fortimanager.SystemCsf
Explore with Pulumi AI
Add this device to a Security Fabric or set up a new Security Fabric on this device.
The following variables have sub resource. Avoid using them together, otherwise conflicts and overwrites may occur.
fabric_connector:fortimanager.SystemCsfFabricconnector
trusted_list:fortimanager.SystemCsfTrustedlist
Create SystemCsf Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SystemCsf(name: string, args?: SystemCsfArgs, opts?: CustomResourceOptions);@overload
def SystemCsf(resource_name: str,
              args: Optional[SystemCsfArgs] = None,
              opts: Optional[ResourceOptions] = None)
@overload
def SystemCsf(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              accept_auth_by_cert: Optional[str] = None,
              authorization_request_type: Optional[str] = None,
              certificate: Optional[str] = None,
              configuration_sync: Optional[str] = None,
              downstream_access: Optional[str] = None,
              downstream_accprofile: Optional[str] = None,
              dynamic_sort_subtable: Optional[str] = None,
              fabric_connectors: Optional[Sequence[SystemCsfFabricConnectorArgs]] = None,
              fabric_object_unification: Optional[str] = None,
              fabric_workers: Optional[float] = None,
              file_mgmt: Optional[str] = None,
              file_quota: Optional[float] = None,
              file_quota_warning: Optional[float] = None,
              fixed_keys: Optional[Sequence[str]] = None,
              forticloud_account_enforcement: Optional[str] = None,
              group_name: Optional[str] = None,
              group_passwords: Optional[Sequence[str]] = None,
              log_unification: Optional[str] = None,
              saml_configuration_sync: Optional[str] = None,
              ssl_protocol: Optional[str] = None,
              status: Optional[str] = None,
              system_csf_id: Optional[str] = None,
              trusted_lists: Optional[Sequence[SystemCsfTrustedListArgs]] = None,
              upstream: Optional[str] = None,
              upstream_confirm: Optional[str] = None,
              upstream_port: Optional[float] = None)func NewSystemCsf(ctx *Context, name string, args *SystemCsfArgs, opts ...ResourceOption) (*SystemCsf, error)public SystemCsf(string name, SystemCsfArgs? args = null, CustomResourceOptions? opts = null)
public SystemCsf(String name, SystemCsfArgs args)
public SystemCsf(String name, SystemCsfArgs args, CustomResourceOptions options)
type: fortimanager:SystemCsf
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SystemCsfArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SystemCsfArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SystemCsfArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SystemCsfArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SystemCsfArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var systemCsfResource = new Fortimanager.SystemCsf("systemCsfResource", new()
{
    AcceptAuthByCert = "string",
    AuthorizationRequestType = "string",
    Certificate = "string",
    ConfigurationSync = "string",
    DownstreamAccess = "string",
    DownstreamAccprofile = "string",
    DynamicSortSubtable = "string",
    FabricConnectors = new[]
    {
        new Fortimanager.Inputs.SystemCsfFabricConnectorArgs
        {
            Accprofile = "string",
            ConfigurationWriteAccess = "string",
            Serial = "string",
        },
    },
    FabricObjectUnification = "string",
    FabricWorkers = 0,
    FileMgmt = "string",
    FileQuota = 0,
    FileQuotaWarning = 0,
    FixedKeys = new[]
    {
        "string",
    },
    ForticloudAccountEnforcement = "string",
    GroupName = "string",
    GroupPasswords = new[]
    {
        "string",
    },
    LogUnification = "string",
    SamlConfigurationSync = "string",
    SslProtocol = "string",
    Status = "string",
    SystemCsfId = "string",
    TrustedLists = new[]
    {
        new Fortimanager.Inputs.SystemCsfTrustedListArgs
        {
            Action = "string",
            AuthorizationType = "string",
            Certificate = "string",
            DownstreamAuthorization = "string",
            HaMembers = "string",
            Index = 0,
            Name = "string",
            Serial = "string",
        },
    },
    Upstream = "string",
    UpstreamConfirm = "string",
    UpstreamPort = 0,
});
example, err := fortimanager.NewSystemCsf(ctx, "systemCsfResource", &fortimanager.SystemCsfArgs{
