Cisco Catalyst SD-WAN v0.5.1, Nov 4 25

Cisco Catalyst SD-WAN v0.5.1 published on Tuesday, Nov 4, 2025 by Pulumi

sdwan.PolicyObjectUnifiedTlsSslDecryption

Cisco Catalyst SD-WAN v0.5.1 published on Tuesday, Nov 4, 2025 by Pulumi

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as sdwan from "@pulumi/sdwan";

const example = new sdwan.PolicyObjectUnifiedTlsSslDecryption("example", {
    name: "Example",
    description: "My Example",
    featureProfileId: "f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac",
    expiredCertificate: "drop",
    untrustedCertificate: "drop",
    certificateRevocationStatus: "none",
    unsupportedProtocolVersions: "drop",
    unsupportedCipherSuites: "drop",
    failureMode: "close",
    defaultCaCertificateBundle: true,
    rsaKeypairModules: "2048",
    ecKeyType: "P256",
    certificateLifetime: "1",
    minimalTlsVer: "TLSv1",
});

import pulumi
import pulumi_sdwan as sdwan

example = sdwan.PolicyObjectUnifiedTlsSslDecryption("example",
    name="Example",
    description="My Example",
    feature_profile_id="f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac",
    expired_certificate="drop",
    untrusted_certificate="drop",
    certificate_revocation_status="none",
    unsupported_protocol_versions="drop",
    unsupported_cipher_suites="drop",
    failure_mode="close",
    default_ca_certificate_bundle=True,
    rsa_keypair_modules="2048",
    ec_key_type="P256",
    certificate_lifetime="1",
    minimal_tls_ver="TLSv1")

package main

import (
	"github.com/pulumi/pulumi-sdwan/sdk/go/sdwan"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sdwan.NewPolicyObjectUnifiedTlsSslDecryption(ctx, "example", &sdwan.PolicyObjectUnifiedTlsSslDecryptionArgs{
			Name:                        pulumi.String("Example"),
			Description:                 pulumi.String("My Example"),
			FeatureProfileId:            pulumi.String("f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac"),
			ExpiredCertificate:          pulumi.String("drop"),
			UntrustedCertificate:        pulumi.String("drop"),
			CertificateRevocationStatus: pulumi.String("none"),
			UnsupportedProtocolVersions: pulumi.String("drop"),
			UnsupportedCipherSuites:     pulumi.String("drop"),
			FailureMode:                 pulumi.String("close"),
			DefaultCaCertificateBundle:  pulumi.Bool(true),
			RsaKeypairModules:           pulumi.String("2048"),
			EcKeyType:                   pulumi.String("P256"),
			CertificateLifetime:         pulumi.String("1"),
			MinimalTlsVer:               pulumi.String("TLSv1"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Sdwan = Pulumi.Sdwan;

return await Deployment.RunAsync(() => 
{
    var example = new Sdwan.PolicyObjectUnifiedTlsSslDecryption("example", new()
    {
        Name = "Example",
        Description = "My Example",
        FeatureProfileId = "f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac",
        ExpiredCertificate = "drop",
        UntrustedCertificate = "drop",
        CertificateRevocationStatus = "none",
        UnsupportedProtocolVersions = "drop",
        UnsupportedCipherSuites = "drop",
        FailureMode = "close",
        DefaultCaCertificateBundle = true,
        RsaKeypairModules = "2048",
        EcKeyType = "P256",
        CertificateLifetime = "1",
        MinimalTlsVer = "TLSv1",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.sdwan.PolicyObjectUnifiedTlsSslDecryption;
import com.pulumi.sdwan.PolicyObjectUnifiedTlsSslDecryptionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new PolicyObjectUnifiedTlsSslDecryption("example", PolicyObjectUnifiedTlsSslDecryptionArgs.builder()
            .name("Example")
            .description("My Example")
            .featureProfileId("f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac")
            .expiredCertificate("drop")
            .untrustedCertificate("drop")
            .certificateRevocationStatus("none")
            .unsupportedProtocolVersions("drop")
            .unsupportedCipherSuites("drop")
            .failureMode("close")
            .defaultCaCertificateBundle(true)
            .rsaKeypairModules("2048")
            .ecKeyType("P256")
            .certificateLifetime("1")
            .minimalTlsVer("TLSv1")
            .build());

