fortios.system.Csf
Explore with Pulumi AI
Add this FortiGate to a Security Fabric or set up a new Security Fabric on this FortiGate.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";
const trname = new fortios.system.Csf("trname", {
configurationSync: "default",
groupPassword: "tmp",
managementIp: "0.0.0.0",
managementPort: 33,
status: "disable",
upstreamIp: "0.0.0.0",
upstreamPort: 8013,
});
import pulumi
import pulumiverse_fortios as fortios
trname = fortios.system.Csf("trname",
configuration_sync="default",
group_password="tmp",
management_ip="0.0.0.0",
management_port=33,
status="disable",
upstream_ip="0.0.0.0",
upstream_port=8013)
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/system"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := system.NewCsf(ctx, "trname", &system.CsfArgs{
ConfigurationSync: pulumi.String("default"),
GroupPassword: pulumi.String("tmp"),
ManagementIp: pulumi.String("0.0.0.0"),
ManagementPort: pulumi.Int(33),
Status: pulumi.String("disable"),
UpstreamIp: pulumi.String("0.0.0.0"),
UpstreamPort: pulumi.Int(8013),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;
return await Deployment.RunAsync(() =>
{
var trname = new Fortios.System.Csf("trname", new()
{
ConfigurationSync = "default",
GroupPassword = "tmp",
ManagementIp = "0.0.0.0",
ManagementPort = 33,
Status = "disable",
UpstreamIp = "0.0.0.0",
UpstreamPort = 8013,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.system.Csf;
import com.pulumi.fortios.system.CsfArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var trname = new Csf("trname", CsfArgs.builder()
.configurationSync("default")
.groupPassword("tmp")
.managementIp("0.0.0.0")
.managementPort(33)
.status("disable")
.upstreamIp("0.0.0.0")
.upstreamPort(8013)
.build());
}
}
resources:
trname:
type: fortios:system:Csf
properties:
configurationSync: default
groupPassword: tmp
managementIp: 0.0.0.0
managementPort: 33
status: disable
upstreamIp: 0.0.0.0
upstreamPort: 8013
Create Csf Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Csf(name: string, args: CsfArgs, opts?: CustomResourceOptions);
@overload
def Csf(resource_name: str,
args: CsfArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Csf(resource_name: str,
opts: Optional[ResourceOptions] = None,
status: Optional[str] = None,
fabric_devices: Optional[Sequence[CsfFabricDeviceArgs]] = None,
upstream_ip: Optional[str] = None,
configuration_sync: Optional[str] = None,
downstream_access: Optional[str] = None,
downstream_accprofile: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
group_name: Optional[str] = None,
accept_auth_by_cert: Optional[str] = None,
fabric_object_unification: Optional[str] = None,
fabric_workers: Optional[int] = None,
file_mgmt: Optional[str] = None,
file_quota: Optional[int] = None,
file_quota_warning: Optional[int] = None,
fixed_key: Optional[str] = None,
vdomparam: Optional[str] = None,
certificate: Optional[str] = None,
fabric_connectors: Optional[Sequence[CsfFabricConnectorArgs]] = None,
group_password: Optional[str] = None,
log_unification: Optional[str] = None,
management_ip: Optional[str] = None,
management_port: Optional[int] = None,
saml_configuration_sync: Optional[str] = None,
source_ip: Optional[str] = None,
authorization_request_type: Optional[str] = None,
trusted_lists: Optional[Sequence[CsfTrustedListArgs]] = None,
uid: Optional[str] = None,
upstream: Optional[str] = None,
upstream_interface: Optional[str] = None,
upstream_interface_select_method: Optional[str] = None,
get_all_tables: Optional[str] = None,
upstream_port: Optional[int] = None,
forticloud_account_enforcement: Optional[str] = None)
func NewCsf(ctx *Context, name string, args CsfArgs, opts ...ResourceOption) (*Csf, error)
public Csf(string name, CsfArgs args, CustomResourceOptions? opts = null)
type: fortios:system:Csf
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CsfArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CsfArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CsfArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CsfArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CsfArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var csfResource = new Fortios.System.Csf("csfResource", new()
{
Status = "string",
FabricDevices = new[]
{
new Fortios.System.Inputs.CsfFabricDeviceArgs
{
AccessToken = "string",
DeviceIp = "string",
DeviceType = "string",
HttpsPort = 0,
Login = "string",
Name = "string",
Password = "string",
},
},
UpstreamIp = "string",
ConfigurationSync = "string",
DownstreamAccess = "string",
DownstreamAccprofile = "string",
DynamicSortSubtable = "string",
GroupName = "string",
AcceptAuthByCert = "string",
FabricObjectUnification = "string",
FabricWorkers = 0,
FileMgmt = "string",
FileQuota = 0,
FileQuotaWarning = 0,
FixedKey = "string",
Vdomparam = "string",
Certificate = "string",
FabricConnectors = new[]
{
new Fortios.System.Inputs.CsfFabricConnectorArgs
{
Accprofile = "string",
ConfigurationWriteAccess = "string",
Serial = "string",
Vdoms = new[]
{
new Fortios.System.Inputs.CsfFabricConnectorVdomArgs
{
Name = "string",
