Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
DecryptionProfile resource
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as scm from "@pulumi/scm";
const scmDecryptionProfileBase = new scm.DecryptionProfile("scm_decryption_profile_base", {
folder: "ngfw-shared",
name: "dp_base",
});
const scmDecryptionProfileForwardProxy = new scm.DecryptionProfile("scm_decryption_profile_forward_proxy", {
folder: "ngfw-shared",
name: "dp_forward_proxy",
sslForwardProxy: {
autoIncludeAltname: false,
blockClientCert: true,
blockExpiredCertificate: true,
blockTimeoutCert: true,
blockTls13DowngradeNoResource: false,
blockUnknownCert: false,
blockUnsupportedCipher: true,
blockUnsupportedVersion: true,
blockUntrustedIssuer: true,
restrictCertExts: false,
stripAlpn: true,
},
});
const scmDecryptionProfileInboundProxy = new scm.DecryptionProfile("scm_decryption_profile_inbound_proxy", {
folder: "ngfw-shared",
name: "dp_inbound_proxy",
sslInboundProxy: {
blockIfHsmUnavailable: true,
blockIfNoResource: true,
blockUnsupportedCipher: false,
blockUnsupportedVersion: true,
},
});
const scmDecryptionProfileNoProxy = new scm.DecryptionProfile("scm_decryption_profile_no_proxy", {
folder: "ngfw-shared",
name: "dp_no_proxy",
sslNoProxy: {
blockExpiredCertificate: true,
blockUntrustedIssuer: false,
},
});
const scmDecryptionProfileProtocolSettings = new scm.DecryptionProfile("scm_decryption_profile_protocol_settings", {
folder: "ngfw-shared",
name: "dp_protocol_settings",
sslProtocolSettings: {
authAlgoMd5: true,
authAlgoSha1: true,
authAlgoSha256: true,
authAlgoSha384: false,
encAlgo3des: false,
encAlgoAes128Cbc: false,
encAlgoAes128Gcm: true,
encAlgoAes256Cbc: false,
encAlgoAes256Gcm: true,
encAlgoChacha20Poly1305: false,
encAlgoRc4: false,
keyxchgAlgoDhe: true,
keyxchgAlgoEcdhe: true,
keyxchgAlgoRsa: false,
maxVersion: "max",
minVersion: "tls1-2",
},
});
const mixedDecryptionProfile = new scm.DecryptionProfile("mixed_decryption_profile", {
folder: "ngfw-shared",
name: "mixed_dp",
sslForwardProxy: {
autoIncludeAltname: true,
blockClientCert: true,
blockExpiredCertificate: false,
restrictCertExts: false,
stripAlpn: true,
},
sslInboundProxy: {
blockIfHsmUnavailable: true,
blockIfNoResource: true,
blockUnsupportedCipher: true,
blockUnsupportedVersion: true,
},
sslProtocolSettings: {
authAlgoMd5: true,
authAlgoSha1: true,
authAlgoSha256: false,
authAlgoSha384: true,
encAlgo3des: true,
encAlgoRc4: true,
keyxchgAlgoDhe: false,
keyxchgAlgoEcdhe: false,
maxVersion: "tls1-3",
minVersion: "tls1-1",
},
});
const fullMixedDecryptionProfile = new scm.DecryptionProfile("full_mixed_decryption_profile", {
folder: "ngfw-shared",
name: "full_mixed_dp",
sslForwardProxy: {
autoIncludeAltname: true,
blockClientCert: true,
blockExpiredCertificate: false,
blockTimeoutCert: true,
blockUnknownCert: false,
blockUnsupportedCipher: true,
blockUntrustedIssuer: false,
restrictCertExts: false,
stripAlpn: true,
},
sslInboundProxy: {
blockIfHsmUnavailable: true,
blockIfNoResource: false,
blockUnsupportedCipher: true,
blockUnsupportedVersion: false,
},
sslNoProxy: {
blockExpiredCertificate: false,
blockUntrustedIssuer: true,
},
sslProtocolSettings: {
authAlgoMd5: false,
authAlgoSha1: true,
authAlgoSha256: false,
authAlgoSha384: true,
encAlgo3des: false,
encAlgoAes128Gcm: true,
encAlgoAes256Cbc: false,
encAlgoAes256Gcm: true,
encAlgoRc4: true,
keyxchgAlgoDhe: false,
keyxchgAlgoEcdhe: true,
keyxchgAlgoRsa: false,
maxVersion: "tls1-0",
minVersion: "sslv3",
},
});
import pulumi
import pulumi_scm as scm
scm_decryption_profile_base = scm.DecryptionProfile("scm_decryption_profile_base",
folder="ngfw-shared",
name="dp_base")
scm_decryption_profile_forward_proxy = scm.DecryptionProfile("scm_decryption_profile_forward_proxy",
folder="ngfw-shared",
name="dp_forward_proxy",
ssl_forward_proxy={
"auto_include_altname": False,
"block_client_cert": True,
"block_expired_certificate": True,
"block_timeout_cert": True,
"block_tls13_downgrade_no_resource": False,
"block_unknown_cert": False,
"block_unsupported_cipher": True,
"block_unsupported_version": True,
"block_untrusted_issuer": True,
"restrict_cert_exts": False,
"strip_alpn": True,
})
scm_decryption_profile_inbound_proxy = scm.DecryptionProfile("scm_decryption_profile_inbound_proxy",
folder="ngfw-shared",
name="dp_inbound_proxy",
ssl_inbound_proxy={
"block_if_hsm_unavailable": True,
"block_if_no_resource": True,
"block_unsupported_cipher": False,
"block_unsupported_version": True,
})
scm_decryption_profile_no_proxy = scm.DecryptionProfile("scm_decryption_profile_no_proxy",
folder="ngfw-shared",
name="dp_no_proxy",
ssl_no_proxy={
"block_expired_certificate": True,
"block_untrusted_issuer": False,
})
scm_decryption_profile_protocol_settings = scm.DecryptionProfile("scm_decryption_profile_protocol_settings",
folder="ngfw-shared",
name="dp_protocol_settings",
ssl_protocol_settings={
"auth_algo_md5": True,
"auth_algo_sha1": True,
"auth_algo_sha256": True,
"auth_algo_sha384": False,
"enc_algo3des": False,
"enc_algo_aes128_cbc": False,
"enc_algo_aes128_gcm": True,
"enc_algo_aes256_cbc": False,
"enc_algo_aes256_gcm": True,
"enc_algo_chacha20_poly1305": False,
"enc_algo_rc4": False,
"keyxchg_algo_dhe": True,
"keyxchg_algo_ecdhe": True,
"keyxchg_algo_rsa": False,
"max_version": "max",
"min_version": "tls1-2",
})
mixed_decryption_profile = scm.DecryptionProfile("mixed_decryption_profile",
folder="ngfw-shared",
name="mixed_dp",
ssl_forward_proxy={
"auto_include_altname": True,
"block_client_cert": True,
"block_expired_certificate": False,
"restrict_cert_exts": False,
"strip_alpn": True,
},
ssl_inbound_proxy={
"block_if_hsm_unavailable": True,
"block_if_no_resource": True,
"block_unsupported_cipher": True,
"block_unsupported_version": True,
},
ssl_protocol_settings={
"auth_algo_md5": True,
"auth_algo_sha1": True,
"auth_algo_sha256": False,
"auth_algo_sha384": True,
"enc_algo3des": True,
"enc_algo_rc4": True,
"keyxchg_algo_dhe": False,
"keyxchg_algo_ecdhe": False,
"max_version": "tls1-3",
"min_version": "tls1-1",
})
full_mixed_decryption_profile = scm.DecryptionProfile("full_mixed_decryption_profile",
folder="ngfw-shared",
name="full_mixed_dp",
ssl_forward_proxy={
"auto_include_altname": True,
"block_client_cert": True,
"block_expired_certificate": False,
"block_timeout_cert": True,
"block_unknown_cert": False,
"block_unsupported_cipher": True,
"block_untrusted_issuer": False,
"restrict_cert_exts": False,
"strip_alpn": True,
},
ssl_inbound_proxy={
"block_if_hsm_unavailable": True,
"block_if_no_resource": False,