    }
}

resources:
  example:
    type: sdwan:PolicyObjectUnifiedTlsSslDecryption
    properties:
      name: Example
      description: My Example
      featureProfileId: f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac
      expiredCertificate: drop
      untrustedCertificate: drop
      certificateRevocationStatus: none
      unsupportedProtocolVersions: drop
      unsupportedCipherSuites: drop
      failureMode: close
      defaultCaCertificateBundle: true
      rsaKeypairModules: '2048'
      ecKeyType: P256
      certificateLifetime: '1'
      minimalTlsVer: TLSv1

Create PolicyObjectUnifiedTlsSslDecryption Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PolicyObjectUnifiedTlsSslDecryption(name: string, args: PolicyObjectUnifiedTlsSslDecryptionArgs, opts?: CustomResourceOptions);

@overload
def PolicyObjectUnifiedTlsSslDecryption(resource_name: str,
                                        args: PolicyObjectUnifiedTlsSslDecryptionArgs,
                                        opts: Optional[ResourceOptions] = None)

@overload
def PolicyObjectUnifiedTlsSslDecryption(resource_name: str,
                                        opts: Optional[ResourceOptions] = None,
                                        rsa_keypair_modules: Optional[str] = None,
                                        unsupported_cipher_suites: Optional[str] = None,
                                        certificate_revocation_status: Optional[str] = None,
                                        untrusted_certificate: Optional[str] = None,
                                        unsupported_protocol_versions: Optional[str] = None,
                                        ec_key_type: Optional[str] = None,
                                        expired_certificate: Optional[str] = None,
                                        failure_mode: Optional[str] = None,
                                        certificate_lifetime: Optional[str] = None,
                                        minimal_tls_ver: Optional[str] = None,
                                        feature_profile_id: Optional[str] = None,
                                        file_name: Optional[str] = None,
                                        bundle_string: Optional[str] = None,
                                        unknown_revocation_status: Optional[str] = None,
                                        name: Optional[str] = None,
                                        description: Optional[str] = None,
                                        default_ca_certificate_bundle: Optional[bool] = None)

func NewPolicyObjectUnifiedTlsSslDecryption(ctx *Context, name string, args PolicyObjectUnifiedTlsSslDecryptionArgs, opts ...ResourceOption) (*PolicyObjectUnifiedTlsSslDecryption, error)

public PolicyObjectUnifiedTlsSslDecryption(string name, PolicyObjectUnifiedTlsSslDecryptionArgs args, CustomResourceOptions? opts = null)

public PolicyObjectUnifiedTlsSslDecryption(String name, PolicyObjectUnifiedTlsSslDecryptionArgs args)
public PolicyObjectUnifiedTlsSslDecryption(String name, PolicyObjectUnifiedTlsSslDecryptionArgs args, CustomResourceOptions options)

type: sdwan:PolicyObjectUnifiedTlsSslDecryption
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PolicyObjectUnifiedTlsSslDecryptionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PolicyObjectUnifiedTlsSslDecryptionArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PolicyObjectUnifiedTlsSslDecryptionArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicyObjectUnifiedTlsSslDecryptionArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PolicyObjectUnifiedTlsSslDecryptionArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var policyObjectUnifiedTlsSslDecryptionResource = new Sdwan.PolicyObjectUnifiedTlsSslDecryption("policyObjectUnifiedTlsSslDecryptionResource", new()
{
    RsaKeypairModules = "string",
    UnsupportedCipherSuites = "string",
    CertificateRevocationStatus = "string",
    UntrustedCertificate = "string",
    UnsupportedProtocolVersions = "string",
    EcKeyType = "string",
    ExpiredCertificate = "string",
    FailureMode = "string",
    CertificateLifetime = "string",
    MinimalTlsVer = "string",
    FeatureProfileId = "string",
    FileName = "string",
    BundleString = "string",
    UnknownRevocationStatus = "string",
    Name = "string",
    Description = "string",
    DefaultCaCertificateBundle = false,
});

example, err := sdwan.NewPolicyObjectUnifiedTlsSslDecryption(ctx, "policyObjectUnifiedTlsSslDecryptionResource", &sdwan.PolicyObjectUnifiedTlsSslDecryptionArgs{
	RsaKeypairModules:           pulumi.String("string"),
	UnsupportedCipherSuites:     pulumi.String("string"),
	CertificateRevocationStatus: pulumi.String("string"),
	UntrustedCertificate:        pulumi.String("string"),
	UnsupportedProtocolVersions: pulumi.String("string"),
	EcKeyType:                   pulumi.String("string"),
	ExpiredCertificate:          pulumi.String("string"),
	FailureMode:                 pulumi.String("string"),
	CertificateLifetime:         pulumi.String("string"),
	MinimalTlsVer:               pulumi.String("string"),
	FeatureProfileId:            pulumi.String("string"),
	FileName:                    pulumi.String("string"),
	BundleString:                pulumi.String("string"),
	UnknownRevocationStatus:     pulumi.String("string"),
	Name:                        pulumi.String("string"),
	Description:                 pulumi.String("string"),
	DefaultCaCertificateBundle:  pulumi.Bool(false),
})