},
},
},
},
GroupPassword = "string",
LogUnification = "string",
ManagementIp = "string",
ManagementPort = 0,
SamlConfigurationSync = "string",
SourceIp = "string",
AuthorizationRequestType = "string",
TrustedLists = new[]
{
new Fortios.System.Inputs.CsfTrustedListArgs
{
Action = "string",
AuthorizationType = "string",
Certificate = "string",
DownstreamAuthorization = "string",
HaMembers = "string",
Index = 0,
Name = "string",
Serial = "string",
},
},
Uid = "string",
Upstream = "string",
UpstreamInterface = "string",
UpstreamInterfaceSelectMethod = "string",
GetAllTables = "string",
UpstreamPort = 0,
ForticloudAccountEnforcement = "string",
});
example, err := system.NewCsf(ctx, "csfResource", &system.CsfArgs{
Status: pulumi.String("string"),
FabricDevices: system.CsfFabricDeviceArray{
&system.CsfFabricDeviceArgs{
AccessToken: pulumi.String("string"),
DeviceIp: pulumi.String("string"),
DeviceType: pulumi.String("string"),
HttpsPort: pulumi.Int(0),
Login: pulumi.String("string"),
Name: pulumi.String("string"),
Password: pulumi.String("string"),
},
},
UpstreamIp: pulumi.String("string"),
ConfigurationSync: pulumi.String("string"),
DownstreamAccess: pulumi.String("string"),
DownstreamAccprofile: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
GroupName: pulumi.String("string"),
AcceptAuthByCert: pulumi.String("string"),
FabricObjectUnification: pulumi.String("string"),
FabricWorkers: pulumi.Int(0),
FileMgmt: pulumi.String("string"),
FileQuota: pulumi.Int(0),
FileQuotaWarning: pulumi.Int(0),
FixedKey: pulumi.String("string"),
Vdomparam: pulumi.String("string"),
Certificate: pulumi.String("string"),
FabricConnectors: system.CsfFabricConnectorArray{
&system.CsfFabricConnectorArgs{
Accprofile: pulumi.String("string"),
ConfigurationWriteAccess: pulumi.String("string"),
Serial: pulumi.String("string"),
Vdoms: system.CsfFabricConnectorVdomArray{
&system.CsfFabricConnectorVdomArgs{
Name: pulumi.String("string"),
},
},
},
},
GroupPassword: pulumi.String("string"),
LogUnification: pulumi.String("string"),
ManagementIp: pulumi.String("string"),
ManagementPort: pulumi.Int(0),
SamlConfigurationSync: pulumi.String("string"),
SourceIp: pulumi.String("string"),
AuthorizationRequestType: pulumi.String("string"),
TrustedLists: system.CsfTrustedListArray{
&system.CsfTrustedListArgs{
Action: pulumi.String("string"),
AuthorizationType: pulumi.String("string"),
Certificate: pulumi.String("string"),
DownstreamAuthorization: pulumi.String("string"),
HaMembers: pulumi.String("string"),
Index: pulumi.Int(0),
Name: pulumi.String("string"),
Serial: pulumi.String("string"),
},
},
Uid: pulumi.String("string"),
Upstream: pulumi.String("string"),
UpstreamInterface: pulumi.String("string"),
UpstreamInterfaceSelectMethod: pulumi.String("string"),
GetAllTables: pulumi.String("string"),
UpstreamPort: pulumi.Int(0),
ForticloudAccountEnforcement: pulumi.String("string"),
})
var csfResource = new Csf("csfResource", CsfArgs.builder()
.status("string")
.fabricDevices(CsfFabricDeviceArgs.builder()
.accessToken("string")
.deviceIp("string")
.deviceType("string")
.httpsPort(0)
.login("string")
.name("string")
.password("string")
.build())
.upstreamIp("string")
.configurationSync("string")
.downstreamAccess("string")
.downstreamAccprofile("string")
.dynamicSortSubtable("string")
.groupName("string")
.acceptAuthByCert("string")
.fabricObjectUnification("string")
.fabricWorkers(0)
.fileMgmt("string")
.fileQuota(0)
.fileQuotaWarning(0)
.fixedKey("string")
.vdomparam("string")
.certificate("string")
.fabricConnectors(CsfFabricConnectorArgs.builder()
.accprofile("string")
.configurationWriteAccess("string")
.serial("string")
.vdoms(CsfFabricConnectorVdomArgs.builder()
.name("string")
.build())
.build())
.groupPassword("string")
.logUnification("string")
.managementIp("string")
.managementPort(0)
.samlConfigurationSync("string")
.sourceIp("string")
.authorizationRequestType("string")
.trustedLists(CsfTrustedListArgs.builder()
.action("string")
.authorizationType("string")
.certificate("string")
.downstreamAuthorization("string")
.haMembers("string")
.index(0)
.name("string")
.serial("string")
.build())
.uid("string")
.upstream("string")
.upstreamInterface("string")
.upstreamInterfaceSelectMethod("string")
.getAllTables("string")
.upstreamPort(0)
.forticloudAccountEnforcement("string")
.build());
csf_resource = fortios.system.Csf("csfResource",
status="string",
fabric_devices=[{
"access_token": "string",
"device_ip": "string",
"device_type": "string",
"https_port": 0,
"login": "string",
"name": "string",
"password": "string",
}],
upstream_ip="string",
configuration_sync="string",
downstream_access="string",
downstream_accprofile="string",
dynamic_sort_subtable="string",
group_name="string",
accept_auth_by_cert="string",
fabric_object_unification="string",
fabric_workers=0,
file_mgmt="string",
file_quota=0,
file_quota_warning=0,
fixed_key="string",
vdomparam="string",
certificate="string",
fabric_connectors=[{
"accprofile": "string",
"configuration_write_access": "string",
"serial": "string",
"vdoms": [{
"name": "string",
}],
}],