	AcceptAuthByCert:         pulumi.String("string"),
	AuthorizationRequestType: pulumi.String("string"),
	Certificate:              pulumi.String("string"),
	ConfigurationSync:        pulumi.String("string"),
	DownstreamAccess:         pulumi.String("string"),
	DownstreamAccprofile:     pulumi.String("string"),
	DynamicSortSubtable:      pulumi.String("string"),
	FabricConnectors: fortimanager.SystemCsfFabricConnectorTypeArray{
		&fortimanager.SystemCsfFabricConnectorTypeArgs{
			Accprofile:               pulumi.String("string"),
			ConfigurationWriteAccess: pulumi.String("string"),
			Serial:                   pulumi.String("string"),
		},
	},
	FabricObjectUnification: pulumi.String("string"),
	FabricWorkers:           pulumi.Float64(0),
	FileMgmt:                pulumi.String("string"),
	FileQuota:               pulumi.Float64(0),
	FileQuotaWarning:        pulumi.Float64(0),
	FixedKeys: pulumi.StringArray{
		pulumi.String("string"),
	},
	ForticloudAccountEnforcement: pulumi.String("string"),
	GroupName:                    pulumi.String("string"),
	GroupPasswords: pulumi.StringArray{
		pulumi.String("string"),
	},
	LogUnification:        pulumi.String("string"),
	SamlConfigurationSync: pulumi.String("string"),
	SslProtocol:           pulumi.String("string"),
	Status:                pulumi.String("string"),
	SystemCsfId:           pulumi.String("string"),
	TrustedLists: fortimanager.SystemCsfTrustedListTypeArray{
		&fortimanager.SystemCsfTrustedListTypeArgs{
			Action:                  pulumi.String("string"),
			AuthorizationType:       pulumi.String("string"),
			Certificate:             pulumi.String("string"),
			DownstreamAuthorization: pulumi.String("string"),
			HaMembers:               pulumi.String("string"),
			Index:                   pulumi.Float64(0),
			Name:                    pulumi.String("string"),
			Serial:                  pulumi.String("string"),
		},
	},
	Upstream:        pulumi.String("string"),
	UpstreamConfirm: pulumi.String("string"),
	UpstreamPort:    pulumi.Float64(0),
})
var systemCsfResource = new SystemCsf("systemCsfResource", SystemCsfArgs.builder()
    .acceptAuthByCert("string")
    .authorizationRequestType("string")
    .certificate("string")
    .configurationSync("string")
    .downstreamAccess("string")
    .downstreamAccprofile("string")
    .dynamicSortSubtable("string")
    .fabricConnectors(SystemCsfFabricConnectorArgs.builder()
        .accprofile("string")
        .configurationWriteAccess("string")
        .serial("string")
        .build())
    .fabricObjectUnification("string")
    .fabricWorkers(0.0)
    .fileMgmt("string")
    .fileQuota(0.0)
    .fileQuotaWarning(0.0)
    .fixedKeys("string")
    .forticloudAccountEnforcement("string")
    .groupName("string")
    .groupPasswords("string")
    .logUnification("string")
    .samlConfigurationSync("string")
    .sslProtocol("string")
    .status("string")
    .systemCsfId("string")
    .trustedLists(SystemCsfTrustedListArgs.builder()
        .action("string")
        .authorizationType("string")
        .certificate("string")
        .downstreamAuthorization("string")
        .haMembers("string")
        .index(0.0)
        .name("string")
        .serial("string")
        .build())
    .upstream("string")
    .upstreamConfirm("string")
    .upstreamPort(0.0)
    .build());
system_csf_resource = fortimanager.SystemCsf("systemCsfResource",
    accept_auth_by_cert="string",
    authorization_request_type="string",
    certificate="string",
    configuration_sync="string",
    downstream_access="string",
    downstream_accprofile="string",
    dynamic_sort_subtable="string",
    fabric_connectors=[{
        "accprofile": "string",
        "configuration_write_access": "string",
        "serial": "string",
    }],
    fabric_object_unification="string",
    fabric_workers=0,
    file_mgmt="string",
    file_quota=0,
    file_quota_warning=0,
    fixed_keys=["string"],
    forticloud_account_enforcement="string",
    group_name="string",
    group_passwords=["string"],
    log_unification="string",
    saml_configuration_sync="string",
    ssl_protocol="string",
    status="string",
    system_csf_id="string",
    trusted_lists=[{
        "action": "string",
        "authorization_type": "string",
        "certificate": "string",
        "downstream_authorization": "string",
        "ha_members": "string",
        "index": 0,
        "name": "string",
        "serial": "string",
    }],
    upstream="string",
    upstream_confirm="string",
    upstream_port=0)
