor("trname", ObjectIpsSensorArgs.builder()
            .blockMaliciousUrl("disable")
            .comment("terraform-comment")
            .build());

    }
}

resources:
  trname:
    type: fortimanager:ObjectIpsSensor
    properties:
      blockMaliciousUrl: disable
      comment: terraform-comment

Create ObjectIpsSensor Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

TypeScript
Python
Go
C#
Java
YAML

new ObjectIpsSensor(name: string, args?: ObjectIpsSensorArgs, opts?: CustomResourceOptions);

@overload
def ObjectIpsSensor(resource_name: str,
                    args: Optional[ObjectIpsSensorArgs] = None,
                    opts: Optional[ResourceOptions] = None)

@overload
def ObjectIpsSensor(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    _baseline: Optional[str] = None,
                    adom: Optional[str] = None,
                    block_malicious_url: Optional[str] = None,
                    comment: Optional[str] = None,
                    dynamic_sort_subtable: Optional[str] = None,
                    entries: Optional[Sequence[ObjectIpsSensorEntryArgs]] = None,
                    extended_log: Optional[str] = None,
                    name: Optional[str] = None,
                    object_ips_sensor_id: Optional[str] = None,
                    replacemsg_group: Optional[str] = None,
                    scan_botnet_connections: Optional[str] = None,
                    scopetype: Optional[str] = None)

func NewObjectIpsSensor(ctx *Context, name string, args *ObjectIpsSensorArgs, opts ...ResourceOption) (*ObjectIpsSensor, error)

public ObjectIpsSensor(string name, ObjectIpsSensorArgs? args = null, CustomResourceOptions? opts = null)

public ObjectIpsSensor(String name, ObjectIpsSensorArgs args)
public ObjectIpsSensor(String name, ObjectIpsSensorArgs args, CustomResourceOptions options)

type: fortimanager:ObjectIpsSensor
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ObjectIpsSensorArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ObjectIpsSensorArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ObjectIpsSensorArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ObjectIpsSensorArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ObjectIpsSensorArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

TypeScript
Python
Go
C#
Java
YAML

var objectIpsSensorResource = new Fortimanager.ObjectIpsSensor("objectIpsSensorResource", new()
{
    _baseline = "string",
    Adom = "string",
    BlockMaliciousUrl = "string",
    Comment = "string",
    DynamicSortSubtable = "string",
    Entries = new[]
    {
        new Fortimanager.Inputs.ObjectIpsSensorEntryArgs
        {
            Action = "string",
            Applications = new[]
            {
                "string",
            },
            Cves = new[]
            {
                "string",
            },
            DefaultAction = "string",
            DefaultStatus = "string",
            ExemptIps = new[]
            {
                new Fortimanager.Inputs.ObjectIpsSensorEntryExemptIpArgs
                {
                    DstIp = "string",
                    Id = 0,
                    SrcIp = "string",
                },
            },
            Id = 0,
            LastModified = "string",
            Locations = new[]
            {
                "string",
            },
            Log = "string",
            LogAttackContext = "string",
            LogPacket = "string",
            Os = new[]
            {
                "string",
            },
            Protocols = new[]
            {
                "string",
            },
            Quarantine = "string",
            QuarantineExpiry = "string",
            QuarantineLog = "string",
            RateCount = 0,
            RateDuration = 0,
            RateMode = "string",
            RateTrack = "string",
            Rule = "string",
            Severities = new[]
            {
                "string",
            },
            Status = "string",
            VulnTypes = new[]
            {
                0,
            },
        },
    },
    ExtendedLog = "string",
    Name = "string",
    ObjectIpsSensorId = "string",
    ReplacemsgGroup = "string",
    ScanBotnetConnections = "string",
    Scopetype = "string",
});