group_password="string",
log_unification="string",
management_ip="string",
management_port=0,
saml_configuration_sync="string",
source_ip="string",
authorization_request_type="string",
trusted_lists=[{
"action": "string",
"authorization_type": "string",
"certificate": "string",
"downstream_authorization": "string",
"ha_members": "string",
"index": 0,
"name": "string",
"serial": "string",
}],
uid="string",
upstream="string",
upstream_interface="string",
upstream_interface_select_method="string",
get_all_tables="string",
upstream_port=0,
forticloud_account_enforcement="string")
const csfResource = new fortios.system.Csf("csfResource", {
status: "string",
fabricDevices: [{
accessToken: "string",
deviceIp: "string",
deviceType: "string",
httpsPort: 0,
login: "string",
name: "string",
password: "string",
}],
upstreamIp: "string",
configurationSync: "string",
downstreamAccess: "string",
downstreamAccprofile: "string",
dynamicSortSubtable: "string",
groupName: "string",
acceptAuthByCert: "string",
fabricObjectUnification: "string",
fabricWorkers: 0,
fileMgmt: "string",
fileQuota: 0,
fileQuotaWarning: 0,
fixedKey: "string",
vdomparam: "string",
certificate: "string",
fabricConnectors: [{
accprofile: "string",
configurationWriteAccess: "string",
serial: "string",
vdoms: [{
name: "string",
}],
}],
groupPassword: "string",
logUnification: "string",
managementIp: "string",
managementPort: 0,
samlConfigurationSync: "string",
sourceIp: "string",
authorizationRequestType: "string",
trustedLists: [{
action: "string",
authorizationType: "string",
certificate: "string",
downstreamAuthorization: "string",
haMembers: "string",
index: 0,
name: "string",
serial: "string",
}],
uid: "string",
upstream: "string",
upstreamInterface: "string",
upstreamInterfaceSelectMethod: "string",
getAllTables: "string",
upstreamPort: 0,
forticloudAccountEnforcement: "string",
});
type: fortios:system:Csf
properties:
acceptAuthByCert: string
authorizationRequestType: string
certificate: string
configurationSync: string
downstreamAccess: string
downstreamAccprofile: string
dynamicSortSubtable: string
fabricConnectors:
- accprofile: string
configurationWriteAccess: string
serial: string
vdoms:
- name: string
fabricDevices:
- accessToken: string
deviceIp: string
deviceType: string
httpsPort: 0
login: string
name: string
password: string
fabricObjectUnification: string
fabricWorkers: 0
fileMgmt: string
fileQuota: 0
fileQuotaWarning: 0
fixedKey: string
forticloudAccountEnforcement: string
getAllTables: string
groupName: string
groupPassword: string
logUnification: string
managementIp: string
managementPort: 0
samlConfigurationSync: string
sourceIp: string
status: string
trustedLists:
- action: string
authorizationType: string
certificate: string
downstreamAuthorization: string
haMembers: string
index: 0
name: string
serial: string
uid: string
upstream: string
upstreamInterface: string
upstreamInterfaceSelectMethod: string
upstreamIp: string
upstreamPort: 0
vdomparam: string
Csf Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Csf resource accepts the following input properties:
- Status string
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - Accept
Auth stringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - string
- Authorization request type. Valid values:
serial
,certificate
. - Certificate string
- Certificate.
- Configuration
Sync string - Configuration sync mode. Valid values:
default
,local
. - Downstream
Access string - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - Downstream
Accprofile string - Default access profile for requests from downstream devices.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Fabric
Connectors List<Pulumiverse.Fortios. System. Inputs. Csf Fabric Connector> - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - Fabric
Devices List<Pulumiverse.Fortios. System. Inputs. Csf Fabric Device> - Fabric device configuration. The structure of
fabric_device
block is documented below. - Fabric
Object stringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - Fabric
Workers int - Number of worker processes for Security Fabric daemon.
- File
Mgmt string - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - File
Quota int - Maximum amount of memory that can be used by the daemon files (in bytes).
- File
Quota intWarning - Warn when the set percentage of quota has been used.
- Fixed
Key string - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- Forticloud
Account stringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Group
Name string - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- Group
Password string - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- Log
Unification string - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - Management
Ip string - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- Management
Port int - Overriding port for management connection (Overrides admin port).
- Saml
Configuration stringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - Source
Ip string - Source IP address for communication with the upstream FortiGate.