"block_unsupported_cipher": True,
"block_unsupported_version": False,
},
ssl_no_proxy={
"block_expired_certificate": False,
"block_untrusted_issuer": True,
},
ssl_protocol_settings={
"auth_algo_md5": False,
"auth_algo_sha1": True,
"auth_algo_sha256": False,
"auth_algo_sha384": True,
"enc_algo3des": False,
"enc_algo_aes128_gcm": True,
"enc_algo_aes256_cbc": False,
"enc_algo_aes256_gcm": True,
"enc_algo_rc4": True,
"keyxchg_algo_dhe": False,
"keyxchg_algo_ecdhe": True,
"keyxchg_algo_rsa": False,
"max_version": "tls1-0",
"min_version": "sslv3",
})
package main
import (
"github.com/pulumi/pulumi-scm/sdk/go/scm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := scm.NewDecryptionProfile(ctx, "scm_decryption_profile_base", &scm.DecryptionProfileArgs{
Folder: pulumi.String("ngfw-shared"),
Name: pulumi.String("dp_base"),
})
if err != nil {
return err
}
_, err = scm.NewDecryptionProfile(ctx, "scm_decryption_profile_forward_proxy", &scm.DecryptionProfileArgs{
Folder: pulumi.String("ngfw-shared"),
Name: pulumi.String("dp_forward_proxy"),
SslForwardProxy: &scm.DecryptionProfileSslForwardProxyArgs{
AutoIncludeAltname: pulumi.Bool(false),
BlockClientCert: pulumi.Bool(true),
BlockExpiredCertificate: pulumi.Bool(true),
BlockTimeoutCert: pulumi.Bool(true),
BlockTls13DowngradeNoResource: pulumi.Bool(false),
BlockUnknownCert: pulumi.Bool(false),
BlockUnsupportedCipher: pulumi.Bool(true),
BlockUnsupportedVersion: pulumi.Bool(true),
BlockUntrustedIssuer: pulumi.Bool(true),
RestrictCertExts: pulumi.Bool(false),
StripAlpn: pulumi.Bool(true),
},
})
if err != nil {
return err
}
_, err = scm.NewDecryptionProfile(ctx, "scm_decryption_profile_inbound_proxy", &scm.DecryptionProfileArgs{
Folder: pulumi.String("ngfw-shared"),
Name: pulumi.String("dp_inbound_proxy"),
SslInboundProxy: &scm.DecryptionProfileSslInboundProxyArgs{
BlockIfHsmUnavailable: pulumi.Bool(true),
BlockIfNoResource: pulumi.Bool(true),
BlockUnsupportedCipher: pulumi.Bool(false),
BlockUnsupportedVersion: pulumi.Bool(true),
},
})
if err != nil {
return err
}
_, err = scm.NewDecryptionProfile(ctx, "scm_decryption_profile_no_proxy", &scm.DecryptionProfileArgs{
Folder: pulumi.String("ngfw-shared"),
Name: pulumi.String("dp_no_proxy"),
SslNoProxy: &scm.DecryptionProfileSslNoProxyArgs{
BlockExpiredCertificate: pulumi.Bool(true),
BlockUntrustedIssuer: pulumi.Bool(false),
},
})
if err != nil {
return err
}
_, err = scm.NewDecryptionProfile(ctx, "scm_decryption_profile_protocol_settings", &scm.DecryptionProfileArgs{
Folder: pulumi.String("ngfw-shared"),
Name: pulumi.String("dp_protocol_settings"),
SslProtocolSettings: &scm.DecryptionProfileSslProtocolSettingsArgs{
AuthAlgoMd5: pulumi.Bool(true),
AuthAlgoSha1: pulumi.Bool(true),
AuthAlgoSha256: pulumi.Bool(true),
AuthAlgoSha384: pulumi.Bool(false),
EncAlgo3des: pulumi.Bool(false),
EncAlgoAes128Cbc: pulumi.Bool(false),
EncAlgoAes128Gcm: pulumi.Bool(true),
EncAlgoAes256Cbc: pulumi.Bool(false),
EncAlgoAes256Gcm: pulumi.Bool(true),
EncAlgoChacha20Poly1305: pulumi.Bool(false),
EncAlgoRc4: pulumi.Bool(false),
KeyxchgAlgoDhe: pulumi.Bool(true),
KeyxchgAlgoEcdhe: pulumi.Bool(true),
KeyxchgAlgoRsa: pulumi.Bool(false),
MaxVersion: pulumi.String("max"),
MinVersion: pulumi.String("tls1-2"),
},
})
if err != nil {
return err
}
_, err = scm.NewDecryptionProfile(ctx, "mixed_decryption_profile", &scm.DecryptionProfileArgs{
Folder: pulumi.String("ngfw-shared"),
Name: pulumi.String("mixed_dp"),
SslForwardProxy: &scm.DecryptionProfileSslForwardProxyArgs{
AutoIncludeAltname: pulumi.Bool(true),
BlockClientCert: pulumi.Bool(true),
BlockExpiredCertificate: pulumi.Bool(false),
RestrictCertExts: pulumi.Bool(false),
StripAlpn: pulumi.Bool(true),
},
SslInboundProxy: &scm.DecryptionProfileSslInboundProxyArgs{
BlockIfHsmUnavailable: pulumi.Bool(true),
BlockIfNoResource: pulumi.Bool(true),
BlockUnsupportedCipher: pulumi.Bool(true),
BlockUnsupportedVersion: pulumi.Bool(true),
},
SslProtocolSettings: &scm.DecryptionProfileSslProtocolSettingsArgs{
AuthAlgoMd5: pulumi.Bool(true),
AuthAlgoSha1: pulumi.Bool(true),
AuthAlgoSha256: pulumi.Bool(false),
AuthAlgoSha384: pulumi.Bool(true),
EncAlgo3des: pulumi.Bool(true),
EncAlgoRc4: pulumi.Bool(true),
KeyxchgAlgoDhe: pulumi.Bool(false),
KeyxchgAlgoEcdhe: pulumi.Bool(false),
MaxVersion: pulumi.String("tls1-3"),
MinVersion: pulumi.String("tls1-1"),
},
})
if err != nil {
return err
}
_, err = scm.NewDecryptionProfile(ctx, "full_mixed_decryption_profile", &scm.DecryptionProfileArgs{
Folder: pulumi.String("ngfw-shared"),
Name: pulumi.String("full_mixed_dp"),
SslForwardProxy: &scm.DecryptionProfileSslForwardProxyArgs{
AutoIncludeAltname: pulumi.Bool(true),
BlockClientCert: pulumi.Bool(true),
BlockExpiredCertificate: pulumi.Bool(false),
BlockTimeoutCert: pulumi.Bool(true),
BlockUnknownCert: pulumi.Bool(false),
BlockUnsupportedCipher: pulumi.Bool(true),
BlockUntrustedIssuer: pulumi.Bool(false),
RestrictCertExts: pulumi.Bool(false),
StripAlpn: pulumi.Bool(true),
},
SslInboundProxy: &scm.DecryptionProfileSslInboundProxyArgs{
BlockIfHsmUnavailable: pulumi.Bool(true),
BlockIfNoResource: pulumi.Bool(false),
BlockUnsupportedCipher: pulumi.Bool(true),
BlockUnsupportedVersion: pulumi.Bool(false),
},
SslNoProxy: &scm.DecryptionProfileSslNoProxyArgs{
BlockExpiredCertificate: pulumi.Bool(false),
BlockUntrustedIssuer: pulumi.Bool(true),
},
SslProtocolSettings: &scm.DecryptionProfileSslProtocolSettingsArgs{
AuthAlgoMd5: pulumi.Bool(false),
AuthAlgoSha1: pulumi.Bool(true),
AuthAlgoSha256: pulumi.Bool(false),
AuthAlgoSha384: pulumi.Bool(true),
EncAlgo3des: pulumi.Bool(false),
EncAlgoAes128Gcm: pulumi.Bool(true),
EncAlgoAes256Cbc: pulumi.Bool(false),
EncAlgoAes256Gcm: pulumi.Bool(true),
EncAlgoRc4: pulumi.Bool(true),
KeyxchgAlgoDhe: pulumi.Bool(false),
KeyxchgAlgoEcdhe: pulumi.Bool(true),
KeyxchgAlgoRsa: pulumi.Bool(false),
MaxVersion: pulumi.String("tls1-0"),
MinVersion: pulumi.String("sslv3"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Scm = Pulumi.Scm;
return await Deployment.RunAsync(() =>
{
var scmDecryptionProfileBase = new Scm.DecryptionProfile("scm_decryption_profile_base", new()
{
Folder = "ngfw-shared",
Name = "dp_base",
});
var scmDecryptionProfileForwardProxy = new Scm.DecryptionProfile("scm_decryption_profile_forward_proxy", new()
{
Folder = "ngfw-shared",
Name = "dp_forward_proxy",
SslForwardProxy = new Scm.Inputs.DecryptionProfileSslForwardProxyArgs
{
AutoIncludeAltname = false,
BlockClientCert = true,
BlockExpiredCertificate = true,
BlockTimeoutCert = true,
BlockTls13DowngradeNoResource = false,