example, err := fortimanager.NewObjectIpsSensor(ctx, "objectIpsSensorResource", &fortimanager.ObjectIpsSensorArgs{
_baseline: pulumi.String("string"),
Adom: pulumi.String("string"),
BlockMaliciousUrl: pulumi.String("string"),
Comment: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
Entries: .ObjectIpsSensorEntryArray{
&.ObjectIpsSensorEntryArgs{
Action: pulumi.String("string"),
Applications: pulumi.StringArray{
pulumi.String("string"),
},
Cves: pulumi.StringArray{
pulumi.String("string"),
},
DefaultAction: pulumi.String("string"),
DefaultStatus: pulumi.String("string"),
ExemptIps: .ObjectIpsSensorEntryExemptIpArray{
&.ObjectIpsSensorEntryExemptIpArgs{
DstIp: pulumi.String("string"),
Id: pulumi.Float64(0),
SrcIp: pulumi.String("string"),
},
},
Id: pulumi.Float64(0),
LastModified: pulumi.String("string"),
Locations: pulumi.StringArray{
pulumi.String("string"),
},
Log: pulumi.String("string"),
LogAttackContext: pulumi.String("string"),
LogPacket: pulumi.String("string"),
Os: pulumi.StringArray{
pulumi.String("string"),
},
Protocols: pulumi.StringArray{
pulumi.String("string"),
},
Quarantine: pulumi.String("string"),
QuarantineExpiry: pulumi.String("string"),
QuarantineLog: pulumi.String("string"),
RateCount: pulumi.Float64(0),
RateDuration: pulumi.Float64(0),
RateMode: pulumi.String("string"),
RateTrack: pulumi.String("string"),
Rule: pulumi.String("string"),
Severities: pulumi.StringArray{
pulumi.String("string"),
},
Status: pulumi.String("string"),
VulnTypes: pulumi.Float64Array{
pulumi.Float64(0),
},
},
},
ExtendedLog: pulumi.String("string"),
Name: pulumi.String("string"),
ObjectIpsSensorId: pulumi.String("string"),
ReplacemsgGroup: pulumi.String("string"),
ScanBotnetConnections: pulumi.String("string"),
Scopetype: pulumi.String("string"),
})

var objectIpsSensorResource = new ObjectIpsSensor("objectIpsSensorResource", ObjectIpsSensorArgs.builder()
    ._baseline("string")
    .adom("string")
    .blockMaliciousUrl("string")
    .comment("string")
    .dynamicSortSubtable("string")
    .entries(ObjectIpsSensorEntryArgs.builder()
        .action("string")
        .applications("string")
        .cves("string")
        .defaultAction("string")
        .defaultStatus("string")
        .exemptIps(ObjectIpsSensorEntryExemptIpArgs.builder()
            .dstIp("string")
            .id(0)
            .srcIp("string")
            .build())
        .id(0)
        .lastModified("string")
        .locations("string")
        .log("string")
        .logAttackContext("string")
        .logPacket("string")
        .os("string")
        .protocols("string")
        .quarantine("string")
        .quarantineExpiry("string")
        .quarantineLog("string")
        .rateCount(0)
        .rateDuration(0)
        .rateMode("string")
        .rateTrack("string")
        .rule("string")
        .severities("string")
        .status("string")
        .vulnTypes(0)
        .build())
    .extendedLog("string")
    .name("string")
    .objectIpsSensorId("string")
    .replacemsgGroup("string")
    .scanBotnetConnections("string")
    .scopetype("string")
    .build());

object_ips_sensor_resource = fortimanager.ObjectIpsSensor("objectIpsSensorResource",
    _baseline="string",
    adom="string",
    block_malicious_url="string",
    comment="string",
    dynamic_sort_subtable="string",
    entries=[{
        "action": "string",
        "applications": ["string"],
        "cves": ["string"],
        "default_action": "string",
        "default_status": "string",
        "exempt_ips": [{
            "dst_ip": "string",
            "id": 0,
            "src_ip": "string",
        }],
        "id": 0,
        "last_modified": "string",
        "locations": ["string"],
        "log": "string",
        "log_attack_context": "string",
        "log_packet": "string",
        "os": ["string"],
        "protocols": ["string"],
        "quarantine": "string",
        "quarantine_expiry": "string",
        "quarantine_log": "string",
        "rate_count": 0,
        "rate_duration": 0,
        "rate_mode": "string",
        "rate_track": "string",
        "rule": "string",
        "severities": ["string"],
        "status": "string",
        "vuln_types": [0],
    }],
    extended_log="string",
    name="string",
    object_ips_sensor_id="string",
    replacemsg_group="string",
    scan_botnet_connections="string",
    scopetype="string")