- Trusted
Lists List<Pulumiverse.Fortios. System. Inputs. Csf Trusted List> - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - Uid string
- Unique ID of the current CSF node
- Upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- Upstream
Interface string - Specify outgoing interface to reach server.
- Upstream
Interface stringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - Upstream
Ip string - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- Upstream
Port int - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Status string
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - Accept
Auth stringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - string
- Authorization request type. Valid values:
serial
,certificate
. - Certificate string
- Certificate.
- Configuration
Sync string - Configuration sync mode. Valid values:
default
,local
. - Downstream
Access string - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - Downstream
Accprofile string - Default access profile for requests from downstream devices.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Fabric
Connectors []CsfFabric Connector Args - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - Fabric
Devices []CsfFabric Device Args - Fabric device configuration. The structure of
fabric_device
block is documented below. - Fabric
Object stringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - Fabric
Workers int - Number of worker processes for Security Fabric daemon.
- File
Mgmt string - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - File
Quota int - Maximum amount of memory that can be used by the daemon files (in bytes).
- File
Quota intWarning - Warn when the set percentage of quota has been used.
- Fixed
Key string - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- Forticloud
Account stringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Group
Name string - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- Group
Password string - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- Log
Unification string - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - Management
Ip string - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- Management
Port int - Overriding port for management connection (Overrides admin port).
- Saml
Configuration stringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - Source
Ip string - Source IP address for communication with the upstream FortiGate.
- Trusted
Lists []CsfTrusted List Args - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - Uid string
- Unique ID of the current CSF node
- Upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- Upstream
Interface string - Specify outgoing interface to reach server.
- Upstream
Interface stringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - Upstream
Ip string - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- Upstream
Port int - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- status String
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - accept
Auth StringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - String
- Authorization request type. Valid values:
serial
,certificate
. - certificate String
- Certificate.
- configuration
Sync String - Configuration sync mode. Valid values:
default
,local
. - downstream
Access String - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - downstream
Accprofile String - Default access profile for requests from downstream devices.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- fabric
Connectors List<CsfFabric Connector> - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - fabric
Devices List<CsfFabric Device> - Fabric device configuration. The structure of
fabric_device
block is documented below. - fabric
Object StringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - fabric
Workers Integer - Number of worker processes for Security Fabric daemon.
- file
Mgmt String - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - file
Quota Integer - Maximum amount of memory that can be used by the daemon files (in bytes).
- file
Quota IntegerWarning - Warn when the set percentage of quota has been used.
- fixed
Key String - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud
Account StringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- group
Name String - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group
Password String - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log
Unification String - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - management
Ip String - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- management
Port Integer - Overriding port for management connection (Overrides admin port).
- saml
Configuration StringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - source
Ip String - Source IP address for communication with the upstream FortiGate.
- trusted
Lists List<CsfTrusted List> - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - uid String
- Unique ID of the current CSF node
- upstream String
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Interface String - Specify outgoing interface to reach server.
- upstream
Interface StringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - upstream
Ip String - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Port Integer - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- status string
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - accept
Auth stringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - string
- Authorization request type. Valid values:
serial
,certificate
. - certificate string
- Certificate.
- configuration
Sync string - Configuration sync mode. Valid values:
default
,local
. - downstream
Access string - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - downstream
Accprofile string - Default access profile for requests from downstream devices.
- dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- fabric
Connectors CsfFabric Connector[] - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - fabric
Devices CsfFabric Device[] - Fabric device configuration. The structure of
fabric_device
block is documented below. - fabric
Object stringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - fabric
Workers number - Number of worker processes for Security Fabric daemon.
- file
Mgmt string - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - file
Quota number - Maximum amount of memory that can be used by the daemon files (in bytes).
- file
Quota numberWarning - Warn when the set percentage of quota has been used.
- fixed
Key string - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud
Account stringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- group
Name string - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group
Password string - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log
Unification string - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - management
Ip string - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- management
Port number - Overriding port for management connection (Overrides admin port).
- saml
Configuration stringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - source
Ip string - Source IP address for communication with the upstream FortiGate.
- trusted
Lists CsfTrusted List[] - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - uid string
- Unique ID of the current CSF node
- upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Interface string - Specify outgoing interface to reach server.
- upstream
Interface stringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - upstream
Ip string - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Port number - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- status str
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - accept_
auth_ strby_ cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - str
- Authorization request type. Valid values:
serial
,certificate
. - certificate str
- Certificate.
- configuration_
sync str - Configuration sync mode. Valid values:
default
,local
. - downstream_
access str - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - downstream_
accprofile str - Default access profile for requests from downstream devices.
- dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- fabric_
connectors Sequence[CsfFabric Connector Args] - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - fabric_
devices Sequence[CsfFabric Device Args] - Fabric device configuration. The structure of
fabric_device
block is documented below. - fabric_
object_ strunification - Fabric CMDB Object Unification Valid values:
default
,local
. - fabric_
workers int - Number of worker processes for Security Fabric daemon.
- file_
mgmt str - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - file_
quota int - Maximum amount of memory that can be used by the daemon files (in bytes).
- file_
quota_ intwarning - Warn when the set percentage of quota has been used.