BlockUnknownCert = false,
BlockUnsupportedCipher = true,
BlockUnsupportedVersion = true,
BlockUntrustedIssuer = true,
RestrictCertExts = false,
StripAlpn = true,
},
});
var scmDecryptionProfileInboundProxy = new Scm.DecryptionProfile("scm_decryption_profile_inbound_proxy", new()
{
Folder = "ngfw-shared",
Name = "dp_inbound_proxy",
SslInboundProxy = new Scm.Inputs.DecryptionProfileSslInboundProxyArgs
{
BlockIfHsmUnavailable = true,
BlockIfNoResource = true,
BlockUnsupportedCipher = false,
BlockUnsupportedVersion = true,
},
});
var scmDecryptionProfileNoProxy = new Scm.DecryptionProfile("scm_decryption_profile_no_proxy", new()
{
Folder = "ngfw-shared",
Name = "dp_no_proxy",
SslNoProxy = new Scm.Inputs.DecryptionProfileSslNoProxyArgs
{
BlockExpiredCertificate = true,
BlockUntrustedIssuer = false,
},
});
var scmDecryptionProfileProtocolSettings = new Scm.DecryptionProfile("scm_decryption_profile_protocol_settings", new()
{
Folder = "ngfw-shared",
Name = "dp_protocol_settings",
SslProtocolSettings = new Scm.Inputs.DecryptionProfileSslProtocolSettingsArgs
{
AuthAlgoMd5 = true,
AuthAlgoSha1 = true,
AuthAlgoSha256 = true,
AuthAlgoSha384 = false,
EncAlgo3des = false,
EncAlgoAes128Cbc = false,
EncAlgoAes128Gcm = true,
EncAlgoAes256Cbc = false,
EncAlgoAes256Gcm = true,
EncAlgoChacha20Poly1305 = false,
EncAlgoRc4 = false,
KeyxchgAlgoDhe = true,
KeyxchgAlgoEcdhe = true,
KeyxchgAlgoRsa = false,
MaxVersion = "max",
MinVersion = "tls1-2",
},
});
var mixedDecryptionProfile = new Scm.DecryptionProfile("mixed_decryption_profile", new()
{
Folder = "ngfw-shared",
Name = "mixed_dp",
SslForwardProxy = new Scm.Inputs.DecryptionProfileSslForwardProxyArgs
{
AutoIncludeAltname = true,
BlockClientCert = true,
BlockExpiredCertificate = false,
RestrictCertExts = false,
StripAlpn = true,
},
SslInboundProxy = new Scm.Inputs.DecryptionProfileSslInboundProxyArgs
{
BlockIfHsmUnavailable = true,
BlockIfNoResource = true,
BlockUnsupportedCipher = true,
BlockUnsupportedVersion = true,
},
SslProtocolSettings = new Scm.Inputs.DecryptionProfileSslProtocolSettingsArgs
{
AuthAlgoMd5 = true,
AuthAlgoSha1 = true,
AuthAlgoSha256 = false,
AuthAlgoSha384 = true,
EncAlgo3des = true,
EncAlgoRc4 = true,
KeyxchgAlgoDhe = false,
KeyxchgAlgoEcdhe = false,
MaxVersion = "tls1-3",
MinVersion = "tls1-1",
},
});
var fullMixedDecryptionProfile = new Scm.DecryptionProfile("full_mixed_decryption_profile", new()
{
Folder = "ngfw-shared",
Name = "full_mixed_dp",
SslForwardProxy = new Scm.Inputs.DecryptionProfileSslForwardProxyArgs
{
AutoIncludeAltname = true,
BlockClientCert = true,
BlockExpiredCertificate = false,
BlockTimeoutCert = true,
BlockUnknownCert = false,
BlockUnsupportedCipher = true,
BlockUntrustedIssuer = false,
RestrictCertExts = false,
StripAlpn = true,
},
SslInboundProxy = new Scm.Inputs.DecryptionProfileSslInboundProxyArgs
{
BlockIfHsmUnavailable = true,
BlockIfNoResource = false,
BlockUnsupportedCipher = true,
BlockUnsupportedVersion = false,
},
SslNoProxy = new Scm.Inputs.DecryptionProfileSslNoProxyArgs
{
BlockExpiredCertificate = false,
BlockUntrustedIssuer = true,
},
SslProtocolSettings = new Scm.Inputs.DecryptionProfileSslProtocolSettingsArgs
{
AuthAlgoMd5 = false,
AuthAlgoSha1 = true,
AuthAlgoSha256 = false,
AuthAlgoSha384 = true,
EncAlgo3des = false,
EncAlgoAes128Gcm = true,
EncAlgoAes256Cbc = false,
EncAlgoAes256Gcm = true,
EncAlgoRc4 = true,
KeyxchgAlgoDhe = false,
KeyxchgAlgoEcdhe = true,
KeyxchgAlgoRsa = false,
MaxVersion = "tls1-0",
MinVersion = "sslv3",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.scm.DecryptionProfile;
import com.pulumi.scm.DecryptionProfileArgs;
import com.pulumi.scm.inputs.DecryptionProfileSslForwardProxyArgs;
import com.pulumi.scm.inputs.DecryptionProfileSslInboundProxyArgs;
import com.pulumi.scm.inputs.DecryptionProfileSslNoProxyArgs;
import com.pulumi.scm.inputs.DecryptionProfileSslProtocolSettingsArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var scmDecryptionProfileBase = new DecryptionProfile("scmDecryptionProfileBase", DecryptionProfileArgs.builder()
.folder("ngfw-shared")
.name("dp_base")
.build());
var scmDecryptionProfileForwardProxy = new DecryptionProfile("scmDecryptionProfileForwardProxy", DecryptionProfileArgs.builder()
.folder("ngfw-shared")
.name("dp_forward_proxy")
.sslForwardProxy(DecryptionProfileSslForwardProxyArgs.builder()
.autoIncludeAltname(false)
.blockClientCert(true)
.blockExpiredCertificate(true)
.blockTimeoutCert(true)
.blockTls13DowngradeNoResource(false)
.blockUnknownCert(false)
.blockUnsupportedCipher(true)
.blockUnsupportedVersion(true)
.blockUntrustedIssuer(true)
.restrictCertExts(false)
.stripAlpn(true)
.build())
.build());
var scmDecryptionProfileInboundProxy = new DecryptionProfile("scmDecryptionProfileInboundProxy", DecryptionProfileArgs.builder()
.folder("ngfw-shared")
.name("dp_inbound_proxy")
.sslInboundProxy(DecryptionProfileSslInboundProxyArgs.builder()
.blockIfHsmUnavailable(true)
.blockIfNoResource(true)
.blockUnsupportedCipher(false)
.blockUnsupportedVersion(true)
.build())
.build());
var scmDecryptionProfileNoProxy = new DecryptionProfile("scmDecryptionProfileNoProxy", DecryptionProfileArgs.builder()
.folder("ngfw-shared")
.name("dp_no_proxy")
.sslNoProxy(DecryptionProfileSslNoProxyArgs.builder()
.blockExpiredCertificate(true)
.blockUntrustedIssuer(false)
.build())
.build());
var scmDecryptionProfileProtocolSettings = new DecryptionProfile("scmDecryptionProfileProtocolSettings", DecryptionProfileArgs.builder()
.folder("ngfw-shared")
.name("dp_protocol_settings")
.sslProtocolSettings(DecryptionProfileSslProtocolSettingsArgs.builder()
.authAlgoMd5(true)
.authAlgoSha1(true)
.authAlgoSha256(true)
.authAlgoSha384(false)
.encAlgo3des(false)
.encAlgoAes128Cbc(false)
.encAlgoAes128Gcm(true)
.encAlgoAes256Cbc(false)
.encAlgoAes256Gcm(true)
.encAlgoChacha20Poly1305(false)
.encAlgoRc4(false)
.keyxchgAlgoDhe(true)
.keyxchgAlgoEcdhe(true)
.keyxchgAlgoRsa(false)
.maxVersion("max")
.minVersion("tls1-2")
.build())
.build());
var mixedDecryptionProfile = new DecryptionProfile("mixedDecryptionProfile", DecryptionProfileArgs.builder()
.folder("ngfw-shared")
.name("mixed_dp")
.sslForwardProxy(DecryptionProfileSslForwardProxyArgs.builder()
.autoIncludeAltname(true)
.blockClientCert(true)
.blockExpiredCertificate(false)
.restrictCertExts(false)
.stripAlpn(true)
.build())
.sslInboundProxy(DecryptionProfileSslInboundProxyArgs.builder()
.blockIfHsmUnavailable(true)
.blockIfNoResource(true)
.blockUnsupportedCipher(true)
.blockUnsupportedVersion(true)
.build())