const systemCsfResource = new fortimanager.SystemCsf("systemCsfResource", {
    acceptAuthByCert: "string",
    authorizationRequestType: "string",
    certificate: "string",
    configurationSync: "string",
    downstreamAccess: "string",
    downstreamAccprofile: "string",
    dynamicSortSubtable: "string",
    fabricConnectors: [{
        accprofile: "string",
        configurationWriteAccess: "string",
        serial: "string",
    }],
    fabricObjectUnification: "string",
    fabricWorkers: 0,
    fileMgmt: "string",
    fileQuota: 0,
    fileQuotaWarning: 0,
    fixedKeys: ["string"],
    forticloudAccountEnforcement: "string",
    groupName: "string",
    groupPasswords: ["string"],
    logUnification: "string",
    samlConfigurationSync: "string",
    sslProtocol: "string",
    status: "string",
    systemCsfId: "string",
    trustedLists: [{
        action: "string",
        authorizationType: "string",
        certificate: "string",
        downstreamAuthorization: "string",
        haMembers: "string",
        index: 0,
        name: "string",
        serial: "string",
    }],
    upstream: "string",
    upstreamConfirm: "string",
    upstreamPort: 0,
});
type: fortimanager:SystemCsf
properties:
    acceptAuthByCert: string
    authorizationRequestType: string
    certificate: string
    configurationSync: string
    downstreamAccess: string
    downstreamAccprofile: string
    dynamicSortSubtable: string
    fabricConnectors:
        - accprofile: string
          configurationWriteAccess: string
          serial: string
    fabricObjectUnification: string
    fabricWorkers: 0
    fileMgmt: string
    fileQuota: 0
    fileQuotaWarning: 0
    fixedKeys:
        - string
    forticloudAccountEnforcement: string
    groupName: string
    groupPasswords:
        - string
    logUnification: string
    samlConfigurationSync: string
    sslProtocol: string
    status: string
    systemCsfId: string
    trustedLists:
        - action: string
          authorizationType: string
          certificate: string
          downstreamAuthorization: string
          haMembers: string
          index: 0
          name: string
          serial: string
    upstream: string
    upstreamConfirm: string
    upstreamPort: 0
SystemCsf Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SystemCsf resource accepts the following input properties:
- AcceptAuth stringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- string
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- Certificate string
- Certificate.
- ConfigurationSync string
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- DownstreamAccess string
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- DownstreamAccprofile string
- Default access profile for requests from downstream devices.
- DynamicSort stringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- FabricConnectors List<SystemCsf Fabric Connector> 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- FabricObject stringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- FabricWorkers double
- Number of worker processes for Security Fabric daemon.
- FileMgmt string
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- FileQuota double
- Maximum amount of memory that can be used by the daemon files (in bytes).
- FileQuota doubleWarning 
- Warn when the set percentage of quota has been used.
- FixedKeys List<string>
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- ForticloudAccount stringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- GroupName string
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- GroupPasswords List<string>
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- LogUnification string
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- SamlConfiguration stringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- SslProtocol string
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- Status string
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- SystemCsf stringId 
- an identifier for the resource.
- TrustedLists List<SystemCsf Trusted List> 
- Trusted-List. The structure of trusted_listblock is documented below.
- Upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- UpstreamConfirm string
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- UpstreamPort double
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- AcceptAuth stringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- string
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- Certificate string
- Certificate.