const objectIpsSensorResource = new fortimanager.ObjectIpsSensor("objectIpsSensorResource", {
    _baseline: "string",
    adom: "string",
    blockMaliciousUrl: "string",
    comment: "string",
    dynamicSortSubtable: "string",
    entries: [{
        action: "string",
        applications: ["string"],
        cves: ["string"],
        defaultAction: "string",
        defaultStatus: "string",
        exemptIps: [{
            dstIp: "string",
            id: 0,
            srcIp: "string",
        }],
        id: 0,
        lastModified: "string",
        locations: ["string"],
        log: "string",
        logAttackContext: "string",
        logPacket: "string",
        os: ["string"],
        protocols: ["string"],
        quarantine: "string",
        quarantineExpiry: "string",
        quarantineLog: "string",
        rateCount: 0,
        rateDuration: 0,
        rateMode: "string",
        rateTrack: "string",
        rule: "string",
        severities: ["string"],
        status: "string",
        vulnTypes: [0],
    }],
    extendedLog: "string",
    name: "string",
    objectIpsSensorId: "string",
    replacemsgGroup: "string",
    scanBotnetConnections: "string",
    scopetype: "string",
});

type: fortimanager:ObjectIpsSensor
properties:
    _baseline: string
    adom: string
    blockMaliciousUrl: string
    comment: string
    dynamicSortSubtable: string
    entries:
        - action: string
          applications:
            - string
          cves:
            - string
          defaultAction: string
          defaultStatus: string
          exemptIps:
            - dstIp: string
              id: 0
              srcIp: string
          id: 0
          lastModified: string
          locations:
            - string
          log: string
          logAttackContext: string
          logPacket: string
          os:
            - string
          protocols:
            - string
          quarantine: string
          quarantineExpiry: string
          quarantineLog: string
          rateCount: 0
          rateDuration: 0
          rateMode: string
          rateTrack: string
          rule: string
          severities:
            - string
          status: string
          vulnTypes:
            - 0
    extendedLog: string
    name: string
    objectIpsSensorId: string
    replacemsgGroup: string
    scanBotnetConnections: string
    scopetype: string

ObjectIpsSensor Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The ObjectIpsSensor resource accepts the following input properties:

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
BlockMaliciousUrl string: Enable/disable malicious URL blocking. Valid values: disable, enable.
Comment string: Comment.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
Entries List<ObjectIpsSensorEntry>: Entries. The structure of entries block is documented below.
ExtendedLog string: Enable/disable extended logging. Valid values: disable, enable.
Name string: Sensor name.
ObjectIpsSensorId string: an identifier for the resource with format {{name}}.
ReplacemsgGroup string: Replacement message group.
ScanBotnetConnections string: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
_baseline string: _Baseline.

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
BlockMaliciousUrl string: Enable/disable malicious URL blocking. Valid values: disable, enable.
Comment string: Comment.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
Entries []ObjectIpsSensorEntryArgs: Entries. The structure of entries block is documented below.
ExtendedLog string: Enable/disable extended logging. Valid values: disable, enable.
Name string: Sensor name.
ObjectIpsSensorId string: an identifier for the resource with format {{name}}.
ReplacemsgGroup string: Replacement message group.
ScanBotnetConnections string: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
_baseline string: _Baseline.

_baseline String: _Baseline.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
blockMaliciousUrl String: Enable/disable malicious URL blocking. Valid values: disable, enable.
comment String: Comment.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entries List<ObjectIpsSensorEntry>: Entries. The structure of entries block is documented below.
extendedLog String: Enable/disable extended logging. Valid values: disable, enable.
name String: Sensor name.
objectIpsSensorId String: an identifier for the resource with format {{name}}.
replacemsgGroup String: Replacement message group.
scanBotnetConnections String: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.

_baseline string: _Baseline.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
blockMaliciousUrl string: Enable/disable malicious URL blocking. Valid values: disable, enable.
comment string: Comment.
dynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entries ObjectIpsSensorEntry[]: Entries. The structure of entries block is documented below.
extendedLog string: Enable/disable extended logging. Valid values: disable, enable.
name string: Sensor name.
objectIpsSensorId string: an identifier for the resource with format {{name}}.
replacemsgGroup string: Replacement message group.
scanBotnetConnections string: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.