.sslProtocolSettings(DecryptionProfileSslProtocolSettingsArgs.builder()
.authAlgoMd5(true)
.authAlgoSha1(true)
.authAlgoSha256(false)
.authAlgoSha384(true)
.encAlgo3des(true)
.encAlgoRc4(true)
.keyxchgAlgoDhe(false)
.keyxchgAlgoEcdhe(false)
.maxVersion("tls1-3")
.minVersion("tls1-1")
.build())
.build());
var fullMixedDecryptionProfile = new DecryptionProfile("fullMixedDecryptionProfile", DecryptionProfileArgs.builder()
.folder("ngfw-shared")
.name("full_mixed_dp")
.sslForwardProxy(DecryptionProfileSslForwardProxyArgs.builder()
.autoIncludeAltname(true)
.blockClientCert(true)
.blockExpiredCertificate(false)
.blockTimeoutCert(true)
.blockUnknownCert(false)
.blockUnsupportedCipher(true)
.blockUntrustedIssuer(false)
.restrictCertExts(false)
.stripAlpn(true)
.build())
.sslInboundProxy(DecryptionProfileSslInboundProxyArgs.builder()
.blockIfHsmUnavailable(true)
.blockIfNoResource(false)
.blockUnsupportedCipher(true)
.blockUnsupportedVersion(false)
.build())
.sslNoProxy(DecryptionProfileSslNoProxyArgs.builder()
.blockExpiredCertificate(false)
.blockUntrustedIssuer(true)
.build())
.sslProtocolSettings(DecryptionProfileSslProtocolSettingsArgs.builder()
.authAlgoMd5(false)
.authAlgoSha1(true)
.authAlgoSha256(false)
.authAlgoSha384(true)
.encAlgo3des(false)
.encAlgoAes128Gcm(true)
.encAlgoAes256Cbc(false)
.encAlgoAes256Gcm(true)
.encAlgoRc4(true)
.keyxchgAlgoDhe(false)
.keyxchgAlgoEcdhe(true)
.keyxchgAlgoRsa(false)
.maxVersion("tls1-0")
.minVersion("sslv3")
.build())
.build());
}
}
resources:
scmDecryptionProfileBase:
type: scm:DecryptionProfile
name: scm_decryption_profile_base
properties:
folder: ngfw-shared
name: dp_base
scmDecryptionProfileForwardProxy:
type: scm:DecryptionProfile
name: scm_decryption_profile_forward_proxy
properties:
folder: ngfw-shared
name: dp_forward_proxy
sslForwardProxy:
autoIncludeAltname: false
blockClientCert: true
blockExpiredCertificate: true
blockTimeoutCert: true
blockTls13DowngradeNoResource: false
blockUnknownCert: false
blockUnsupportedCipher: true
blockUnsupportedVersion: true
blockUntrustedIssuer: true
restrictCertExts: false
stripAlpn: true
scmDecryptionProfileInboundProxy:
type: scm:DecryptionProfile
name: scm_decryption_profile_inbound_proxy
properties:
folder: ngfw-shared
name: dp_inbound_proxy
sslInboundProxy:
blockIfHsmUnavailable: true
blockIfNoResource: true
blockUnsupportedCipher: false
blockUnsupportedVersion: true
scmDecryptionProfileNoProxy:
type: scm:DecryptionProfile
name: scm_decryption_profile_no_proxy
properties:
folder: ngfw-shared
name: dp_no_proxy
sslNoProxy:
blockExpiredCertificate: true
blockUntrustedIssuer: false
scmDecryptionProfileProtocolSettings:
type: scm:DecryptionProfile
name: scm_decryption_profile_protocol_settings
properties:
folder: ngfw-shared
name: dp_protocol_settings
sslProtocolSettings:
authAlgoMd5: true
authAlgoSha1: true
authAlgoSha256: true
authAlgoSha384: false
encAlgo3des: false
encAlgoAes128Cbc: false
encAlgoAes128Gcm: true
encAlgoAes256Cbc: false
encAlgoAes256Gcm: true
encAlgoChacha20Poly1305: false
encAlgoRc4: false
keyxchgAlgoDhe: true
keyxchgAlgoEcdhe: true
keyxchgAlgoRsa: false
maxVersion: max
minVersion: tls1-2
mixedDecryptionProfile:
type: scm:DecryptionProfile
name: mixed_decryption_profile
properties:
folder: ngfw-shared
name: mixed_dp
sslForwardProxy:
autoIncludeAltname: true
blockClientCert: true
blockExpiredCertificate: false
restrictCertExts: false
stripAlpn: true
sslInboundProxy:
blockIfHsmUnavailable: true
blockIfNoResource: true
blockUnsupportedCipher: true
blockUnsupportedVersion: true
sslProtocolSettings:
authAlgoMd5: true
authAlgoSha1: true
authAlgoSha256: false
authAlgoSha384: true
encAlgo3des: true
encAlgoRc4: true
keyxchgAlgoDhe: false
keyxchgAlgoEcdhe: false
maxVersion: tls1-3
minVersion: tls1-1
fullMixedDecryptionProfile:
type: scm:DecryptionProfile
name: full_mixed_decryption_profile
properties:
folder: ngfw-shared
name: full_mixed_dp
sslForwardProxy:
autoIncludeAltname: true
blockClientCert: true
blockExpiredCertificate: false
blockTimeoutCert: true
blockUnknownCert: false
blockUnsupportedCipher: true
blockUntrustedIssuer: false
restrictCertExts: false
stripAlpn: true
sslInboundProxy:
blockIfHsmUnavailable: true
blockIfNoResource: false
blockUnsupportedCipher: true
blockUnsupportedVersion: false
sslNoProxy:
blockExpiredCertificate: false
blockUntrustedIssuer: true
sslProtocolSettings:
authAlgoMd5: false
authAlgoSha1: true
authAlgoSha256: false
authAlgoSha384: true
encAlgo3des: false
encAlgoAes128Gcm: true
encAlgoAes256Cbc: false
encAlgoAes256Gcm: true
encAlgoRc4: true
keyxchgAlgoDhe: false
keyxchgAlgoEcdhe: true
keyxchgAlgoRsa: false
maxVersion: tls1-0
minVersion: sslv3
Create DecryptionProfile Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new DecryptionProfile(name: string, args?: DecryptionProfileArgs, opts?: CustomResourceOptions);@overload
def DecryptionProfile(resource_name: str,
args: Optional[DecryptionProfileArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def DecryptionProfile(resource_name: str,
opts: Optional[ResourceOptions] = None,
device: Optional[str] = None,
folder: Optional[str] = None,
name: Optional[str] = None,
snippet: Optional[str] = None,
ssl_forward_proxy: Optional[DecryptionProfileSslForwardProxyArgs] = None,
ssl_inbound_proxy: Optional[DecryptionProfileSslInboundProxyArgs] = None,
ssl_no_proxy: Optional[DecryptionProfileSslNoProxyArgs] = None,
ssl_protocol_settings: Optional[DecryptionProfileSslProtocolSettingsArgs] = None)func NewDecryptionProfile(ctx *Context, name string, args *DecryptionProfileArgs, opts ...ResourceOption) (*DecryptionProfile, error)public DecryptionProfile(string name, DecryptionProfileArgs? args = null, CustomResourceOptions? opts = null)
public DecryptionProfile(String name, DecryptionProfileArgs args)
public DecryptionProfile(String name, DecryptionProfileArgs args, CustomResourceOptions options)
type: scm:DecryptionProfile
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DecryptionProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DecryptionProfileArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DecryptionProfileArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DecryptionProfileArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DecryptionProfileArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var decryptionProfileResource = new Scm.DecryptionProfile("decryptionProfileResource", new()
{
Device = "string",
Folder = "string",
Name = "string",
Snippet = "string",
SslForwardProxy = new Scm.Inputs.DecryptionProfileSslForwardProxyArgs