- ConfigurationSync string
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- DownstreamAccess string
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- DownstreamAccprofile string
- Default access profile for requests from downstream devices.
- DynamicSort stringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- FabricConnectors []SystemCsf Fabric Connector Type Args 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- FabricObject stringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- FabricWorkers float64
- Number of worker processes for Security Fabric daemon.
- FileMgmt string
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- FileQuota float64
- Maximum amount of memory that can be used by the daemon files (in bytes).
- FileQuota float64Warning 
- Warn when the set percentage of quota has been used.
- FixedKeys []string
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- ForticloudAccount stringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- GroupName string
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- GroupPasswords []string
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- LogUnification string
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- SamlConfiguration stringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- SslProtocol string
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- Status string
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- SystemCsf stringId 
- an identifier for the resource.
- TrustedLists []SystemCsf Trusted List Type Args 
- Trusted-List. The structure of trusted_listblock is documented below.
- Upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- UpstreamConfirm string
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- UpstreamPort float64
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- acceptAuth StringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- String
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- certificate String
- Certificate.
- configurationSync String
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- downstreamAccess String
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- downstreamAccprofile String
- Default access profile for requests from downstream devices.
- dynamicSort StringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- fabricConnectors List<SystemCsf Fabric Connector> 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- fabricObject StringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- fabricWorkers Double
- Number of worker processes for Security Fabric daemon.
- fileMgmt String
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- fileQuota Double
- Maximum amount of memory that can be used by the daemon files (in bytes).
- fileQuota DoubleWarning 
- Warn when the set percentage of quota has been used.
- fixedKeys List<String>
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloudAccount StringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- groupName String
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- groupPasswords List<String>
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- logUnification String
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- samlConfiguration StringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- sslProtocol String
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- status String
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- systemCsf StringId 
- an identifier for the resource.
- trustedLists List<SystemCsf Trusted List> 
- Trusted-List. The structure of trusted_listblock is documented below.
- upstream String
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstreamConfirm String
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- upstreamPort Double
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- acceptAuth stringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- string
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- certificate string
- Certificate.
- configurationSync string
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- downstreamAccess string
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- downstreamAccprofile string
- Default access profile for requests from downstream devices.
- dynamicSort stringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- fabricConnectors SystemCsf Fabric Connector[] 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- fabricObject stringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- fabricWorkers number
- Number of worker processes for Security Fabric daemon.
- fileMgmt string
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- fileQuota number
- Maximum amount of memory that can be used by the daemon files (in bytes).
- fileQuota numberWarning 
- Warn when the set percentage of quota has been used.
- fixedKeys string[]
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloudAccount stringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- groupName string
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- groupPasswords string[]
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- logUnification string
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- samlConfiguration stringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- sslProtocol string
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- status string
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- systemCsf stringId 
- an identifier for the resource.
- trustedLists SystemCsf Trusted List[] 
- Trusted-List. The structure of trusted_listblock is documented below.
- upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstreamConfirm string
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- upstreamPort number
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- accept_auth_ strby_ cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- str
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- certificate str
- Certificate.
- configuration_sync str
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- downstream_access str
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- downstream_accprofile str
- Default access profile for requests from downstream devices.
- dynamic_sort_ strsubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- fabric_connectors Sequence[SystemCsf Fabric Connector Args] 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- fabric_object_ strunification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- fabric_workers float
- Number of worker processes for Security Fabric daemon.
- file_mgmt str
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- file_quota float
- Maximum amount of memory that can be used by the daemon files (in bytes).
- file_quota_ floatwarning 
- Warn when the set percentage of quota has been used.
- fixed_keys Sequence[str]
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud_account_ strenforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- group_name str
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group_passwords Sequence[str]
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log_unification str
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- saml_configuration_ strsync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- ssl_protocol str
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- status str
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- system_csf_ strid 
- an identifier for the resource.
- trusted_lists Sequence[SystemCsf Trusted List Args] 
- Trusted-List. The structure of trusted_listblock is documented below.
- upstream str
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream_confirm str
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- upstream_port float
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- acceptAuth StringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- String
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- certificate String
- Certificate.
