diff --git a/specs/objects/security-profile-antivirus.yaml b/specs/objects/profiles/security/antivirus.yaml similarity index 65% rename from specs/objects/security-profile-antivirus.yaml rename to specs/objects/profiles/security/antivirus.yaml index a0cfc25..d834c9d 100644 --- a/specs/objects/security-profile-antivirus.yaml +++ b/specs/objects/profiles/security/antivirus.yaml @@ -25,13 +25,78 @@ locations: - config - shared vars: [] - description: Location in Shared Panorama + description: Panorama shared object devices: - panorama - ngfw validators: [] required: false read_only: false +- name: device-group + xpath: + path: + - config + - devices + - $panorama_device + - device-group + - $device_group + vars: + - name: panorama_device + description: Panorama device name + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: device_group + description: Device Group name + required: true + validators: + - type: not-values + spec: + values: + - value: shared + error: The device group name cannot be "shared". Use the "shared" location + instead + type: entry + description: Located in a specific Device Group + devices: + - panorama + validators: [] + required: false + read_only: false +- name: vsys + xpath: + path: + - config + - devices + - $ngfw_device + - vsys + - $vsys + vars: + - name: ngfw_device + description: The NGFW device name + required: false + default: localhost.localdomain + validators: [] + type: entry + - name: vsys + description: The Virtual System name + required: false + default: vsys1 + validators: + - type: not-values + spec: + values: + - value: shared + error: The vsys name cannot be "shared". Use the "shared" location instead + type: entry + description: Located in a specific Virtual System + devices: + - ngfw + - panorama + validators: [] + required: false + read_only: false entries: - name: name description: '' @@ -79,11 +144,16 @@ spec: - value: reset-client - value: reset-server - value: reset-both - description: '' + description: 'Action for application exception. Valid values are: `default` + (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, + or `reset-both`' required: false variants: [] - description: Application exceptions. + description: Application exceptions required: false + codegen_overrides: + terraform: + name: application-exceptions - name: decoder type: list profiles: @@ -124,7 +194,9 @@ spec: - value: reset-client - value: reset-server - value: reset-both - description: '' + description: 'Action for standard antivirus signatures. Valid values are: + `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, + or `reset-both`' required: false - name: wildfire-action type: enum @@ -152,7 +224,9 @@ spec: - value: reset-client - value: reset-server - value: reset-both - description: '' + description: 'Action for signatures generated by the WildFire system. + Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, + `reset-server`, or `reset-both`' required: false - name: mlav-action type: enum @@ -180,11 +254,19 @@ spec: - value: reset-client - value: reset-server - value: reset-both - description: '' + description: 'Action for malicious threats detected in real-time by the + WildFire Inline ML models. Valid values are: `default` (default), `allow`, + `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`' required: false + codegen_overrides: + terraform: + name: ml-action variants: [] - description: Protocol decoders. + description: Protocol decoders required: false + codegen_overrides: + terraform: + name: decoders - name: description type: string profiles: @@ -196,7 +278,7 @@ spec: min: 0 max: 255 spec: {} - description: Profile description. + description: Profile description required: false - name: disable-override type: enum @@ -207,12 +289,14 @@ spec: - type: values spec: values: + - 'yes' - 'no' spec: default: 'no' values: + - value: 'yes' - value: 'no' - description: disable object override in child device groups + description: Disable object override in child device groups required: false - name: mlav-engine-filebased-enabled type: list @@ -245,11 +329,18 @@ spec: - value: enable - value: enable(alert-only) - value: disable - description: '' + description: 'Action for ML model antivirus signatures. Valid values are: + `enable`, `enable(alert-only)`, or `disable`' required: false + codegen_overrides: + terraform: + name: action variants: [] - description: Machine learining models. + description: Machine learning models required: false + codegen_overrides: + terraform: + name: machine-learning-models - name: mlav-exception type: list profiles: @@ -275,7 +366,7 @@ spec: min: 0 max: 255 spec: {} - description: '' + description: File name to exclude from enforcement required: false - name: description type: string @@ -288,11 +379,14 @@ spec: min: 0 max: 255 spec: {} - description: Profile description. + description: Exception description required: false variants: [] - description: Exceptions for ML based + description: Exceptions for ML based file scans. required: false + codegen_overrides: + terraform: + name: machine-learning-exceptions - name: packet-capture type: bool profiles: @@ -300,7 +394,7 @@ spec: - packet-capture validators: [] spec: {} - description: Enable packet capture. + description: Enable packet capture required: false - name: threat-exception type: list @@ -317,17 +411,18 @@ spec: spec: params: [] variants: [] - description: Exceptions for specific threats. + description: Exceptions for specific threats required: false + codegen_overrides: + terraform: + name: threat-exceptions - name: wfrt-hold-mode type: bool profiles: - xpath: - wfrt-hold-mode - min_version: 11.0.2 - max_version: 11.0.3 validators: [] spec: {} - description: '' + description: Enable hold mode for WildFire real time signature lookup required: false variants: []