{
AutoIncludeAltname = false,
BlockClientCert = false,
BlockExpiredCertificate = false,
BlockTimeoutCert = false,
BlockTls13DowngradeNoResource = false,
BlockUnknownCert = false,
BlockUnsupportedCipher = false,
BlockUnsupportedVersion = false,
BlockUntrustedIssuer = false,
RestrictCertExts = false,
StripAlpn = false,
},
SslInboundProxy = new Scm.Inputs.DecryptionProfileSslInboundProxyArgs
{
BlockIfHsmUnavailable = false,
BlockIfNoResource = false,
BlockUnsupportedCipher = false,
BlockUnsupportedVersion = false,
},
SslNoProxy = new Scm.Inputs.DecryptionProfileSslNoProxyArgs
{
BlockExpiredCertificate = false,
BlockUntrustedIssuer = false,
},
SslProtocolSettings = new Scm.Inputs.DecryptionProfileSslProtocolSettingsArgs
{
AuthAlgoMd5 = false,
AuthAlgoSha1 = false,
AuthAlgoSha256 = false,
AuthAlgoSha384 = false,
EncAlgo3des = false,
EncAlgoAes128Cbc = false,
EncAlgoAes128Gcm = false,
EncAlgoAes256Cbc = false,
EncAlgoAes256Gcm = false,
EncAlgoChacha20Poly1305 = false,
EncAlgoRc4 = false,
KeyxchgAlgoDhe = false,
KeyxchgAlgoEcdhe = false,
KeyxchgAlgoRsa = false,
MaxVersion = "string",
MinVersion = "string",
},
});
example, err := scm.NewDecryptionProfile(ctx, "decryptionProfileResource", &scm.DecryptionProfileArgs{
Device: pulumi.String("string"),
Folder: pulumi.String("string"),
Name: pulumi.String("string"),
Snippet: pulumi.String("string"),
SslForwardProxy: &scm.DecryptionProfileSslForwardProxyArgs{
AutoIncludeAltname: pulumi.Bool(false),
BlockClientCert: pulumi.Bool(false),
BlockExpiredCertificate: pulumi.Bool(false),
BlockTimeoutCert: pulumi.Bool(false),
BlockTls13DowngradeNoResource: pulumi.Bool(false),
BlockUnknownCert: pulumi.Bool(false),
BlockUnsupportedCipher: pulumi.Bool(false),
BlockUnsupportedVersion: pulumi.Bool(false),
BlockUntrustedIssuer: pulumi.Bool(false),
RestrictCertExts: pulumi.Bool(false),
StripAlpn: pulumi.Bool(false),
},
SslInboundProxy: &scm.DecryptionProfileSslInboundProxyArgs{
BlockIfHsmUnavailable: pulumi.Bool(false),
BlockIfNoResource: pulumi.Bool(false),
BlockUnsupportedCipher: pulumi.Bool(false),
BlockUnsupportedVersion: pulumi.Bool(false),
},
SslNoProxy: &scm.DecryptionProfileSslNoProxyArgs{
BlockExpiredCertificate: pulumi.Bool(false),
BlockUntrustedIssuer: pulumi.Bool(false),
},
SslProtocolSettings: &scm.DecryptionProfileSslProtocolSettingsArgs{
AuthAlgoMd5: pulumi.Bool(false),
AuthAlgoSha1: pulumi.Bool(false),
AuthAlgoSha256: pulumi.Bool(false),
AuthAlgoSha384: pulumi.Bool(false),
EncAlgo3des: pulumi.Bool(false),
EncAlgoAes128Cbc: pulumi.Bool(false),
EncAlgoAes128Gcm: pulumi.Bool(false),
EncAlgoAes256Cbc: pulumi.Bool(false),
EncAlgoAes256Gcm: pulumi.Bool(false),
EncAlgoChacha20Poly1305: pulumi.Bool(false),
EncAlgoRc4: pulumi.Bool(false),
KeyxchgAlgoDhe: pulumi.Bool(false),
KeyxchgAlgoEcdhe: pulumi.Bool(false),
KeyxchgAlgoRsa: pulumi.Bool(false),
MaxVersion: pulumi.String("string"),
MinVersion: pulumi.String("string"),
},
})
var decryptionProfileResource = new DecryptionProfile("decryptionProfileResource", DecryptionProfileArgs.builder()
.device("string")
.folder("string")
.name("string")
.snippet("string")
.sslForwardProxy(DecryptionProfileSslForwardProxyArgs.builder()
.autoIncludeAltname(false)
.blockClientCert(false)
.blockExpiredCertificate(false)
.blockTimeoutCert(false)
.blockTls13DowngradeNoResource(false)
.blockUnknownCert(false)
.blockUnsupportedCipher(false)
.blockUnsupportedVersion(false)
.blockUntrustedIssuer(false)
.restrictCertExts(false)
.stripAlpn(false)
.build())
.sslInboundProxy(DecryptionProfileSslInboundProxyArgs.builder()
.blockIfHsmUnavailable(false)
.blockIfNoResource(false)
.blockUnsupportedCipher(false)
.blockUnsupportedVersion(false)
.build())
.sslNoProxy(DecryptionProfileSslNoProxyArgs.builder()
.blockExpiredCertificate(false)
.blockUntrustedIssuer(false)
.build())
.sslProtocolSettings(DecryptionProfileSslProtocolSettingsArgs.builder()
.authAlgoMd5(false)
.authAlgoSha1(false)
.authAlgoSha256(false)
.authAlgoSha384(false)
.encAlgo3des(false)
.encAlgoAes128Cbc(false)
.encAlgoAes128Gcm(false)
.encAlgoAes256Cbc(false)
.encAlgoAes256Gcm(false)
.encAlgoChacha20Poly1305(false)
.encAlgoRc4(false)
.keyxchgAlgoDhe(false)
.keyxchgAlgoEcdhe(false)
.keyxchgAlgoRsa(false)
.maxVersion("string")
.minVersion("string")
.build())
.build());
decryption_profile_resource = scm.DecryptionProfile("decryptionProfileResource",
device="string",
folder="string",
name="string",
snippet="string",
ssl_forward_proxy={
"auto_include_altname": False,
"block_client_cert": False,
"block_expired_certificate": False,
"block_timeout_cert": False,
"block_tls13_downgrade_no_resource": False,
"block_unknown_cert": False,
"block_unsupported_cipher": False,
"block_unsupported_version": False,
"block_untrusted_issuer": False,
"restrict_cert_exts": False,
"strip_alpn": False,
},
ssl_inbound_proxy={
"block_if_hsm_unavailable": False,
"block_if_no_resource": False,
"block_unsupported_cipher": False,
"block_unsupported_version": False,
},
ssl_no_proxy={
"block_expired_certificate": False,
"block_untrusted_issuer": False,
},
ssl_protocol_settings={
"auth_algo_md5": False,
"auth_algo_sha1": False,
"auth_algo_sha256": False,
"auth_algo_sha384": False,
"enc_algo3des": False,
"enc_algo_aes128_cbc": False,
"enc_algo_aes128_gcm": False,
"enc_algo_aes256_cbc": False,
"enc_algo_aes256_gcm": False,
"enc_algo_chacha20_poly1305": False,
"enc_algo_rc4": False,
"keyxchg_algo_dhe": False,
"keyxchg_algo_ecdhe": False,
"keyxchg_algo_rsa": False,
"max_version": "string",
"min_version": "string",
})
const decryptionProfileResource = new scm.DecryptionProfile("decryptionProfileResource", {
device: "string",
folder: "string",
name: "string",
snippet: "string",
sslForwardProxy: {
autoIncludeAltname: false,
blockClientCert: false,
blockExpiredCertificate: false,
blockTimeoutCert: false,
blockTls13DowngradeNoResource: false,
blockUnknownCert: false,
blockUnsupportedCipher: false,
blockUnsupportedVersion: false,
blockUntrustedIssuer: false,
restrictCertExts: false,
stripAlpn: false,
},
sslInboundProxy: {
blockIfHsmUnavailable: false,
blockIfNoResource: false,
blockUnsupportedCipher: false,
blockUnsupportedVersion: false,
},
sslNoProxy: {
blockExpiredCertificate: false,
blockUntrustedIssuer: false,
},
sslProtocolSettings: {
authAlgoMd5: false,
authAlgoSha1: false,
authAlgoSha256: false,
authAlgoSha384: false,
encAlgo3des: false,
encAlgoAes128Cbc: false,
encAlgoAes128Gcm: false,
encAlgoAes256Cbc: false,
encAlgoAes256Gcm: false,
encAlgoChacha20Poly1305: false,
encAlgoRc4: false,
keyxchgAlgoDhe: false,