_baseline str: _Baseline.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
block_malicious_url str: Enable/disable malicious URL blocking. Valid values: disable, enable.
comment str: Comment.
dynamic_sort_subtable str: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entries Sequence[ObjectIpsSensorEntryArgs]: Entries. The structure of entries block is documented below.
extended_log str: Enable/disable extended logging. Valid values: disable, enable.
name str: Sensor name.
object_ips_sensor_id str: an identifier for the resource with format {{name}}.
replacemsg_group str: Replacement message group.
scan_botnet_connections str: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.

_baseline String: _Baseline.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
blockMaliciousUrl String: Enable/disable malicious URL blocking. Valid values: disable, enable.
comment String: Comment.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entries List<Property Map>: Entries. The structure of entries block is documented below.
extendedLog String: Enable/disable extended logging. Valid values: disable, enable.
name String: Sensor name.
objectIpsSensorId String: an identifier for the resource with format {{name}}.
replacemsgGroup String: Replacement message group.
scanBotnetConnections String: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.

Outputs

All input properties are implicitly available as output properties. Additionally, the ObjectIpsSensor resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing ObjectIpsSensor Resource

Get an existing ObjectIpsSensor resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

TypeScript
Python
Go
C#
Java
YAML

public static get(name: string, id: Input<ID>, state?: ObjectIpsSensorState, opts?: CustomResourceOptions): ObjectIpsSensor

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        _baseline: Optional[str] = None,
        adom: Optional[str] = None,
        block_malicious_url: Optional[str] = None,
        comment: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        entries: Optional[Sequence[ObjectIpsSensorEntryArgs]] = None,
        extended_log: Optional[str] = None,
        name: Optional[str] = None,
        object_ips_sensor_id: Optional[str] = None,
        replacemsg_group: Optional[str] = None,
        scan_botnet_connections: Optional[str] = None,
        scopetype: Optional[str] = None) -> ObjectIpsSensor

func GetObjectIpsSensor(ctx *Context, name string, id IDInput, state *ObjectIpsSensorState, opts ...ResourceOption) (*ObjectIpsSensor, error)

public static ObjectIpsSensor Get(string name, Input<string> id, ObjectIpsSensorState? state, CustomResourceOptions? opts = null)

public static ObjectIpsSensor get(String name, Output<String> id, ObjectIpsSensorState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:ObjectIpsSensor    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
BlockMaliciousUrl string: Enable/disable malicious URL blocking. Valid values: disable, enable.
Comment string: Comment.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
Entries List<ObjectIpsSensorEntry>: Entries. The structure of entries block is documented below.
ExtendedLog string: Enable/disable extended logging. Valid values: disable, enable.
Name string: Sensor name.
ObjectIpsSensorId string: an identifier for the resource with format {{name}}.
ReplacemsgGroup string: Replacement message group.
ScanBotnetConnections string: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
_baseline string: _Baseline.

Adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
BlockMaliciousUrl string: Enable/disable malicious URL blocking. Valid values: disable, enable.
Comment string: Comment.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
Entries []ObjectIpsSensorEntryArgs: Entries. The structure of entries block is documented below.
ExtendedLog string: Enable/disable extended logging. Valid values: disable, enable.
Name string: Sensor name.
ObjectIpsSensorId string: an identifier for the resource with format {{name}}.
ReplacemsgGroup string: Replacement message group.
ScanBotnetConnections string: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
Scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.
_baseline string: _Baseline.

_baseline String: _Baseline.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
blockMaliciousUrl String: Enable/disable malicious URL blocking. Valid values: disable, enable.
comment String: Comment.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entries List<ObjectIpsSensorEntry>: Entries. The structure of entries block is documented below.
extendedLog String: Enable/disable extended logging. Valid values: disable, enable.
name String: Sensor name.
objectIpsSensorId String: an identifier for the resource with format {{name}}.
replacemsgGroup String: Replacement message group.
scanBotnetConnections String: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.

_baseline string: _Baseline.
adom string: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
blockMaliciousUrl string: Enable/disable malicious URL blocking. Valid values: disable, enable.
comment string: Comment.
dynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entries ObjectIpsSensorEntry[]: Entries. The structure of entries block is documented below.
extendedLog string: Enable/disable extended logging. Valid values: disable, enable.
name string: Sensor name.
objectIpsSensorId string: an identifier for the resource with format {{name}}.
replacemsgGroup string: Replacement message group.
scanBotnetConnections string: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
scopetype string: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.

