ssl

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 24, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Setting 

type Setting struct {
	pulumi.CustomResourceState

	// Enable/disable use of SSL abbreviated handshake. Valid values: `enable`, `disable`.
	AbbreviateHandshake pulumi.StringOutput `pulumi:"abbreviateHandshake"`
	// Maximum capacity of the host certificate cache (0 - 500, default = 200).
	CertCacheCapacity pulumi.IntOutput `pulumi:"certCacheCapacity"`
	// Time limit to keep certificate cache (1 - 120 min, default = 10).
	CertCacheTimeout pulumi.IntOutput `pulumi:"certCacheTimeout"`
	// Maximum length of the CP KXP queue. When the queue becomes full, the proxy switches cipher functions to the main CPU (0 - 512, default = 16).
	KxpQueueThreshold pulumi.IntOutput `pulumi:"kxpQueueThreshold"`
	// Bypass or drop the connection when no matching cipher is found. Valid values: `bypass`, `drop`.
	NoMatchingCipherAction pulumi.StringOutput `pulumi:"noMatchingCipherAction"`
	// Time limit to make an internal connection to the appropriate proxy process (1 - 60 sec, default = 30).
	ProxyConnectTimeout pulumi.IntOutput `pulumi:"proxyConnectTimeout"`
	// Capacity of the SSL session cache (--Obsolete--) (1 - 1000, default = 500).
	SessionCacheCapacity pulumi.IntOutput `pulumi:"sessionCacheCapacity"`
	// Time limit to keep SSL session state (1 - 60 min, default = 20).
	SessionCacheTimeout pulumi.IntOutput `pulumi:"sessionCacheTimeout"`
	// Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values: `768`, `1024`, `1536`, `2048`.
	SslDhBits pulumi.StringOutput `pulumi:"sslDhBits"`
	// Maximum length of the CP SSL queue. When the queue becomes full, the proxy switches cipher functions to the main CPU (0 - 512, default = 32).
	SslQueueThreshold pulumi.IntOutput `pulumi:"sslQueueThreshold"`
	// Enable/disable sending empty fragments to avoid attack on CBC IV (for SSL 3.0 and TLS 1.0 only). Valid values: `enable`, `disable`.
	SslSendEmptyFrags pulumi.StringOutput `pulumi:"sslSendEmptyFrags"`
	// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
	Vdomparam pulumi.StringPtrOutput `pulumi:"vdomparam"`
}

SSL proxy settings.

## Example Usage

<!--Start PulumiCodeChooser --> ```go package main

import ( 

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/firewall"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := firewall.NewSetting(ctx, "trname", &firewall.SettingArgs{
			AbbreviateHandshake:    pulumi.String("enable"),
			CertCacheCapacity:      pulumi.Int(200),
			CertCacheTimeout:       pulumi.Int(10),
			KxpQueueThreshold:      pulumi.Int(16),
			NoMatchingCipherAction: pulumi.String("bypass"),
			ProxyConnectTimeout:    pulumi.Int(30),
			SessionCacheCapacity:   pulumi.Int(500),
			SessionCacheTimeout:    pulumi.Int(20),
			SslDhBits:              pulumi.String("2048"),
			SslQueueThreshold:      pulumi.Int(32),
			SslSendEmptyFrags:      pulumi.String("enable"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

``` <!--End PulumiCodeChooser -->

## Import

FirewallSsl Setting can be imported using any of these accepted formats:

```sh $ pulumi import fortios:firewall/ssl/setting:Setting labelname FirewallSslSetting ```

If you do not want to import arguments of block:

$ export "FORTIOS_IMPORT_TABLE"="false"

```sh $ pulumi import fortios:firewall/ssl/setting:Setting labelname FirewallSslSetting ```

$ unset "FORTIOS_IMPORT_TABLE"

func GetSetting 

func GetSetting(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *SettingState, opts ...pulumi.ResourceOption) (*Setting, error)

GetSetting gets an existing Setting resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewSetting 

func NewSetting(ctx *pulumi.Context,
	name string, args *SettingArgs, opts ...pulumi.ResourceOption) (*Setting, error)

NewSetting registers a new resource with the given unique name, arguments, and options.

func (*Setting) ElementType 

func (*Setting) ElementType() reflect.Type

func (*Setting) ToSettingOutput 

func (i *Setting) ToSettingOutput() SettingOutput

func (*Setting) ToSettingOutputWithContext 

func (i *Setting) ToSettingOutputWithContext(ctx context.Context) SettingOutput

type SettingArgs 

type SettingArgs struct {
	// Enable/disable use of SSL abbreviated handshake. Valid values: `enable`, `disable`.
	AbbreviateHandshake pulumi.StringPtrInput
	// Maximum capacity of the host certificate cache (0 - 500, default = 200).
	CertCacheCapacity pulumi.IntInput
	// Time limit to keep certificate cache (1 - 120 min, default = 10).
	CertCacheTimeout pulumi.IntInput
	// Maximum length of the CP KXP queue. When the queue becomes full, the proxy switches cipher functions to the main CPU (0 - 512, default = 16).
	KxpQueueThreshold pulumi.IntPtrInput
	// Bypass or drop the connection when no matching cipher is found. Valid values: `bypass`, `drop`.
	NoMatchingCipherAction pulumi.StringInput
	// Time limit to make an internal connection to the appropriate proxy process (1 - 60 sec, default = 30).
	ProxyConnectTimeout pulumi.IntInput
	// Capacity of the SSL session cache (--Obsolete--) (1 - 1000, default = 500).
	SessionCacheCapacity pulumi.IntInput
	// Time limit to keep SSL session state (1 - 60 min, default = 20).
	SessionCacheTimeout pulumi.IntInput
	// Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values: `768`, `1024`, `1536`, `2048`.
	SslDhBits pulumi.StringInput
	// Maximum length of the CP SSL queue. When the queue becomes full, the proxy switches cipher functions to the main CPU (0 - 512, default = 32).
	SslQueueThreshold pulumi.IntPtrInput
	// Enable/disable sending empty fragments to avoid attack on CBC IV (for SSL 3.0 and TLS 1.0 only). Valid values: `enable`, `disable`.
	SslSendEmptyFrags pulumi.StringInput
	// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
	Vdomparam pulumi.StringPtrInput
}

The set of arguments for constructing a Setting resource.

func (SettingArgs) ElementType 

func (SettingArgs) ElementType() reflect.Type

type SettingArray 

type SettingArray []SettingInput

func (SettingArray) ElementType 

func (SettingArray) ElementType() reflect.Type

func (SettingArray) ToSettingArrayOutput 

func (i SettingArray) ToSettingArrayOutput() SettingArrayOutput

func (SettingArray) ToSettingArrayOutputWithContext 

func (i SettingArray) ToSettingArrayOutputWithContext(ctx context.Context) SettingArrayOutput

type SettingArrayInput 

type SettingArrayInput interface {
	pulumi.Input

	ToSettingArrayOutput() SettingArrayOutput
	ToSettingArrayOutputWithContext(context.Context) SettingArrayOutput
}

SettingArrayInput is an input type that accepts SettingArray and SettingArrayOutput values. You can construct a concrete instance of `SettingArrayInput` via: 

SettingArray{ SettingArgs{...} }

type SettingArrayOutput 

type SettingArrayOutput struct{ *pulumi.OutputState }

func (SettingArrayOutput) ElementType 

func (SettingArrayOutput) ElementType() reflect.Type

func (SettingArrayOutput) Index 

func (o SettingArrayOutput) Index(i pulumi.IntInput) SettingOutput

func (SettingArrayOutput) ToSettingArrayOutput 

func (o SettingArrayOutput) ToSettingArrayOutput() SettingArrayOutput

func (SettingArrayOutput) ToSettingArrayOutputWithContext 

func (o SettingArrayOutput) ToSettingArrayOutputWithContext(ctx context.Context) SettingArrayOutput

type SettingInput 

type SettingInput interface {
	pulumi.Input

	ToSettingOutput() SettingOutput
	ToSettingOutputWithContext(ctx context.Context) SettingOutput
}

type SettingMap 

type SettingMap map[string]SettingInput

func (SettingMap) ElementType 

func (SettingMap) ElementType() reflect.Type

func (SettingMap) ToSettingMapOutput 

func (i SettingMap) ToSettingMapOutput() SettingMapOutput

func (SettingMap) ToSettingMapOutputWithContext 

func (i SettingMap) ToSettingMapOutputWithContext(ctx context.Context) SettingMapOutput

type SettingMapInput 

type SettingMapInput interface {
	pulumi.Input

	ToSettingMapOutput() SettingMapOutput
	ToSettingMapOutputWithContext(context.Context) SettingMapOutput
}

SettingMapInput is an input type that accepts SettingMap and SettingMapOutput values. You can construct a concrete instance of `SettingMapInput` via: 

SettingMap{ "key": SettingArgs{...} }

type SettingMapOutput 

type SettingMapOutput struct{ *pulumi.OutputState }