keyxchgAlgoEcdhe: false,
keyxchgAlgoRsa: false,
maxVersion: "string",
minVersion: "string",
},
});
type: scm:DecryptionProfile
properties:
device: string
folder: string
name: string
snippet: string
sslForwardProxy:
autoIncludeAltname: false
blockClientCert: false
blockExpiredCertificate: false
blockTimeoutCert: false
blockTls13DowngradeNoResource: false
blockUnknownCert: false
blockUnsupportedCipher: false
blockUnsupportedVersion: false
blockUntrustedIssuer: false
restrictCertExts: false
stripAlpn: false
sslInboundProxy:
blockIfHsmUnavailable: false
blockIfNoResource: false
blockUnsupportedCipher: false
blockUnsupportedVersion: false
sslNoProxy:
blockExpiredCertificate: false
blockUntrustedIssuer: false
sslProtocolSettings:
authAlgoMd5: false
authAlgoSha1: false
authAlgoSha256: false
authAlgoSha384: false
encAlgo3des: false
encAlgoAes128Cbc: false
encAlgoAes128Gcm: false
encAlgoAes256Cbc: false
encAlgoAes256Gcm: false
encAlgoChacha20Poly1305: false
encAlgoRc4: false
keyxchgAlgoDhe: false
keyxchgAlgoEcdhe: false
keyxchgAlgoRsa: false
maxVersion: string
minVersion: string
DecryptionProfile Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The DecryptionProfile resource accepts the following input properties:
- Device string
- The device in which the resource is defined
- Folder string
- The folder in which the resource is defined
- Name string
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- Snippet string
- The snippet in which the resource is defined
- Ssl
Forward DecryptionProxy Profile Ssl Forward Proxy - Ssl forward proxy
- Ssl
Inbound DecryptionProxy Profile Ssl Inbound Proxy - Ssl inbound proxy
- Ssl
No DecryptionProxy Profile Ssl No Proxy - Ssl no proxy
- Ssl
Protocol DecryptionSettings Profile Ssl Protocol Settings - Ssl protocol settings
- Device string
- The device in which the resource is defined
- Folder string
- The folder in which the resource is defined
- Name string
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- Snippet string
- The snippet in which the resource is defined
- Ssl
Forward DecryptionProxy Profile Ssl Forward Proxy Args - Ssl forward proxy
- Ssl
Inbound DecryptionProxy Profile Ssl Inbound Proxy Args - Ssl inbound proxy
- Ssl
No DecryptionProxy Profile Ssl No Proxy Args - Ssl no proxy
- Ssl
Protocol DecryptionSettings Profile Ssl Protocol Settings Args - Ssl protocol settings
- device String
- The device in which the resource is defined
- folder String
- The folder in which the resource is defined
- name String
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- snippet String
- The snippet in which the resource is defined
- ssl
Forward DecryptionProxy Profile Ssl Forward Proxy - Ssl forward proxy
- ssl
Inbound DecryptionProxy Profile Ssl Inbound Proxy - Ssl inbound proxy
- ssl
No DecryptionProxy Profile Ssl No Proxy - Ssl no proxy
- ssl
Protocol DecryptionSettings Profile Ssl Protocol Settings - Ssl protocol settings
- device string
- The device in which the resource is defined
- folder string
- The folder in which the resource is defined
- name string
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- snippet string
- The snippet in which the resource is defined
- ssl
Forward DecryptionProxy Profile Ssl Forward Proxy - Ssl forward proxy
- ssl
Inbound DecryptionProxy Profile Ssl Inbound Proxy - Ssl inbound proxy
- ssl
No DecryptionProxy Profile Ssl No Proxy - Ssl no proxy
- ssl
Protocol DecryptionSettings Profile Ssl Protocol Settings - Ssl protocol settings
- device str
- The device in which the resource is defined
- folder str
- The folder in which the resource is defined
- name str
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- snippet str
- The snippet in which the resource is defined
- ssl_
forward_ Decryptionproxy Profile Ssl Forward Proxy Args - Ssl forward proxy
- ssl_
inbound_ Decryptionproxy Profile Ssl Inbound Proxy Args - Ssl inbound proxy
- ssl_
no_ Decryptionproxy Profile Ssl No Proxy Args - Ssl no proxy
- ssl_
protocol_ Decryptionsettings Profile Ssl Protocol Settings Args - Ssl protocol settings
- device String
- The device in which the resource is defined
- folder String
- The folder in which the resource is defined
- name String
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- snippet String
- The snippet in which the resource is defined
- ssl
Forward Property MapProxy - Ssl forward proxy
- ssl
Inbound Property MapProxy - Ssl inbound proxy
- ssl
No Property MapProxy - Ssl no proxy
- ssl
Protocol Property MapSettings - Ssl protocol settings
Outputs
All input properties are implicitly available as output properties. Additionally, the DecryptionProfile resource produces the following output properties:
Look up Existing DecryptionProfile Resource
Get an existing DecryptionProfile resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DecryptionProfileState, opts?: CustomResourceOptions): DecryptionProfile@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
device: Optional[str] = None,
folder: Optional[str] = None,
name: Optional[str] = None,
snippet: Optional[str] = None,
ssl_forward_proxy: Optional[DecryptionProfileSslForwardProxyArgs] = None,
ssl_inbound_proxy: Optional[DecryptionProfileSslInboundProxyArgs] = None,
ssl_no_proxy: Optional[DecryptionProfileSslNoProxyArgs] = None,
ssl_protocol_settings: Optional[DecryptionProfileSslProtocolSettingsArgs] = None,
tfid: Optional[str] = None) -> DecryptionProfilefunc GetDecryptionProfile(ctx *Context, name string, id IDInput, state *DecryptionProfileState, opts ...ResourceOption) (*DecryptionProfile, error)public static DecryptionProfile Get(string name, Input<string> id, DecryptionProfileState? state, CustomResourceOptions? opts = null)public static DecryptionProfile get(String name, Output<String> id, DecryptionProfileState state, CustomResourceOptions options)resources: _: type: scm:DecryptionProfile get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Device string
- The device in which the resource is defined
- Folder string
- The folder in which the resource is defined
- Name string
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- Snippet string
- The snippet in which the resource is defined
- Ssl
Forward DecryptionProxy Profile Ssl Forward Proxy - Ssl forward proxy
- Ssl
Inbound DecryptionProxy Profile Ssl Inbound Proxy - Ssl inbound proxy
- Ssl
No DecryptionProxy Profile Ssl No Proxy - Ssl no proxy
- Ssl
Protocol DecryptionSettings Profile Ssl Protocol Settings - Ssl protocol settings
- Tfid string
- Device string
- The device in which the resource is defined