_baseline str: _Baseline.
adom str: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
block_malicious_url str: Enable/disable malicious URL blocking. Valid values: disable, enable.
comment str: Comment.
dynamic_sort_subtable str: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entries Sequence[ObjectIpsSensorEntryArgs]: Entries. The structure of entries block is documented below.
extended_log str: Enable/disable extended logging. Valid values: disable, enable.
name str: Sensor name.
object_ips_sensor_id str: an identifier for the resource with format {{name}}.
replacemsg_group str: Replacement message group.
scan_botnet_connections str: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
scopetype str: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.

_baseline String: _Baseline.
adom String: Adom. This value is valid only when the scopetype is adom, otherwise the value of adom in the provider will be inherited.
blockMaliciousUrl String: Enable/disable malicious URL blocking. Valid values: disable, enable.
comment String: Comment.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
entries List<Property Map>: Entries. The structure of entries block is documented below.
extendedLog String: Enable/disable extended logging. Valid values: disable, enable.
name String: Sensor name.
objectIpsSensorId String: an identifier for the resource with format {{name}}.
replacemsgGroup String: Replacement message group.
scanBotnetConnections String: Block or monitor connections to Botnet servers, or disable Botnet scanning. Valid values: disable, block, monitor.
scopetype String: The scope of application of the resource. Valid values: inherit, adom, global. The inherit means that the scopetype of the provider will be inherited, and adom will also be inherited. The default value is inherit.

Supporting Types

ObjectIpsSensorEntry
, ObjectIpsSensorEntryArgs

Action string: Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
Applications List<string>: Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
Cves List<string>: List of CVE IDs of the signatures to add to the sensor
DefaultAction string: Signature default action filter. Valid values: block, pass, all, drop.
DefaultStatus string: Signature default status filter. Valid values: disable, enable, all.
ExemptIps List<ObjectIpsSensorEntryExemptIp>: Exempt-Ip. The structure of exempt_ip block is documented below.
Id double: Rule ID in IPS database (0 - 4294967295).
LastModified string: Filter by signature last modified date. Formats: before <date>, after <date>, between <start-date> <end-date>.
Locations List<string>: Protect client or server traffic.
Log string: Enable/disable logging of signatures included in filter. Valid values: disable, enable.
LogAttackContext string: Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
LogPacket string: Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
Os List<string>: Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
Protocols List<string>: Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
Quarantine string: Quarantine method. Valid values: none, attacker, both, interface.
QuarantineExpiry string: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
QuarantineLog string: Enable/disable quarantine logging. Valid values: disable, enable.
RateCount double: Count of the rate.
RateDuration double: Duration (sec) of the rate.
RateMode string: Rate limit mode. Valid values: periodical, continuous.
RateTrack string: Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
Rule string: Identifies the predefined or custom IPS signatures to add to the sensor.
Severities List<string>: Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
Status string: Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
VulnTypes List<double>: List of signature vulnerability types to filter by.

Action string: Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
Applications []string: Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
Cves []string: List of CVE IDs of the signatures to add to the sensor
DefaultAction string: Signature default action filter. Valid values: block, pass, all, drop.
DefaultStatus string: Signature default status filter. Valid values: disable, enable, all.
ExemptIps []ObjectIpsSensorEntryExemptIp: Exempt-Ip. The structure of exempt_ip block is documented below.
Id float64: Rule ID in IPS database (0 - 4294967295).
LastModified string: Filter by signature last modified date. Formats: before <date>, after <date>, between <start-date> <end-date>.
Locations []string: Protect client or server traffic.
Log string: Enable/disable logging of signatures included in filter. Valid values: disable, enable.
LogAttackContext string: Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
LogPacket string: Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
Os []string: Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
Protocols []string: Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
Quarantine string: Quarantine method. Valid values: none, attacker, both, interface.
QuarantineExpiry string: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
QuarantineLog string: Enable/disable quarantine logging. Valid values: disable, enable.
RateCount float64: Count of the rate.
RateDuration float64: Duration (sec) of the rate.
RateMode string: Rate limit mode. Valid values: periodical, continuous.
RateTrack string: Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
Rule string: Identifies the predefined or custom IPS signatures to add to the sensor.
Severities []string: Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
Status string: Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
VulnTypes []float64: List of signature vulnerability types to filter by.