- configurationSync String
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- downstreamAccess String
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- downstreamAccprofile String
- Default access profile for requests from downstream devices.
- dynamicSort StringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- fabricConnectors List<Property Map>
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- fabricObject StringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- fabricWorkers Number
- Number of worker processes for Security Fabric daemon.
- fileMgmt String
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- fileQuota Number
- Maximum amount of memory that can be used by the daemon files (in bytes).
- fileQuota NumberWarning 
- Warn when the set percentage of quota has been used.
- fixedKeys List<String>
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloudAccount StringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- groupName String
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- groupPasswords List<String>
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- logUnification String
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- samlConfiguration StringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- sslProtocol String
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- status String
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- systemCsf StringId 
- an identifier for the resource.
- trustedLists List<Property Map>
- Trusted-List. The structure of trusted_listblock is documented below.
- upstream String
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstreamConfirm String
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- upstreamPort Number
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
Outputs
All input properties are implicitly available as output properties. Additionally, the SystemCsf resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing SystemCsf Resource
Get an existing SystemCsf resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SystemCsfState, opts?: CustomResourceOptions): SystemCsf@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        accept_auth_by_cert: Optional[str] = None,
        authorization_request_type: Optional[str] = None,
        certificate: Optional[str] = None,
        configuration_sync: Optional[str] = None,
        downstream_access: Optional[str] = None,
        downstream_accprofile: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        fabric_connectors: Optional[Sequence[SystemCsfFabricConnectorArgs]] = None,
        fabric_object_unification: Optional[str] = None,
        fabric_workers: Optional[float] = None,
        file_mgmt: Optional[str] = None,
        file_quota: Optional[float] = None,
        file_quota_warning: Optional[float] = None,
        fixed_keys: Optional[Sequence[str]] = None,
        forticloud_account_enforcement: Optional[str] = None,
        group_name: Optional[str] = None,
        group_passwords: Optional[Sequence[str]] = None,
        log_unification: Optional[str] = None,
        saml_configuration_sync: Optional[str] = None,
        ssl_protocol: Optional[str] = None,
        status: Optional[str] = None,
        system_csf_id: Optional[str] = None,
        trusted_lists: Optional[Sequence[SystemCsfTrustedListArgs]] = None,
        upstream: Optional[str] = None,
        upstream_confirm: Optional[str] = None,
        upstream_port: Optional[float] = None) -> SystemCsffunc GetSystemCsf(ctx *Context, name string, id IDInput, state *SystemCsfState, opts ...ResourceOption) (*SystemCsf, error)public static SystemCsf Get(string name, Input<string> id, SystemCsfState? state, CustomResourceOptions? opts = null)public static SystemCsf get(String name, Output<String> id, SystemCsfState state, CustomResourceOptions options)resources:  _:    type: fortimanager:SystemCsf    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- AcceptAuth stringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- string
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- Certificate string
- Certificate.
- ConfigurationSync string
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- DownstreamAccess string
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- DownstreamAccprofile string
- Default access profile for requests from downstream devices.
- DynamicSort stringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- FabricConnectors List<SystemCsf Fabric Connector> 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- FabricObject stringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- FabricWorkers double
- Number of worker processes for Security Fabric daemon.
- FileMgmt string
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- FileQuota double
- Maximum amount of memory that can be used by the daemon files (in bytes).
- FileQuota doubleWarning 
- Warn when the set percentage of quota has been used.
- FixedKeys List<string>
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- ForticloudAccount stringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- GroupName string
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- GroupPasswords List<string>
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- LogUnification string
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- SamlConfiguration stringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- SslProtocol string
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- Status string
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- SystemCsf stringId 
- an identifier for the resource.
- TrustedLists List<SystemCsf Trusted List> 
- Trusted-List. The structure of trusted_listblock is documented below.
- Upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- UpstreamConfirm string
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- UpstreamPort double
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- AcceptAuth stringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- string
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- Certificate string
- Certificate.
- ConfigurationSync string
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- DownstreamAccess string
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- DownstreamAccprofile string
- Default access profile for requests from downstream devices.