- Folder string
- The folder in which the resource is defined
- Name string
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- Snippet string
- The snippet in which the resource is defined
- Ssl
Forward DecryptionProxy Profile Ssl Forward Proxy Args - Ssl forward proxy
- Ssl
Inbound DecryptionProxy Profile Ssl Inbound Proxy Args - Ssl inbound proxy
- Ssl
No DecryptionProxy Profile Ssl No Proxy Args - Ssl no proxy
- Ssl
Protocol DecryptionSettings Profile Ssl Protocol Settings Args - Ssl protocol settings
- Tfid string
- device String
- The device in which the resource is defined
- folder String
- The folder in which the resource is defined
- name String
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- snippet String
- The snippet in which the resource is defined
- ssl
Forward DecryptionProxy Profile Ssl Forward Proxy - Ssl forward proxy
- ssl
Inbound DecryptionProxy Profile Ssl Inbound Proxy - Ssl inbound proxy
- ssl
No DecryptionProxy Profile Ssl No Proxy - Ssl no proxy
- ssl
Protocol DecryptionSettings Profile Ssl Protocol Settings - Ssl protocol settings
- tfid String
- device string
- The device in which the resource is defined
- folder string
- The folder in which the resource is defined
- name string
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- snippet string
- The snippet in which the resource is defined
- ssl
Forward DecryptionProxy Profile Ssl Forward Proxy - Ssl forward proxy
- ssl
Inbound DecryptionProxy Profile Ssl Inbound Proxy - Ssl inbound proxy
- ssl
No DecryptionProxy Profile Ssl No Proxy - Ssl no proxy
- ssl
Protocol DecryptionSettings Profile Ssl Protocol Settings - Ssl protocol settings
- tfid string
- device str
- The device in which the resource is defined
- folder str
- The folder in which the resource is defined
- name str
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- snippet str
- The snippet in which the resource is defined
- ssl_
forward_ Decryptionproxy Profile Ssl Forward Proxy Args - Ssl forward proxy
- ssl_
inbound_ Decryptionproxy Profile Ssl Inbound Proxy Args - Ssl inbound proxy
- ssl_
no_ Decryptionproxy Profile Ssl No Proxy Args - Ssl no proxy
- ssl_
protocol_ Decryptionsettings Profile Ssl Protocol Settings Args - Ssl protocol settings
- tfid str
- device String
- The device in which the resource is defined
- folder String
- The folder in which the resource is defined
- name String
- Must start with alphanumeric char and should contain only alphanemeric, underscore, hyphen, dot or space
- snippet String
- The snippet in which the resource is defined
- ssl
Forward Property MapProxy - Ssl forward proxy
- ssl
Inbound Property MapProxy - Ssl inbound proxy
- ssl
No Property MapProxy - Ssl no proxy
- ssl
Protocol Property MapSettings - Ssl protocol settings
- tfid String
Supporting Types
DecryptionProfileSslForwardProxy, DecryptionProfileSslForwardProxyArgs
- Auto
Include boolAltname - Auto include altname
- Block
Client boolCert - Block client cert
- Block
Expired boolCertificate - Block expired certificate
- Block
Timeout boolCert - Block timeout cert
- Block
Tls13Downgrade boolNo Resource - Block tls13 downgrade no resource
- Block
Unknown boolCert - Block unknown cert
- Block
Unsupported boolCipher - Block unsupported cipher
- Block
Unsupported boolVersion - Block unsupported version
- Block
Untrusted boolIssuer - Block untrusted issuer
- Restrict
Cert boolExts - Restrict cert exts
- Strip
Alpn bool - Strip alpn
- Auto
Include boolAltname - Auto include altname
- Block
Client boolCert - Block client cert
- Block
Expired boolCertificate - Block expired certificate
- Block
Timeout boolCert - Block timeout cert
- Block
Tls13Downgrade boolNo Resource - Block tls13 downgrade no resource
- Block
Unknown boolCert - Block unknown cert
- Block
Unsupported boolCipher - Block unsupported cipher
- Block
Unsupported boolVersion - Block unsupported version
- Block
Untrusted boolIssuer - Block untrusted issuer
- Restrict
Cert boolExts - Restrict cert exts
- Strip
Alpn bool - Strip alpn
- auto
Include BooleanAltname - Auto include altname
- block
Client BooleanCert - Block client cert
- block
Expired BooleanCertificate - Block expired certificate
- block
Timeout BooleanCert - Block timeout cert
- block
Tls13Downgrade BooleanNo Resource - Block tls13 downgrade no resource
- block
Unknown BooleanCert - Block unknown cert
- block
Unsupported BooleanCipher - Block unsupported cipher
- block
Unsupported BooleanVersion - Block unsupported version
- block
Untrusted BooleanIssuer - Block untrusted issuer
- restrict
Cert BooleanExts - Restrict cert exts
- strip
Alpn Boolean - Strip alpn
- auto
Include booleanAltname - Auto include altname
- block
Client booleanCert - Block client cert
- block
Expired booleanCertificate - Block expired certificate
- block
Timeout booleanCert - Block timeout cert
- block
Tls13Downgrade booleanNo Resource - Block tls13 downgrade no resource
- block
Unknown booleanCert - Block unknown cert
- block
Unsupported booleanCipher - Block unsupported cipher
- block
Unsupported booleanVersion - Block unsupported version
- block
Untrusted booleanIssuer - Block untrusted issuer
- restrict
Cert booleanExts - Restrict cert exts
- strip
Alpn boolean - Strip alpn
- auto_
include_ boolaltname - Auto include altname
- block_
client_ boolcert - Block client cert
- block_
expired_ boolcertificate - Block expired certificate
- block_
timeout_ boolcert - Block timeout cert
- block_
tls13_ booldowngrade_ no_ resource - Block tls13 downgrade no resource
- block_
unknown_ boolcert - Block unknown cert
- block_
unsupported_ boolcipher - Block unsupported cipher
- block_
unsupported_ boolversion - Block unsupported version
- block_
untrusted_ boolissuer - Block untrusted issuer
- restrict_
cert_ boolexts - Restrict cert exts
- strip_
alpn bool - Strip alpn
- auto
Include BooleanAltname - Auto include altname
- block
Client BooleanCert - Block client cert
- block
Expired BooleanCertificate - Block expired certificate
- block
Timeout BooleanCert - Block timeout cert
- block
Tls13Downgrade BooleanNo Resource - Block tls13 downgrade no resource
- block
Unknown BooleanCert - Block unknown cert
- block
Unsupported BooleanCipher - Block unsupported cipher
- block
Unsupported BooleanVersion - Block unsupported version
- block
Untrusted BooleanIssuer - Block untrusted issuer
- restrict
Cert BooleanExts - Restrict cert exts
- strip
Alpn Boolean - Strip alpn
DecryptionProfileSslInboundProxy, DecryptionProfileSslInboundProxyArgs
- bool