var policyObjectUnifiedTlsSslDecryptionResource = new PolicyObjectUnifiedTlsSslDecryption("policyObjectUnifiedTlsSslDecryptionResource", PolicyObjectUnifiedTlsSslDecryptionArgs.builder()
    .rsaKeypairModules("string")
    .unsupportedCipherSuites("string")
    .certificateRevocationStatus("string")
    .untrustedCertificate("string")
    .unsupportedProtocolVersions("string")
    .ecKeyType("string")
    .expiredCertificate("string")
    .failureMode("string")
    .certificateLifetime("string")
    .minimalTlsVer("string")
    .featureProfileId("string")
    .fileName("string")
    .bundleString("string")
    .unknownRevocationStatus("string")
    .name("string")
    .description("string")
    .defaultCaCertificateBundle(false)
    .build());

policy_object_unified_tls_ssl_decryption_resource = sdwan.PolicyObjectUnifiedTlsSslDecryption("policyObjectUnifiedTlsSslDecryptionResource",
    rsa_keypair_modules="string",
    unsupported_cipher_suites="string",
    certificate_revocation_status="string",
    untrusted_certificate="string",
    unsupported_protocol_versions="string",
    ec_key_type="string",
    expired_certificate="string",
    failure_mode="string",
    certificate_lifetime="string",
    minimal_tls_ver="string",
    feature_profile_id="string",
    file_name="string",
    bundle_string="string",
    unknown_revocation_status="string",
    name="string",
    description="string",
    default_ca_certificate_bundle=False)

const policyObjectUnifiedTlsSslDecryptionResource = new sdwan.PolicyObjectUnifiedTlsSslDecryption("policyObjectUnifiedTlsSslDecryptionResource", {
    rsaKeypairModules: "string",
    unsupportedCipherSuites: "string",
    certificateRevocationStatus: "string",
    untrustedCertificate: "string",
    unsupportedProtocolVersions: "string",
    ecKeyType: "string",
    expiredCertificate: "string",
    failureMode: "string",
    certificateLifetime: "string",
    minimalTlsVer: "string",
    featureProfileId: "string",
    fileName: "string",
    bundleString: "string",
    unknownRevocationStatus: "string",
    name: "string",
    description: "string",
    defaultCaCertificateBundle: false,
});

type: sdwan:PolicyObjectUnifiedTlsSslDecryption
properties:
    bundleString: string
    certificateLifetime: string
    certificateRevocationStatus: string
    defaultCaCertificateBundle: false
    description: string
    ecKeyType: string
    expiredCertificate: string
    failureMode: string
    featureProfileId: string
    fileName: string
    minimalTlsVer: string
    name: string
    rsaKeypairModules: string
    unknownRevocationStatus: string
    unsupportedCipherSuites: string
    unsupportedProtocolVersions: string
    untrustedCertificate: string

PolicyObjectUnifiedTlsSslDecryption Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PolicyObjectUnifiedTlsSslDecryption resource accepts the following input properties:

CertificateLifetime string

If you have vManage as CA or vManage as intermediate CA, this value should be 1

CertificateRevocationStatus string

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

EcKeyType string

Choices: P256, P384, P521

ExpiredCertificate string

Choices: decrypt, drop

FailureMode string

Choices: close, open

FeatureProfileId string

Feature Profile ID

MinimalTlsVer string

Choices: TLSv1, TLSv1.1, TLSv1.2

RsaKeypairModules string

Choices: 1024, 2048, 4096

UnsupportedCipherSuites string

Choices: no-decrypt, drop

UnsupportedProtocolVersions string

Choices: no-decrypt, drop

UntrustedCertificate string

Choices: decrypt, drop

BundleString string

DefaultCaCertificateBundle bool

Description string

The description of the Policy_object

FileName string

Name string

The name of the Policy_object

UnknownRevocationStatus string

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

CertificateLifetime string

If you have vManage as CA or vManage as intermediate CA, this value should be 1

CertificateRevocationStatus string

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

EcKeyType string

Choices: P256, P384, P521

ExpiredCertificate string

Choices: decrypt, drop

FailureMode string

Choices: close, open

FeatureProfileId string

Feature Profile ID

MinimalTlsVer string

Choices: TLSv1, TLSv1.1, TLSv1.2

RsaKeypairModules string

Choices: 1024, 2048, 4096

UnsupportedCipherSuites string

Choices: no-decrypt, drop

UnsupportedProtocolVersions string

Choices: no-decrypt, drop

UntrustedCertificate string

Choices: decrypt, drop

BundleString string

DefaultCaCertificateBundle bool

Description string

The description of the Policy_object

FileName string

Name string

The name of the Policy_object

UnknownRevocationStatus string

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

certificateLifetime String

If you have vManage as CA or vManage as intermediate CA, this value should be 1

certificateRevocationStatus String

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

ecKeyType String

Choices: P256, P384, P521

expiredCertificate String

Choices: decrypt, drop

failureMode String

Choices: close, open

featureProfileId String

Feature Profile ID

minimalTlsVer String

Choices: TLSv1, TLSv1.1, TLSv1.2

rsaKeypairModules String

Choices: 1024, 2048, 4096

unsupportedCipherSuites String

Choices: no-decrypt, drop

unsupportedProtocolVersions String

Choices: no-decrypt, drop

untrustedCertificate String

Choices: decrypt, drop

bundleString String

defaultCaCertificateBundle Boolean

description String

The description of the Policy_object

fileName String

name String

The name of the Policy_object

unknownRevocationStatus String

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

certificateLifetime string

If you have vManage as CA or vManage as intermediate CA, this value should be 1

certificateRevocationStatus string

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

ecKeyType string

Choices: P256, P384, P521

expiredCertificate string

Choices: decrypt, drop

failureMode string

Choices: close, open

featureProfileId string

Feature Profile ID

minimalTlsVer string

Choices: TLSv1, TLSv1.1, TLSv1.2

rsaKeypairModules string

Choices: 1024, 2048, 4096

unsupportedCipherSuites string

Choices: no-decrypt, drop

unsupportedProtocolVersions string

Choices: no-decrypt, drop

untrustedCertificate string

Choices: decrypt, drop

bundleString string

defaultCaCertificateBundle boolean

description string

The description of the Policy_object

fileName string

name string

The name of the Policy_object

unknownRevocationStatus string

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

certificate_lifetime str

If you have vManage as CA or vManage as intermediate CA, this value should be 1

certificate_revocation_status str

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

ec_key_type str

Choices: P256, P384, P521

expired_certificate str

Choices: decrypt, drop

failure_mode str

Choices: close, open

feature_profile_id str

Feature Profile ID

minimal_tls_ver str

Choices: TLSv1, TLSv1.1, TLSv1.2

rsa_keypair_modules str

Choices: 1024, 2048, 4096

unsupported_cipher_suites str

Choices: no-decrypt, drop

unsupported_protocol_versions str

Choices: no-decrypt, drop

untrusted_certificate str

Choices: decrypt, drop

bundle_string str

default_ca_certificate_bundle bool

description str

The description of the Policy_object

file_name str

name str

The name of the Policy_object

unknown_revocation_status str

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

certificateLifetime String

If you have vManage as CA or vManage as intermediate CA, this value should be 1

certificateRevocationStatus String

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

ecKeyType String

Choices: P256, P384, P521

expiredCertificate String

Choices: decrypt, drop

failureMode String

Choices: close, open

featureProfileId String

Feature Profile ID

minimalTlsVer String

Choices: TLSv1, TLSv1.1, TLSv1.2

rsaKeypairModules String

Choices: 1024, 2048, 4096

unsupportedCipherSuites String

Choices: no-decrypt, drop

unsupportedProtocolVersions String

Choices: no-decrypt, drop

untrustedCertificate String

Choices: decrypt, drop

bundleString String

defaultCaCertificateBundle Boolean

description String

The description of the Policy_object

fileName String

name String

The name of the Policy_object

unknownRevocationStatus String

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

Outputs

All input properties are implicitly available as output properties. Additionally, the PolicyObjectUnifiedTlsSslDecryption resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Version int: The version of the Policy_object