- fixed_
key str - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud_
account_ strenforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- group_
name str - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group_
password str - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log_
unification str - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - management_
ip str - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- management_
port int - Overriding port for management connection (Overrides admin port).
- saml_
configuration_ strsync - SAML setting configuration synchronization. Valid values:
default
,local
. - source_
ip str - Source IP address for communication with the upstream FortiGate.
- trusted_
lists Sequence[CsfTrusted List Args] - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - uid str
- Unique ID of the current CSF node
- upstream str
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream_
interface str - Specify outgoing interface to reach server.
- upstream_
interface_ strselect_ method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - upstream_
ip str - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream_
port int - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- status String
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - accept
Auth StringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - String
- Authorization request type. Valid values:
serial
,certificate
. - certificate String
- Certificate.
- configuration
Sync String - Configuration sync mode. Valid values:
default
,local
. - downstream
Access String - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - downstream
Accprofile String - Default access profile for requests from downstream devices.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- fabric
Connectors List<Property Map> - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - fabric
Devices List<Property Map> - Fabric device configuration. The structure of
fabric_device
block is documented below. - fabric
Object StringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - fabric
Workers Number - Number of worker processes for Security Fabric daemon.
- file
Mgmt String - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - file
Quota Number - Maximum amount of memory that can be used by the daemon files (in bytes).
- file
Quota NumberWarning - Warn when the set percentage of quota has been used.
- fixed
Key String - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud
Account StringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- group
Name String - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group
Password String - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log
Unification String - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - management
Ip String - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- management
Port Number - Overriding port for management connection (Overrides admin port).
- saml
Configuration StringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - source
Ip String - Source IP address for communication with the upstream FortiGate.
- trusted
Lists List<Property Map> - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - uid String
- Unique ID of the current CSF node
- upstream String
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Interface String - Specify outgoing interface to reach server.
- upstream
Interface StringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - upstream
Ip String - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Port Number - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Outputs
All input properties are implicitly available as output properties. Additionally, the Csf resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Csf Resource
Get an existing Csf resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CsfState, opts?: CustomResourceOptions): Csf
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
accept_auth_by_cert: Optional[str] = None,
authorization_request_type: Optional[str] = None,
certificate: Optional[str] = None,
configuration_sync: Optional[str] = None,
downstream_access: Optional[str] = None,
downstream_accprofile: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
fabric_connectors: Optional[Sequence[CsfFabricConnectorArgs]] = None,
fabric_devices: Optional[Sequence[CsfFabricDeviceArgs]] = None,
fabric_object_unification: Optional[str] = None,
fabric_workers: Optional[int] = None,
file_mgmt: Optional[str] = None,
file_quota: Optional[int] = None,
file_quota_warning: Optional[int] = None,
fixed_key: Optional[str] = None,
forticloud_account_enforcement: Optional[str] = None,
get_all_tables: Optional[str] = None,
group_name: Optional[str] = None,
group_password: Optional[str] = None,
log_unification: Optional[str] = None,
management_ip: Optional[str] = None,
management_port: Optional[int] = None,
saml_configuration_sync: Optional[str] = None,
source_ip: Optional[str] = None,
status: Optional[str] = None,
trusted_lists: Optional[Sequence[CsfTrustedListArgs]] = None,
uid: Optional[str] = None,
upstream: Optional[str] = None,
upstream_interface: Optional[str] = None,
upstream_interface_select_method: Optional[str] = None,
upstream_ip: Optional[str] = None,
upstream_port: Optional[int] = None,
vdomparam: Optional[str] = None) -> Csf
func GetCsf(ctx *Context, name string, id IDInput, state *CsfState, opts ...ResourceOption) (*Csf, error)
public static Csf Get(string name, Input<string> id, CsfState? state, CustomResourceOptions? opts = null)
public static Csf get(String name, Output<String> id, CsfState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Accept
Auth stringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - string
- Authorization request type. Valid values:
serial
,certificate
. - Certificate string
- Certificate.
- Configuration
Sync string - Configuration sync mode. Valid values:
default
,local
. - Downstream
Access string - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - Downstream
Accprofile string - Default access profile for requests from downstream devices.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Fabric
Connectors List<Pulumiverse.Fortios. System. Inputs. Csf Fabric Connector> - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - Fabric
Devices List<Pulumiverse.Fortios. System. Inputs. Csf Fabric Device> - Fabric device configuration. The structure of
fabric_device
block is documented below. - Fabric
Object stringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - Fabric
Workers int - Number of worker processes for Security Fabric daemon.
- File
Mgmt string - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - File
Quota int - Maximum amount of memory that can be used by the daemon files (in bytes).
- File
Quota intWarning - Warn when the set percentage of quota has been used.
- Fixed
Key string - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- Forticloud
Account stringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Group
Name string - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- Group
Password string - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- Log
Unification string - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - Management
Ip string - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- Management
Port int - Overriding port for management connection (Overrides admin port).
- Saml
Configuration stringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - Source
Ip string - Source IP address for communication with the upstream FortiGate.