action String: Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
applications List<String>: Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
cves List<String>: List of CVE IDs of the signatures to add to the sensor
defaultAction String: Signature default action filter. Valid values: block, pass, all, drop.
defaultStatus String: Signature default status filter. Valid values: disable, enable, all.
exemptIps List<ObjectIpsSensorEntryExemptIp>: Exempt-Ip. The structure of exempt_ip block is documented below.
id Double: Rule ID in IPS database (0 - 4294967295).
lastModified String: Filter by signature last modified date. Formats: before <date>, after <date>, between <start-date> <end-date>.
locations List<String>: Protect client or server traffic.
log String: Enable/disable logging of signatures included in filter. Valid values: disable, enable.
logAttackContext String: Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
logPacket String: Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
os List<String>: Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
protocols List<String>: Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
quarantine String: Quarantine method. Valid values: none, attacker, both, interface.
quarantineExpiry String: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
quarantineLog String: Enable/disable quarantine logging. Valid values: disable, enable.
rateCount Double: Count of the rate.
rateDuration Double: Duration (sec) of the rate.
rateMode String: Rate limit mode. Valid values: periodical, continuous.
rateTrack String: Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
rule String: Identifies the predefined or custom IPS signatures to add to the sensor.
severities List<String>: Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
status String: Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
vulnTypes List<Double>: List of signature vulnerability types to filter by.

action string: Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
applications string[]: Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
cves string[]: List of CVE IDs of the signatures to add to the sensor
defaultAction string: Signature default action filter. Valid values: block, pass, all, drop.
defaultStatus string: Signature default status filter. Valid values: disable, enable, all.
exemptIps ObjectIpsSensorEntryExemptIp[]: Exempt-Ip. The structure of exempt_ip block is documented below.
id number: Rule ID in IPS database (0 - 4294967295).
lastModified string: Filter by signature last modified date. Formats: before <date>, after <date>, between <start-date> <end-date>.
locations string[]: Protect client or server traffic.
log string: Enable/disable logging of signatures included in filter. Valid values: disable, enable.
logAttackContext string: Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
logPacket string: Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
os string[]: Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
protocols string[]: Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
quarantine string: Quarantine method. Valid values: none, attacker, both, interface.
quarantineExpiry string: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
quarantineLog string: Enable/disable quarantine logging. Valid values: disable, enable.
rateCount number: Count of the rate.
rateDuration number: Duration (sec) of the rate.
rateMode string: Rate limit mode. Valid values: periodical, continuous.
rateTrack string: Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
rule string: Identifies the predefined or custom IPS signatures to add to the sensor.
severities string[]: Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
status string: Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
vulnTypes number[]: List of signature vulnerability types to filter by.

action str: Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
applications Sequence[str]: Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
cves Sequence[str]: List of CVE IDs of the signatures to add to the sensor
default_action str: Signature default action filter. Valid values: block, pass, all, drop.
default_status str: Signature default status filter. Valid values: disable, enable, all.
exempt_ips Sequence[ObjectIpsSensorEntryExemptIp]: Exempt-Ip. The structure of exempt_ip block is documented below.
id float: Rule ID in IPS database (0 - 4294967295).
last_modified str: Filter by signature last modified date. Formats: before <date>, after <date>, between <start-date> <end-date>.
locations Sequence[str]: Protect client or server traffic.
log str: Enable/disable logging of signatures included in filter. Valid values: disable, enable.
log_attack_context str: Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
log_packet str: Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
os Sequence[str]: Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
protocols Sequence[str]: Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
quarantine str: Quarantine method. Valid values: none, attacker, both, interface.
quarantine_expiry str: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
quarantine_log str: Enable/disable quarantine logging. Valid values: disable, enable.
rate_count float: Count of the rate.
rate_duration float: Duration (sec) of the rate.
rate_mode str: Rate limit mode. Valid values: periodical, continuous.
rate_track str: Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
rule str: Identifies the predefined or custom IPS signatures to add to the sensor.
severities Sequence[str]: Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
status str: Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
vuln_types Sequence[float]: List of signature vulnerability types to filter by.