Id string: The provider-assigned unique ID for this managed resource.
Version int: The version of the Policy_object

id String: The provider-assigned unique ID for this managed resource.
version Integer: The version of the Policy_object

id string: The provider-assigned unique ID for this managed resource.
version number: The version of the Policy_object

id str: The provider-assigned unique ID for this managed resource.
version int: The version of the Policy_object

id String: The provider-assigned unique ID for this managed resource.
version Number: The version of the Policy_object

Look up Existing PolicyObjectUnifiedTlsSslDecryption Resource

Get an existing PolicyObjectUnifiedTlsSslDecryption resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PolicyObjectUnifiedTlsSslDecryptionState, opts?: CustomResourceOptions): PolicyObjectUnifiedTlsSslDecryption

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        bundle_string: Optional[str] = None,
        certificate_lifetime: Optional[str] = None,
        certificate_revocation_status: Optional[str] = None,
        default_ca_certificate_bundle: Optional[bool] = None,
        description: Optional[str] = None,
        ec_key_type: Optional[str] = None,
        expired_certificate: Optional[str] = None,
        failure_mode: Optional[str] = None,
        feature_profile_id: Optional[str] = None,
        file_name: Optional[str] = None,
        minimal_tls_ver: Optional[str] = None,
        name: Optional[str] = None,
        rsa_keypair_modules: Optional[str] = None,
        unknown_revocation_status: Optional[str] = None,
        unsupported_cipher_suites: Optional[str] = None,
        unsupported_protocol_versions: Optional[str] = None,
        untrusted_certificate: Optional[str] = None,
        version: Optional[int] = None) -> PolicyObjectUnifiedTlsSslDecryption

func GetPolicyObjectUnifiedTlsSslDecryption(ctx *Context, name string, id IDInput, state *PolicyObjectUnifiedTlsSslDecryptionState, opts ...ResourceOption) (*PolicyObjectUnifiedTlsSslDecryption, error)

public static PolicyObjectUnifiedTlsSslDecryption Get(string name, Input<string> id, PolicyObjectUnifiedTlsSslDecryptionState? state, CustomResourceOptions? opts = null)

public static PolicyObjectUnifiedTlsSslDecryption get(String name, Output<String> id, PolicyObjectUnifiedTlsSslDecryptionState state, CustomResourceOptions options)

resources:  _:    type: sdwan:PolicyObjectUnifiedTlsSslDecryption    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