- Status string
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - Trusted
Lists List<Pulumiverse.Fortios. System. Inputs. Csf Trusted List> - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - Uid string
- Unique ID of the current CSF node
- Upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- Upstream
Interface string - Specify outgoing interface to reach server.
- Upstream
Interface stringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - Upstream
Ip string - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- Upstream
Port int - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- Accept
Auth stringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - string
- Authorization request type. Valid values:
serial
,certificate
. - Certificate string
- Certificate.
- Configuration
Sync string - Configuration sync mode. Valid values:
default
,local
. - Downstream
Access string - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - Downstream
Accprofile string - Default access profile for requests from downstream devices.
- Dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- Fabric
Connectors []CsfFabric Connector Args - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - Fabric
Devices []CsfFabric Device Args - Fabric device configuration. The structure of
fabric_device
block is documented below. - Fabric
Object stringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - Fabric
Workers int - Number of worker processes for Security Fabric daemon.
- File
Mgmt string - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - File
Quota int - Maximum amount of memory that can be used by the daemon files (in bytes).
- File
Quota intWarning - Warn when the set percentage of quota has been used.
- Fixed
Key string - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- Forticloud
Account stringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - Get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- Group
Name string - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- Group
Password string - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- Log
Unification string - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - Management
Ip string - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- Management
Port int - Overriding port for management connection (Overrides admin port).
- Saml
Configuration stringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - Source
Ip string - Source IP address for communication with the upstream FortiGate.
- Status string
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - Trusted
Lists []CsfTrusted List Args - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - Uid string
- Unique ID of the current CSF node
- Upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- Upstream
Interface string - Specify outgoing interface to reach server.
- Upstream
Interface stringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - Upstream
Ip string - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- Upstream
Port int - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- Vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- accept
Auth StringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - String
- Authorization request type. Valid values:
serial
,certificate
. - certificate String
- Certificate.
- configuration
Sync String - Configuration sync mode. Valid values:
default
,local
. - downstream
Access String - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - downstream
Accprofile String - Default access profile for requests from downstream devices.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- fabric
Connectors List<CsfFabric Connector> - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - fabric
Devices List<CsfFabric Device> - Fabric device configuration. The structure of
fabric_device
block is documented below. - fabric
Object StringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - fabric
Workers Integer - Number of worker processes for Security Fabric daemon.
- file
Mgmt String - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - file
Quota Integer - Maximum amount of memory that can be used by the daemon files (in bytes).
- file
Quota IntegerWarning - Warn when the set percentage of quota has been used.
- fixed
Key String - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud
Account StringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- group
Name String - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group
Password String - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log
Unification String - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - management
Ip String - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- management
Port Integer - Overriding port for management connection (Overrides admin port).
- saml
Configuration StringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - source
Ip String - Source IP address for communication with the upstream FortiGate.
- status String
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - trusted
Lists List<CsfTrusted List> - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - uid String
- Unique ID of the current CSF node
- upstream String
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Interface String - Specify outgoing interface to reach server.
- upstream
Interface StringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - upstream
Ip String - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Port Integer - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- accept
Auth stringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - string
- Authorization request type. Valid values:
serial
,certificate
. - certificate string
- Certificate.
- configuration
Sync string - Configuration sync mode. Valid values:
default
,local
. - downstream
Access string - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - downstream
Accprofile string - Default access profile for requests from downstream devices.
- dynamic
Sort stringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- fabric
Connectors CsfFabric Connector[] - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - fabric
Devices CsfFabric Device[] - Fabric device configuration. The structure of
fabric_device
block is documented below. - fabric
Object stringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - fabric
Workers number - Number of worker processes for Security Fabric daemon.
- file
Mgmt string - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - file
Quota number - Maximum amount of memory that can be used by the daemon files (in bytes).
- file
Quota numberWarning - Warn when the set percentage of quota has been used.
- fixed
Key string - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud
Account stringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - get
All stringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- group
Name string - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group
Password string - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log
Unification string - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - management
Ip string - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- management
Port number - Overriding port for management connection (Overrides admin port).
- saml
Configuration stringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - source
Ip string - Source IP address for communication with the upstream FortiGate.
- status string
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - trusted
Lists CsfTrusted List[] - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - uid string
- Unique ID of the current CSF node
- upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Interface string - Specify outgoing interface to reach server.
- upstream
Interface stringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - upstream
Ip string - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Port number - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- vdomparam string
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- accept_
auth_ strby_ cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - str
- Authorization request type. Valid values:
serial
,certificate
. - certificate str
- Certificate.
- configuration_
sync str - Configuration sync mode. Valid values:
default
,local
. - downstream_
access str - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - downstream_
accprofile str - Default access profile for requests from downstream devices.
- dynamic_
sort_ strsubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- fabric_
connectors Sequence[CsfFabric Connector Args] - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - fabric_
devices Sequence[CsfFabric Device Args] - Fabric device configuration. The structure of
fabric_device
block is documented below. - fabric_
object_ strunification - Fabric CMDB Object Unification Valid values:
default
,local
. - fabric_
workers int - Number of worker processes for Security Fabric daemon.
- file_
mgmt str - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - file_
quota int - Maximum amount of memory that can be used by the daemon files (in bytes).
- file_
quota_ intwarning - Warn when the set percentage of quota has been used.