- DynamicSort stringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- FabricConnectors []SystemCsf Fabric Connector Type Args 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- FabricObject stringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- FabricWorkers float64
- Number of worker processes for Security Fabric daemon.
- FileMgmt string
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- FileQuota float64
- Maximum amount of memory that can be used by the daemon files (in bytes).
- FileQuota float64Warning 
- Warn when the set percentage of quota has been used.
- FixedKeys []string
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- ForticloudAccount stringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- GroupName string
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- GroupPasswords []string
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- LogUnification string
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- SamlConfiguration stringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- SslProtocol string
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- Status string
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- SystemCsf stringId 
- an identifier for the resource.
- TrustedLists []SystemCsf Trusted List Type Args 
- Trusted-List. The structure of trusted_listblock is documented below.
- Upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- UpstreamConfirm string
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- UpstreamPort float64
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- acceptAuth StringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- String
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- certificate String
- Certificate.
- configurationSync String
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- downstreamAccess String
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- downstreamAccprofile String
- Default access profile for requests from downstream devices.
- dynamicSort StringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- fabricConnectors List<SystemCsf Fabric Connector> 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- fabricObject StringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- fabricWorkers Double
- Number of worker processes for Security Fabric daemon.
- fileMgmt String
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- fileQuota Double
- Maximum amount of memory that can be used by the daemon files (in bytes).
- fileQuota DoubleWarning 
- Warn when the set percentage of quota has been used.
- fixedKeys List<String>
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloudAccount StringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- groupName String
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- groupPasswords List<String>
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- logUnification String
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- samlConfiguration StringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- sslProtocol String
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- status String
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- systemCsf StringId 
- an identifier for the resource.
- trustedLists List<SystemCsf Trusted List> 
- Trusted-List. The structure of trusted_listblock is documented below.
- upstream String
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstreamConfirm String
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- upstreamPort Double
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- acceptAuth stringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- string
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- certificate string
- Certificate.
- configurationSync string
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- downstreamAccess string
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- downstreamAccprofile string
- Default access profile for requests from downstream devices.
- dynamicSort stringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- fabricConnectors SystemCsf Fabric Connector[] 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- fabricObject stringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- fabricWorkers number
- Number of worker processes for Security Fabric daemon.
- fileMgmt string
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- fileQuota number
- Maximum amount of memory that can be used by the daemon files (in bytes).
- fileQuota numberWarning 
- Warn when the set percentage of quota has been used.
- fixedKeys string[]
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloudAccount stringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- groupName string
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- groupPasswords string[]
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- logUnification string
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- samlConfiguration stringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- sslProtocol string
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- status string
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- systemCsf stringId 
- an identifier for the resource.
- trustedLists SystemCsf Trusted List[] 
- Trusted-List. The structure of trusted_listblock is documented below.
- upstream string
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstreamConfirm string
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- upstreamPort number
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- accept_auth_ strby_ cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- str
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- certificate str
- Certificate.
- configuration_sync str
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- downstream_access str
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- downstream_accprofile str
- Default access profile for requests from downstream devices.
- dynamic_sort_ strsubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- fabric_connectors Sequence[SystemCsf Fabric Connector Args] 
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- fabric_object_ strunification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- fabric_workers float
- Number of worker processes for Security Fabric daemon.
- file_mgmt str
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- file_quota float
- Maximum amount of memory that can be used by the daemon files (in bytes).
- file_quota_ floatwarning 
- Warn when the set percentage of quota has been used.
- fixed_keys Sequence[str]
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloud_account_ strenforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- group_name str
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- group_passwords Sequence[str]
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- log_unification str
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- saml_configuration_ strsync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- ssl_protocol str
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- status str
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- system_csf_ strid 
- an identifier for the resource.
- trusted_lists Sequence[SystemCsf Trusted List Args] 
- Trusted-List. The structure of trusted_listblock is documented below.
- upstream str
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstream_confirm str
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- upstream_port float
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
- acceptAuth StringBy Cert 
- Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable,enable.
- String
- Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate,serial.
- certificate String
- Certificate.
- configurationSync String
- Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default,local.
- downstreamAccess String
- Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable,enable.
- downstreamAccprofile String
- Default access profile for requests from downstream devices.