func (SettingMapOutput) ElementType 

func (SettingMapOutput) ElementType() reflect.Type

func (SettingMapOutput) MapIndex 

func (o SettingMapOutput) MapIndex(k pulumi.StringInput) SettingOutput

func (SettingMapOutput) ToSettingMapOutput 

func (o SettingMapOutput) ToSettingMapOutput() SettingMapOutput

func (SettingMapOutput) ToSettingMapOutputWithContext 

func (o SettingMapOutput) ToSettingMapOutputWithContext(ctx context.Context) SettingMapOutput

type SettingOutput 

type SettingOutput struct{ *pulumi.OutputState }

func (SettingOutput) AbbreviateHandshake 

func (o SettingOutput) AbbreviateHandshake() pulumi.StringOutput

Enable/disable use of SSL abbreviated handshake. Valid values: `enable`, `disable`.

func (SettingOutput) CertCacheCapacity 

func (o SettingOutput) CertCacheCapacity() pulumi.IntOutput

Maximum capacity of the host certificate cache (0 - 500, default = 200).

func (SettingOutput) CertCacheTimeout 

func (o SettingOutput) CertCacheTimeout() pulumi.IntOutput

Time limit to keep certificate cache (1 - 120 min, default = 10).

func (SettingOutput) ElementType 

func (SettingOutput) ElementType() reflect.Type

func (SettingOutput) KxpQueueThreshold 

func (o SettingOutput) KxpQueueThreshold() pulumi.IntOutput

Maximum length of the CP KXP queue. When the queue becomes full, the proxy switches cipher functions to the main CPU (0 - 512, default = 16).

func (SettingOutput) NoMatchingCipherAction 

func (o SettingOutput) NoMatchingCipherAction() pulumi.StringOutput

Bypass or drop the connection when no matching cipher is found. Valid values: `bypass`, `drop`.

func (SettingOutput) ProxyConnectTimeout 

func (o SettingOutput) ProxyConnectTimeout() pulumi.IntOutput

Time limit to make an internal connection to the appropriate proxy process (1 - 60 sec, default = 30).

func (SettingOutput) SessionCacheCapacity 

func (o SettingOutput) SessionCacheCapacity() pulumi.IntOutput

Capacity of the SSL session cache (--Obsolete--) (1 - 1000, default = 500).

func (SettingOutput) SessionCacheTimeout 

func (o SettingOutput) SessionCacheTimeout() pulumi.IntOutput

Time limit to keep SSL session state (1 - 60 min, default = 20).

func (SettingOutput) SslDhBits 

func (o SettingOutput) SslDhBits() pulumi.StringOutput

Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values: `768`, `1024`, `1536`, `2048`.

func (SettingOutput) SslQueueThreshold 

func (o SettingOutput) SslQueueThreshold() pulumi.IntOutput

Maximum length of the CP SSL queue. When the queue becomes full, the proxy switches cipher functions to the main CPU (0 - 512, default = 32).

func (SettingOutput) SslSendEmptyFrags 

func (o SettingOutput) SslSendEmptyFrags() pulumi.StringOutput

Enable/disable sending empty fragments to avoid attack on CBC IV (for SSL 3.0 and TLS 1.0 only). Valid values: `enable`, `disable`.

func (SettingOutput) ToSettingOutput 

func (o SettingOutput) ToSettingOutput() SettingOutput

func (SettingOutput) ToSettingOutputWithContext 

func (o SettingOutput) ToSettingOutputWithContext(ctx context.Context) SettingOutput

func (SettingOutput) Vdomparam 

func (o SettingOutput) Vdomparam() pulumi.StringPtrOutput

Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

type SettingState 

type SettingState struct {
	// Enable/disable use of SSL abbreviated handshake. Valid values: `enable`, `disable`.
	AbbreviateHandshake pulumi.StringPtrInput
	// Maximum capacity of the host certificate cache (0 - 500, default = 200).
	CertCacheCapacity pulumi.IntPtrInput
	// Time limit to keep certificate cache (1 - 120 min, default = 10).
	CertCacheTimeout pulumi.IntPtrInput
	// Maximum length of the CP KXP queue. When the queue becomes full, the proxy switches cipher functions to the main CPU (0 - 512, default = 16).
	KxpQueueThreshold pulumi.IntPtrInput
	// Bypass or drop the connection when no matching cipher is found. Valid values: `bypass`, `drop`.
	NoMatchingCipherAction pulumi.StringPtrInput
	// Time limit to make an internal connection to the appropriate proxy process (1 - 60 sec, default = 30).
	ProxyConnectTimeout pulumi.IntPtrInput
	// Capacity of the SSL session cache (--Obsolete--) (1 - 1000, default = 500).
	SessionCacheCapacity pulumi.IntPtrInput
	// Time limit to keep SSL session state (1 - 60 min, default = 20).
	SessionCacheTimeout pulumi.IntPtrInput
	// Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation (default = 2048). Valid values: `768`, `1024`, `1536`, `2048`.
	SslDhBits pulumi.StringPtrInput
	// Maximum length of the CP SSL queue. When the queue becomes full, the proxy switches cipher functions to the main CPU (0 - 512, default = 32).
	SslQueueThreshold pulumi.IntPtrInput
	// Enable/disable sending empty fragments to avoid attack on CBC IV (for SSL 3.0 and TLS 1.0 only). Valid values: `enable`, `disable`.
	SslSendEmptyFrags pulumi.StringPtrInput
	// Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
	Vdomparam pulumi.StringPtrInput
}

func (SettingState) ElementType 

func (SettingState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.