- fixed_
key str - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud_
account_ strenforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - get_
all_ strtables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- group_
name str - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group_
password str - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log_
unification str - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - management_
ip str - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- management_
port int - Overriding port for management connection (Overrides admin port).
- saml_
configuration_ strsync - SAML setting configuration synchronization. Valid values:
default
,local
. - source_
ip str - Source IP address for communication with the upstream FortiGate.
- status str
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - trusted_
lists Sequence[CsfTrusted List Args] - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - uid str
- Unique ID of the current CSF node
- upstream str
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream_
interface str - Specify outgoing interface to reach server.
- upstream_
interface_ strselect_ method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - upstream_
ip str - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream_
port int - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- vdomparam str
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
- accept
Auth StringBy Cert - Accept connections with unknown certificates and ask admin for approval. Valid values:
disable
,enable
. - String
- Authorization request type. Valid values:
serial
,certificate
. - certificate String
- Certificate.
- configuration
Sync String - Configuration sync mode. Valid values:
default
,local
. - downstream
Access String - Enable/disable downstream device access to this device's configuration and data. Valid values:
enable
,disable
. - downstream
Accprofile String - Default access profile for requests from downstream devices.
- dynamic
Sort StringSubtable - Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
- fabric
Connectors List<Property Map> - Fabric connector configuration. The structure of
fabric_connector
block is documented below. - fabric
Devices List<Property Map> - Fabric device configuration. The structure of
fabric_device
block is documented below. - fabric
Object StringUnification - Fabric CMDB Object Unification Valid values:
default
,local
. - fabric
Workers Number - Number of worker processes for Security Fabric daemon.
- file
Mgmt String - Enable/disable Security Fabric daemon file management. Valid values:
enable
,disable
. - file
Quota Number - Maximum amount of memory that can be used by the daemon files (in bytes).
- file
Quota NumberWarning - Warn when the set percentage of quota has been used.
- fixed
Key String - Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud
Account StringEnforcement - Fabric FortiCloud account unification. Valid values:
enable
,disable
. - get
All StringTables - Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
- group
Name String - Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group
Password String - Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log
Unification String - Enable/disable broadcast of discovery messages for log unification. Valid values:
disable
,enable
. - management
Ip String - Management IP address of this FortiGate. Used to log into this FortiGate from another FortiGate in the Security Fabric.
- management
Port Number - Overriding port for management connection (Overrides admin port).
- saml
Configuration StringSync - SAML setting configuration synchronization. Valid values:
default
,local
. - source
Ip String - Source IP address for communication with the upstream FortiGate.
- status String
- Enable/disable Security Fabric. Valid values:
enable
,disable
. - trusted
Lists List<Property Map> - Pre-authorized and blocked security fabric nodes. The structure of
trusted_list
block is documented below. - uid String
- Unique ID of the current CSF node
- upstream String
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Interface String - Specify outgoing interface to reach server.
- upstream
Interface StringSelect Method - Specify how to select outgoing interface to reach server. Valid values:
auto
,sdwan
,specify
. - upstream
Ip String - IP address of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream
Port Number - The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- vdomparam String
- Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Supporting Types
CsfFabricConnector, CsfFabricConnectorArgs
- Accprofile string
- Override access profile.
- Configuration
Write stringAccess - Enable/disable downstream device write access to configuration. Valid values:
enable
,disable
. - Serial string
- Serial.
- Vdoms
List<Pulumiverse.
Fortios. System. Inputs. Csf Fabric Connector Vdom> - Virtual domains that the connector has access to. If none are set, the connector will only have access to the VDOM that it joins the Security Fabric through. The structure of
vdom
block is documented below.
- Accprofile string
- Override access profile.
- Configuration
Write stringAccess - Enable/disable downstream device write access to configuration. Valid values:
enable
,disable
. - Serial string
- Serial.
- Vdoms
[]Csf
Fabric Connector Vdom - Virtual domains that the connector has access to. If none are set, the connector will only have access to the VDOM that it joins the Security Fabric through. The structure of
vdom
block is documented below.
- accprofile String
- Override access profile.
- configuration
Write StringAccess - Enable/disable downstream device write access to configuration. Valid values:
enable
,disable
. - serial String
- Serial.
- vdoms
List<Csf
Fabric Connector Vdom> - Virtual domains that the connector has access to. If none are set, the connector will only have access to the VDOM that it joins the Security Fabric through. The structure of
vdom
block is documented below.
- accprofile string
- Override access profile.
- configuration
Write stringAccess - Enable/disable downstream device write access to configuration. Valid values:
enable
,disable
. - serial string
- Serial.
- vdoms
Csf
Fabric Connector Vdom[] - Virtual domains that the connector has access to. If none are set, the connector will only have access to the VDOM that it joins the Security Fabric through. The structure of
vdom
block is documented below.
- accprofile str
- Override access profile.
- configuration_
write_ straccess - Enable/disable downstream device write access to configuration. Valid values:
enable
,disable
. - serial str
- Serial.
- vdoms
Sequence[Csf
Fabric Connector Vdom] - Virtual domains that the connector has access to. If none are set, the connector will only have access to the VDOM that it joins the Security Fabric through. The structure of
vdom
block is documented below.
