diff --git a/specs/objects/profiles/security-profile-antivirus.yaml b/specs/objects/profiles/security/antivirus.yaml similarity index 85% rename from specs/objects/profiles/security-profile-antivirus.yaml rename to specs/objects/profiles/security/antivirus.yaml index 0de0f55e..d834c9db 100644 --- a/specs/objects/profiles/security-profile-antivirus.yaml +++ b/specs/objects/profiles/security/antivirus.yaml @@ -32,67 +32,67 @@ locations: validators: [] required: false read_only: false -- name: vsys +- name: device-group xpath: path: - config - devices - - $ngfw_device - - vsys - - $vsys + - $panorama_device + - device-group + - $device_group vars: - - name: ngfw_device - description: The NGFW device name + - name: panorama_device + description: Panorama device name required: false default: localhost.localdomain validators: [] type: entry - - name: vsys - description: The Virtual System name - required: false - default: vsys1 + - name: device_group + description: Device Group name + required: true validators: - type: not-values spec: values: - value: shared - error: The vsys name cannot be "shared". Use the "shared" location instead + error: The device group name cannot be "shared". Use the "shared" location + instead type: entry - description: Located in a specific Virtual System + description: Located in a specific Device Group devices: - - ngfw - panorama validators: [] required: false read_only: false -- name: device-group +- name: vsys xpath: path: - config - devices - - $panorama_device - - device-group - - $device_group + - $ngfw_device + - vsys + - $vsys vars: - - name: panorama_device - description: Panorama device name + - name: ngfw_device + description: The NGFW device name required: false default: localhost.localdomain validators: [] type: entry - - name: device_group - description: Device Group name - required: true + - name: vsys + description: The Virtual System name + required: false + default: vsys1 validators: - type: not-values spec: values: - value: shared - error: The device group name cannot be "shared". Use the "shared" location - instead + error: The vsys name cannot be "shared". Use the "shared" location instead type: entry - description: Located in a specific Device Group + description: Located in a specific Virtual System devices: + - ngfw - panorama validators: [] required: false @@ -144,10 +144,12 @@ spec: - value: reset-client - value: reset-server - value: reset-both - description: '' + description: 'Action for application exception. Valid values are: `default` + (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, + or `reset-both`' required: false variants: [] - description: Application exceptions. + description: Application exceptions required: false codegen_overrides: terraform: @@ -192,7 +194,9 @@ spec: - value: reset-client - value: reset-server - value: reset-both - description: '' + description: 'Action for standard antivirus signatures. Valid values are: + `default` (default), `allow`, `alert`, `drop`, `reset-client`, `reset-server`, + or `reset-both`' required: false - name: wildfire-action type: enum @@ -220,7 +224,9 @@ spec: - value: reset-client - value: reset-server - value: reset-both - description: '' + description: 'Action for signatures generated by the WildFire system. + Valid values are: `default` (default), `allow`, `alert`, `drop`, `reset-client`, + `reset-server`, or `reset-both`' required: false - name: mlav-action type: enum @@ -248,13 +254,15 @@ spec: - value: reset-client - value: reset-server - value: reset-both - description: '' + description: 'Action for malicious threats detected in real-time by the + WildFire Inline ML models. Valid values are: `default` (default), `allow`, + `alert`, `drop`, `reset-client`, `reset-server`, or `reset-both`' required: false codegen_overrides: terraform: name: ml-action variants: [] - description: Protocol decoders. + description: Protocol decoders required: false codegen_overrides: terraform: @@ -270,7 +278,7 @@ spec: min: 0 max: 255 spec: {} - description: Profile description. + description: Profile description required: false - name: disable-override type: enum @@ -288,7 +296,7 @@ spec: values: - value: 'yes' - value: 'no' - description: disable object override in child device groups + description: Disable object override in child device groups required: false - name: mlav-engine-filebased-enabled type: list @@ -321,13 +329,14 @@ spec: - value: enable - value: enable(alert-only) - value: disable - description: '' + description: 'Action for ML model antivirus signatures. Valid values are: + `enable`, `enable(alert-only)`, or `disable`' required: false codegen_overrides: terraform: name: action variants: [] - description: Machine learining models. + description: Machine learning models required: false codegen_overrides: terraform: @@ -357,7 +366,7 @@ spec: min: 0 max: 255 spec: {} - description: '' + description: File name to exclude from enforcement required: false - name: description type: string @@ -370,7 +379,7 @@ spec: min: 0 max: 255 spec: {} - description: Profile description. + description: Exception description required: false variants: [] description: Exceptions for ML based file scans. @@ -385,7 +394,7 @@ spec: - packet-capture validators: [] spec: {} - description: Enable packet capture. + description: Enable packet capture required: false - name: threat-exception type: list @@ -402,7 +411,7 @@ spec: spec: params: [] variants: [] - description: Exceptions for specific threats. + description: Exceptions for specific threats required: false codegen_overrides: terraform: @@ -414,6 +423,6 @@ spec: - wfrt-hold-mode validators: [] spec: {} - description: '' + description: Enable hold mode for WildFire real time signature lookup required: false variants: []