action String: Action taken with traffic in which signatures are detected. Valid values: pass, block, reset, default.
applications List<String>: Applications to be protected. set application ? lists available applications. all includes all applications. other includes all unlisted applications.
cves List<String>: List of CVE IDs of the signatures to add to the sensor
defaultAction String: Signature default action filter. Valid values: block, pass, all, drop.
defaultStatus String: Signature default status filter. Valid values: disable, enable, all.
exemptIps List<Property Map>: Exempt-Ip. The structure of exempt_ip block is documented below.
id Number: Rule ID in IPS database (0 - 4294967295).
lastModified String: Filter by signature last modified date. Formats: before <date>, after <date>, between <start-date> <end-date>.
locations List<String>: Protect client or server traffic.
log String: Enable/disable logging of signatures included in filter. Valid values: disable, enable.
logAttackContext String: Enable/disable logging of attack context: URL buffer, header buffer, body buffer, packet buffer. Valid values: disable, enable.
logPacket String: Enable/disable packet logging. Enable to save the packet that triggers the filter. You can download the packets in pcap format for diagnostic use. Valid values: disable, enable.
os List<String>: Operating systems to be protected. all includes all operating systems. other includes all unlisted operating systems.
protocols List<String>: Protocols to be examined. set protocol ? lists available protocols. all includes all protocols. other includes all unlisted protocols.
quarantine String: Quarantine method. Valid values: none, attacker, both, interface.
quarantineExpiry String: Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
quarantineLog String: Enable/disable quarantine logging. Valid values: disable, enable.
rateCount Number: Count of the rate.
rateDuration Number: Duration (sec) of the rate.
rateMode String: Rate limit mode. Valid values: periodical, continuous.
rateTrack String: Track the packet protocol field. Valid values: none, src-ip, dest-ip, dhcp-client-mac, dns-domain.
rule String: Identifies the predefined or custom IPS signatures to add to the sensor.
severities List<String>: Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.
status String: Status of the signatures included in filter. default enables the filter and only use filters with default status of enable. Filters with default status of disable will not be used. Valid values: disable, enable, default.
vulnTypes List<Number>: List of signature vulnerability types to filter by.

ObjectIpsSensorEntryExemptIp
, ObjectIpsSensorEntryExemptIpArgs

DstIp string: Destination IP address and netmask.
Id double: Exempt IP ID.
SrcIp string: Source IP address and netmask.

DstIp string: Destination IP address and netmask.
Id float64: Exempt IP ID.
SrcIp string: Source IP address and netmask.

dstIp String: Destination IP address and netmask.
id Double: Exempt IP ID.
srcIp String: Source IP address and netmask.

dstIp string: Destination IP address and netmask.
id number: Exempt IP ID.
srcIp string: Source IP address and netmask.

dst_ip str: Destination IP address and netmask.
id float: Exempt IP ID.
src_ip str: Source IP address and netmask.

dstIp String: Destination IP address and netmask.
id Number: Exempt IP ID.
srcIp String: Source IP address and netmask.

Import

ObjectIps Sensor can be imported using any of these accepted formats:

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/objectIpsSensor:ObjectIpsSensor labelname {{name}}

$ unset “FORTIMANAGER_IMPORT_TABLE”

-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.14.0 published on Tuesday, Apr 15, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.ObjectIpsSensor

On this page

On this page

Example Usage

Create ObjectIpsSensor Resource

Constructor syntax

Parameters

Constructor example

ObjectIpsSensor Resource Properties

Inputs

Outputs

Look up Existing ObjectIpsSensor Resource

Supporting Types

ObjectIpsSensorEntry
, ObjectIpsSensorEntryArgs

ObjectIpsSensorEntryExemptIp
, ObjectIpsSensorEntryExemptIpArgs

Import

Package Details

On this page

On this page

fortimanager.ObjectIpsSensor

On this page

On this page

Example Usage

Create ObjectIpsSensor Resource

Constructor syntax

Parameters

Constructor example

ObjectIpsSensor Resource Properties

Inputs

Outputs

Look up Existing ObjectIpsSensor Resource

Supporting Types

ObjectIpsSensorEntry, ObjectIpsSensorEntryArgs

ObjectIpsSensorEntryExemptIp, ObjectIpsSensorEntryExemptIpArgs

Import

Package Details

On this page

On this page

ObjectIpsSensorEntry
, ObjectIpsSensorEntryArgs

ObjectIpsSensorEntryExemptIp
, ObjectIpsSensorEntryExemptIpArgs