- dynamicSort StringSubtable 
- true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- fabricConnectors List<Property Map>
- Fabric-Connector. The structure of fabric_connectorblock is documented below.
- fabricObject StringUnification 
- Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local,default.
- fabricWorkers Number
- Number of worker processes for Security Fabric daemon.
- fileMgmt String
- Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable,enable.
- fileQuota Number
- Maximum amount of memory that can be used by the daemon files (in bytes).
- fileQuota NumberWarning 
- Warn when the set percentage of quota has been used.
- fixedKeys List<String>
- Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
- forticloudAccount StringEnforcement 
- Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable,enable.
- groupName String
- Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
- groupPasswords List<String>
- Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
- logUnification String
- Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable,enable.
- samlConfiguration StringSync 
- SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local,default.
- sslProtocol String
- set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol,sslv3,tlsv1.0,tlsv1.1,tlsv1.2,tlsv1.3.
- status String
- Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable,enable.
- systemCsf StringId 
- an identifier for the resource.
- trustedLists List<Property Map>
- Trusted-List. The structure of trusted_listblock is documented below.
- upstream String
- IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
- upstreamConfirm String
- Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover,confirm.
- upstreamPort Number
- The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).
Supporting Types
SystemCsfFabricConnector, SystemCsfFabricConnectorArgs        
- Accprofile string
- Override access profile.
- ConfigurationWrite stringAccess 
- Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable,enable.
- Serial string
- Serial.
- Accprofile string
- Override access profile.
- ConfigurationWrite stringAccess 
- Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable,enable.
- Serial string
- Serial.
- accprofile String
- Override access profile.
- configurationWrite StringAccess 
- Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable,enable.
- serial String
- Serial.
- accprofile string
- Override access profile.
- configurationWrite stringAccess 
- Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable,enable.
- serial string
- Serial.
- accprofile str
- Override access profile.
- configuration_write_ straccess 
- Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable,enable.
- serial str
- Serial.
- accprofile String
- Override access profile.
- configurationWrite StringAccess 
- Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable,enable.
- serial String
- Serial.
SystemCsfTrustedList, SystemCsfTrustedListArgs        
- Action string
- Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept,deny.
- string
- Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial,certificate.
- Certificate string
- Certificate.
- string
- Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable,enable.
- HaMembers string
- HA members.
- Index double
- Index of the downstream in tree.
- Name string
- Name.
- Serial string
- Serial.
- Action string
- Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept,deny.
- string
- Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial,certificate.
- Certificate string
- Certificate.
- string
- Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable,enable.
- HaMembers string
- HA members.
- Index float64
- Index of the downstream in tree.
- Name string
- Name.
- Serial string
- Serial.
- action String
- Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept,deny.
- String
- Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial,certificate.
- certificate String
- Certificate.
- String
- Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable,enable.
- haMembers String
- HA members.
- index Double
- Index of the downstream in tree.
- name String
- Name.
- serial String
- Serial.
- action string
- Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept,deny.
- string
- Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial,certificate.
- certificate string
- Certificate.
- string
- Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable,enable.
- haMembers string
- HA members.
- index number
- Index of the downstream in tree.
- name string
- Name.
- serial string
- Serial.
- action str
- Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept,deny.
- str
- Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial,certificate.
- certificate str
- Certificate.
- str
- Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable,enable.
- ha_members str
- HA members.
- index float
- Index of the downstream in tree.
- name str
- Name.
- serial str
- Serial.
- action String
- Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept,deny.
- String
- Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial,certificate.
- certificate String
- Certificate.
- String
- Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable,enable.
- haMembers String
- HA members.
- index Number
- Index of the downstream in tree.
- name String
- Name.
- serial String
- Serial.
Import
System Csf can be imported using any of these accepted formats:
$ export “FORTIMANAGER_IMPORT_TABLE”=“true”
$ pulumi import fortimanager:index/systemCsf:SystemCsf labelname SystemCsf
$ unset “FORTIMANAGER_IMPORT_TABLE”
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortimanager fortinetdev/terraform-provider-fortimanager
- License
- Notes
- This Pulumi package is based on the fortimanagerTerraform Provider.