- accprofile String
- Override access profile.
- configuration
Write StringAccess - Enable/disable downstream device write access to configuration. Valid values:
enable
,disable
. - serial String
- Serial.
- vdoms List<Property Map>
- Virtual domains that the connector has access to. If none are set, the connector will only have access to the VDOM that it joins the Security Fabric through. The structure of
vdom
block is documented below.
CsfFabricConnectorVdom, CsfFabricConnectorVdomArgs
- Name string
- Virtual domain name.
- Name string
- Virtual domain name.
- name String
- Virtual domain name.
- name string
- Virtual domain name.
- name str
- Virtual domain name.
- name String
- Virtual domain name.
CsfFabricDevice, CsfFabricDeviceArgs
- Access
Token string - Device access token.
- Device
Ip string - Device IP.
- Device
Type string - Device type. Valid values:
fortimail
. - Https
Port int - HTTPS port for fabric device.
- Login string
- Device login name.
- Name string
- Device name.
- Password string
- Device login password.
- Access
Token string - Device access token.
- Device
Ip string - Device IP.
- Device
Type string - Device type. Valid values:
fortimail
. - Https
Port int - HTTPS port for fabric device.
- Login string
- Device login name.
- Name string
- Device name.
- Password string
- Device login password.
- access
Token String - Device access token.
- device
Ip String - Device IP.
- device
Type String - Device type. Valid values:
fortimail
. - https
Port Integer - HTTPS port for fabric device.
- login String
- Device login name.
- name String
- Device name.
- password String
- Device login password.
- access
Token string - Device access token.
- device
Ip string - Device IP.
- device
Type string - Device type. Valid values:
fortimail
. - https
Port number - HTTPS port for fabric device.
- login string
- Device login name.
- name string
- Device name.
- password string
- Device login password.
- access_
token str - Device access token.
- device_
ip str - Device IP.
- device_
type str - Device type. Valid values:
fortimail
. - https_
port int - HTTPS port for fabric device.
- login str
- Device login name.
- name str
- Device name.
- password str
- Device login password.
- access
Token String - Device access token.
- device
Ip String - Device IP.
- device
Type String - Device type. Valid values:
fortimail
. - https
Port Number - HTTPS port for fabric device.
- login String
- Device login name.
- name String
- Device name.
- password String
- Device login password.
CsfTrustedList, CsfTrustedListArgs
- Action string
- Security fabric authorization action. Valid values:
accept
,deny
. - string
- Authorization type. Valid values:
serial
,certificate
. - Certificate string
- Certificate.
- string
- Trust authorizations by this node's administrator. Valid values:
enable
,disable
. - Ha
Members string - HA members.
- Index int
- Index of the downstream in tree.
- Name string
- Name.
- Serial string
- Serial.
- Action string
- Security fabric authorization action. Valid values:
accept
,deny
. - string
- Authorization type. Valid values:
serial
,certificate
. - Certificate string
- Certificate.
- string
- Trust authorizations by this node's administrator. Valid values:
enable
,disable
. - Ha
Members string - HA members.
- Index int
- Index of the downstream in tree.
- Name string
- Name.
- Serial string
- Serial.
- action String
- Security fabric authorization action. Valid values:
accept
,deny
. - String
- Authorization type. Valid values:
serial
,certificate
. - certificate String
- Certificate.
- String
- Trust authorizations by this node's administrator. Valid values:
enable
,disable
. - ha
Members String - HA members.
- index Integer
- Index of the downstream in tree.
- name String
- Name.
- serial String
- Serial.
- action string
- Security fabric authorization action. Valid values:
accept
,deny
. - string
- Authorization type. Valid values:
serial
,certificate
. - certificate string
- Certificate.
- string
- Trust authorizations by this node's administrator. Valid values:
enable
,disable
. - ha
Members string - HA members.
- index number
- Index of the downstream in tree.
- name string
- Name.
- serial string
- Serial.
- action str
- Security fabric authorization action. Valid values:
accept
,deny
. - str
- Authorization type. Valid values:
serial
,certificate
. - certificate str
- Certificate.
- str
- Trust authorizations by this node's administrator. Valid values:
enable
,disable
. - ha_
members str - HA members.
- index int
- Index of the downstream in tree.
- name str
- Name.
- serial str
- Serial.
- action String
- Security fabric authorization action. Valid values:
accept
,deny
. - String
- Authorization type. Valid values:
serial
,certificate
. - certificate String
- Certificate.
- String
- Trust authorizations by this node's administrator. Valid values:
enable
,disable
. - ha
Members String - HA members.
- index Number
- Index of the downstream in tree.
- name String
- Name.
- serial String
- Serial.
Import
System Csf can be imported using any of these accepted formats:
$ pulumi import fortios:system/csf:Csf labelname SystemCsf
If you do not want to import arguments of block:
$ export “FORTIOS_IMPORT_TABLE”=“false”
$ pulumi import fortios:system/csf:Csf labelname SystemCsf
$ unset “FORTIOS_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortios pulumiverse/pulumi-fortios
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
fortios
Terraform Provider.