- Block if hsm unavailable
- Block
If boolNo Resource - Block if no resource
- Block
Unsupported boolCipher - Block unsupported cipher
- Block
Unsupported boolVersion - Block unsupported version
- bool
- Block if hsm unavailable
- Block
If boolNo Resource - Block if no resource
- Block
Unsupported boolCipher - Block unsupported cipher
- Block
Unsupported boolVersion - Block unsupported version
- Boolean
- Block if hsm unavailable
- block
If BooleanNo Resource - Block if no resource
- block
Unsupported BooleanCipher - Block unsupported cipher
- block
Unsupported BooleanVersion - Block unsupported version
- boolean
- Block if hsm unavailable
- block
If booleanNo Resource - Block if no resource
- block
Unsupported booleanCipher - Block unsupported cipher
- block
Unsupported booleanVersion - Block unsupported version
- bool
- Block if hsm unavailable
- block_
if_ boolno_ resource - Block if no resource
- block_
unsupported_ boolcipher - Block unsupported cipher
- block_
unsupported_ boolversion - Block unsupported version
- Boolean
- Block if hsm unavailable
- block
If BooleanNo Resource - Block if no resource
- block
Unsupported BooleanCipher - Block unsupported cipher
- block
Unsupported BooleanVersion - Block unsupported version
DecryptionProfileSslNoProxy, DecryptionProfileSslNoProxyArgs
- Block
Expired boolCertificate - Block expired certificate
- Block
Untrusted boolIssuer - Block untrusted issuer
- Block
Expired boolCertificate - Block expired certificate
- Block
Untrusted boolIssuer - Block untrusted issuer
- block
Expired BooleanCertificate - Block expired certificate
- block
Untrusted BooleanIssuer - Block untrusted issuer
- block
Expired booleanCertificate - Block expired certificate
- block
Untrusted booleanIssuer - Block untrusted issuer
- block_
expired_ boolcertificate - Block expired certificate
- block_
untrusted_ boolissuer - Block untrusted issuer
- block
Expired BooleanCertificate - Block expired certificate
- block
Untrusted BooleanIssuer - Block untrusted issuer
DecryptionProfileSslProtocolSettings, DecryptionProfileSslProtocolSettingsArgs
- Auth
Algo boolMd5 - Auth algo md5
- Auth
Algo boolSha1 - Auth algo sha1
- Auth
Algo boolSha256 - Auth algo sha256
- Auth
Algo boolSha384 - Auth algo sha384
- Enc
Algo3des bool - Enc algo3des
- Enc
Algo boolAes128Cbc - Enc algo aes128 cbc
- Enc
Algo boolAes128Gcm - Enc algo aes128 gcm
- Enc
Algo boolAes256Cbc - Enc algo aes256 cbc
- Enc
Algo boolAes256Gcm - Enc algo aes256 gcm
- Enc
Algo boolChacha20Poly1305 - Enc algo chacha20 poly1305
- Enc
Algo boolRc4 - Enc algo rc4
- Keyxchg
Algo boolDhe - Keyxchg algo dhe
- Keyxchg
Algo boolEcdhe - Keyxchg algo ecdhe
- Keyxchg
Algo boolRsa - Keyxchg algo rsa
- Max
Version string - Max version
- Min
Version string - Min version
- Auth
Algo boolMd5 - Auth algo md5
- Auth
Algo boolSha1 - Auth algo sha1
- Auth
Algo boolSha256 - Auth algo sha256
- Auth
Algo boolSha384 - Auth algo sha384
- Enc
Algo3des bool - Enc algo3des
- Enc
Algo boolAes128Cbc - Enc algo aes128 cbc
- Enc
Algo boolAes128Gcm - Enc algo aes128 gcm
- Enc
Algo boolAes256Cbc - Enc algo aes256 cbc
- Enc
Algo boolAes256Gcm - Enc algo aes256 gcm
- Enc
Algo boolChacha20Poly1305 - Enc algo chacha20 poly1305
- Enc
Algo boolRc4 - Enc algo rc4
- Keyxchg
Algo boolDhe - Keyxchg algo dhe
- Keyxchg
Algo boolEcdhe - Keyxchg algo ecdhe
- Keyxchg
Algo boolRsa - Keyxchg algo rsa
- Max
Version string - Max version
- Min
Version string - Min version
- auth
Algo BooleanMd5 - Auth algo md5
- auth
Algo BooleanSha1 - Auth algo sha1
- auth
Algo BooleanSha256 - Auth algo sha256
- auth
Algo BooleanSha384 - Auth algo sha384
- enc
Algo3des Boolean - Enc algo3des
- enc
Algo BooleanAes128Cbc - Enc algo aes128 cbc
- enc
Algo BooleanAes128Gcm - Enc algo aes128 gcm
- enc
Algo BooleanAes256Cbc - Enc algo aes256 cbc
- enc
Algo BooleanAes256Gcm - Enc algo aes256 gcm
- enc
Algo BooleanChacha20Poly1305 - Enc algo chacha20 poly1305
- enc
Algo BooleanRc4 - Enc algo rc4
- keyxchg
Algo BooleanDhe - Keyxchg algo dhe
- keyxchg
Algo BooleanEcdhe - Keyxchg algo ecdhe
- keyxchg
Algo BooleanRsa - Keyxchg algo rsa
- max
Version String - Max version
- min
Version String - Min version
- auth
Algo booleanMd5 - Auth algo md5
- auth
Algo booleanSha1 - Auth algo sha1
- auth
Algo booleanSha256 - Auth algo sha256
- auth
Algo booleanSha384 - Auth algo sha384
- enc
Algo3des boolean - Enc algo3des
- enc
Algo booleanAes128Cbc - Enc algo aes128 cbc
- enc
Algo booleanAes128Gcm - Enc algo aes128 gcm
- enc
Algo booleanAes256Cbc - Enc algo aes256 cbc
- enc
Algo booleanAes256Gcm - Enc algo aes256 gcm
- enc
Algo booleanChacha20Poly1305 - Enc algo chacha20 poly1305
- enc
Algo booleanRc4 - Enc algo rc4
- keyxchg
Algo booleanDhe - Keyxchg algo dhe
- keyxchg
Algo booleanEcdhe - Keyxchg algo ecdhe
- keyxchg
Algo booleanRsa - Keyxchg algo rsa
- max
Version string - Max version
- min
Version string - Min version
- auth_
algo_ boolmd5 - Auth algo md5
- auth_
algo_ boolsha1 - Auth algo sha1
- auth_
algo_ boolsha256 - Auth algo sha256
- auth_
algo_ boolsha384 - Auth algo sha384
- enc_
algo3des bool - Enc algo3des
- enc_
algo_ boolaes128_ cbc - Enc algo aes128 cbc
- enc_
algo_ boolaes128_ gcm - Enc algo aes128 gcm
- enc_
algo_ boolaes256_ cbc - Enc algo aes256 cbc
- enc_
algo_ boolaes256_ gcm - Enc algo aes256 gcm
- enc_
algo_ boolchacha20_ poly1305 - Enc algo chacha20 poly1305
- enc_
algo_ boolrc4 - Enc algo rc4
- keyxchg_
algo_ booldhe - Keyxchg algo dhe
- keyxchg_
algo_ boolecdhe - Keyxchg algo ecdhe
- keyxchg_
algo_ boolrsa - Keyxchg algo rsa
- max_
version str - Max version
- min_
version str - Min version
- auth
Algo BooleanMd5 - Auth algo md5
- auth
Algo BooleanSha1 - Auth algo sha1
- auth
Algo BooleanSha256 - Auth algo sha256
- auth
Algo BooleanSha384 - Auth algo sha384
- enc
Algo3des Boolean - Enc algo3des
- enc
Algo BooleanAes128Cbc - Enc algo aes128 cbc
- enc
Algo BooleanAes128Gcm - Enc algo aes128 gcm
- enc
Algo BooleanAes256Cbc - Enc algo aes256 cbc
- enc
Algo BooleanAes256Gcm - Enc algo aes256 gcm
- enc
Algo BooleanChacha20Poly1305 - Enc algo chacha20 poly1305
- enc
Algo BooleanRc4 - Enc algo rc4
- keyxchg
Algo BooleanDhe - Keyxchg algo dhe
- keyxchg
Algo BooleanEcdhe - Keyxchg algo ecdhe
- keyxchg
Algo BooleanRsa - Keyxchg algo rsa
- max
Version String - Max version
- min
Version String - Min version
Package Details
- Repository
- scm pulumi/pulumi-scm
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
scmTerraform Provider.
Strata Cloud Manager v0.4.3 published on Saturday, Nov 8, 2025 by Pulumi