BundleString string

CertificateLifetime string

If you have vManage as CA or vManage as intermediate CA, this value should be 1

CertificateRevocationStatus string

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

DefaultCaCertificateBundle bool

Description string

The description of the Policy_object

EcKeyType string

Choices: P256, P384, P521

ExpiredCertificate string

Choices: decrypt, drop

FailureMode string

Choices: close, open

FeatureProfileId string

Feature Profile ID

FileName string

MinimalTlsVer string

Choices: TLSv1, TLSv1.1, TLSv1.2

Name string

The name of the Policy_object

RsaKeypairModules string

Choices: 1024, 2048, 4096

UnknownRevocationStatus string

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

UnsupportedCipherSuites string

Choices: no-decrypt, drop

UnsupportedProtocolVersions string

Choices: no-decrypt, drop

UntrustedCertificate string

Choices: decrypt, drop

Version int

The version of the Policy_object

BundleString string

CertificateLifetime string

If you have vManage as CA or vManage as intermediate CA, this value should be 1

CertificateRevocationStatus string

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

DefaultCaCertificateBundle bool

Description string

The description of the Policy_object

EcKeyType string

Choices: P256, P384, P521

ExpiredCertificate string

Choices: decrypt, drop

FailureMode string

Choices: close, open

FeatureProfileId string

Feature Profile ID

FileName string

MinimalTlsVer string

Choices: TLSv1, TLSv1.1, TLSv1.2

Name string

The name of the Policy_object

RsaKeypairModules string

Choices: 1024, 2048, 4096

UnknownRevocationStatus string

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

UnsupportedCipherSuites string

Choices: no-decrypt, drop

UnsupportedProtocolVersions string

Choices: no-decrypt, drop

UntrustedCertificate string

Choices: decrypt, drop

Version int

The version of the Policy_object

bundleString String

certificateLifetime String

If you have vManage as CA or vManage as intermediate CA, this value should be 1

certificateRevocationStatus String

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

defaultCaCertificateBundle Boolean

description String

The description of the Policy_object

ecKeyType String

Choices: P256, P384, P521

expiredCertificate String

Choices: decrypt, drop

failureMode String

Choices: close, open

featureProfileId String

Feature Profile ID

fileName String

minimalTlsVer String

Choices: TLSv1, TLSv1.1, TLSv1.2

name String

The name of the Policy_object

rsaKeypairModules String

Choices: 1024, 2048, 4096

unknownRevocationStatus String

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

unsupportedCipherSuites String

Choices: no-decrypt, drop

unsupportedProtocolVersions String

Choices: no-decrypt, drop

untrustedCertificate String

Choices: decrypt, drop

version Integer

The version of the Policy_object

bundleString string

certificateLifetime string

If you have vManage as CA or vManage as intermediate CA, this value should be 1

certificateRevocationStatus string

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

defaultCaCertificateBundle boolean

description string

The description of the Policy_object

ecKeyType string

Choices: P256, P384, P521

expiredCertificate string

Choices: decrypt, drop

failureMode string

Choices: close, open

featureProfileId string

Feature Profile ID

fileName string

minimalTlsVer string

Choices: TLSv1, TLSv1.1, TLSv1.2

name string

The name of the Policy_object

rsaKeypairModules string

Choices: 1024, 2048, 4096

unknownRevocationStatus string

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

unsupportedCipherSuites string

Choices: no-decrypt, drop

unsupportedProtocolVersions string

Choices: no-decrypt, drop

untrustedCertificate string

Choices: decrypt, drop

version number

The version of the Policy_object

bundle_string str

certificate_lifetime str

If you have vManage as CA or vManage as intermediate CA, this value should be 1

certificate_revocation_status str

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

default_ca_certificate_bundle bool

description str

The description of the Policy_object

ec_key_type str

Choices: P256, P384, P521

expired_certificate str

Choices: decrypt, drop

failure_mode str

Choices: close, open

feature_profile_id str

Feature Profile ID

file_name str

minimal_tls_ver str

Choices: TLSv1, TLSv1.1, TLSv1.2

name str

The name of the Policy_object

rsa_keypair_modules str

Choices: 1024, 2048, 4096

unknown_revocation_status str

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

unsupported_cipher_suites str

Choices: no-decrypt, drop

unsupported_protocol_versions str

Choices: no-decrypt, drop

untrusted_certificate str

Choices: decrypt, drop

version int

The version of the Policy_object

bundleString String

certificateLifetime String

If you have vManage as CA or vManage as intermediate CA, this value should be 1

certificateRevocationStatus String

If value is none unknown status not required, if value is ocsp then unknown status is required

Choices: ocsp, none

defaultCaCertificateBundle Boolean

description String

The description of the Policy_object

ecKeyType String

Choices: P256, P384, P521

expiredCertificate String

Choices: decrypt, drop

failureMode String

Choices: close, open

featureProfileId String

Feature Profile ID

fileName String

minimalTlsVer String

Choices: TLSv1, TLSv1.1, TLSv1.2

name String

The name of the Policy_object

rsaKeypairModules String

Choices: 1024, 2048, 4096

unknownRevocationStatus String

Only required if certificateRevocationStatus is oscp, if value is none then field shouldn't be here, Attribute conditional on certificate_revocation_status being equal to ocsp

Choices: decrypt, drop

unsupportedCipherSuites String

Choices: no-decrypt, drop

unsupportedProtocolVersions String

Choices: no-decrypt, drop

untrustedCertificate String

Choices: decrypt, drop

version Number

The version of the Policy_object

Import

The pulumi import command can be used, for example:

Expected import identifier with the format: “policy_object_unified_tls_ssl_decryption_id,feature_profile_id”

$ pulumi import sdwan:index/policyObjectUnifiedTlsSslDecryption:PolicyObjectUnifiedTlsSslDecryption example "f6b2c44c-693c-4763-b010-895aa3d236bd,f6dd22c8-0b4f-496c-9a0b-6813d1f8b8ac"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: sdwan pulumi/pulumi-sdwan
License: Apache-2.0
Notes: This Pulumi package is based on the sdwan Terraform Provider.

Cisco Catalyst SD-WAN v0.5.1 published on Tuesday, Nov 4, 2025 by Pulumi

pulumi/pulumi-sdwan

sdwan.PolicyObjectUnifiedTlsSslDecryption

On this page

On this page

Example Usage

Create PolicyObjectUnifiedTlsSslDecryption Resource

Constructor syntax

Parameters

Constructor example

PolicyObjectUnifiedTlsSslDecryption Resource Properties

Inputs

Outputs

Look up Existing PolicyObjectUnifiedTlsSslDecryption Resource

Import

Package Details

On this page

On this page