fortimanager 1.13.0, Mar 13 25

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.SystemCsf

Explore with Pulumi AI

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

Create SystemCsf Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SystemCsf(name: string, args?: SystemCsfArgs, opts?: CustomResourceOptions);

@overload
def SystemCsf(resource_name: str,
              args: Optional[SystemCsfArgs] = None,
              opts: Optional[ResourceOptions] = None)

@overload
def SystemCsf(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              accept_auth_by_cert: Optional[str] = None,
              authorization_request_type: Optional[str] = None,
              certificate: Optional[str] = None,
              configuration_sync: Optional[str] = None,
              downstream_access: Optional[str] = None,
              downstream_accprofile: Optional[str] = None,
              dynamic_sort_subtable: Optional[str] = None,
              fabric_connectors: Optional[Sequence[SystemCsfFabricConnectorArgs]] = None,
              fabric_object_unification: Optional[str] = None,
              fabric_workers: Optional[float] = None,
              file_mgmt: Optional[str] = None,
              file_quota: Optional[float] = None,
              file_quota_warning: Optional[float] = None,
              fixed_keys: Optional[Sequence[str]] = None,
              forticloud_account_enforcement: Optional[str] = None,
              group_name: Optional[str] = None,
              group_passwords: Optional[Sequence[str]] = None,
              log_unification: Optional[str] = None,
              saml_configuration_sync: Optional[str] = None,
              ssl_protocol: Optional[str] = None,
              status: Optional[str] = None,
              system_csf_id: Optional[str] = None,
              trusted_lists: Optional[Sequence[SystemCsfTrustedListArgs]] = None,
              upstream: Optional[str] = None,
              upstream_confirm: Optional[str] = None,
              upstream_port: Optional[float] = None)

func NewSystemCsf(ctx *Context, name string, args *SystemCsfArgs, opts ...ResourceOption) (*SystemCsf, error)

public SystemCsf(string name, SystemCsfArgs? args = null, CustomResourceOptions? opts = null)

public SystemCsf(String name, SystemCsfArgs args)
public SystemCsf(String name, SystemCsfArgs args, CustomResourceOptions options)

type: fortimanager:SystemCsf
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SystemCsfArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SystemCsfArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SystemCsfArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SystemCsfArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SystemCsfArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var systemCsfResource = new Fortimanager.SystemCsf("systemCsfResource", new()
{
    AcceptAuthByCert = "string",
    AuthorizationRequestType = "string",
    Certificate = "string",
    ConfigurationSync = "string",
    DownstreamAccess = "string",
    DownstreamAccprofile = "string",
    DynamicSortSubtable = "string",
    FabricConnectors = new[]
    {
        new Fortimanager.Inputs.SystemCsfFabricConnectorArgs
        {
            Accprofile = "string",
            ConfigurationWriteAccess = "string",
            Serial = "string",
        },
    },
    FabricObjectUnification = "string",
    FabricWorkers = 0,
    FileMgmt = "string",
    FileQuota = 0,
    FileQuotaWarning = 0,
    FixedKeys = new[]
    {
        "string",
    },
    ForticloudAccountEnforcement = "string",
    GroupName = "string",
    GroupPasswords = new[]
    {
        "string",
    },
    LogUnification = "string",
    SamlConfigurationSync = "string",
    SslProtocol = "string",
    Status = "string",
    SystemCsfId = "string",
    TrustedLists = new[]
    {
        new Fortimanager.Inputs.SystemCsfTrustedListArgs
        {
            Action = "string",
            AuthorizationType = "string",
            Certificate = "string",
            DownstreamAuthorization = "string",
            HaMembers = "string",
            Index = 0,
            Name = "string",
            Serial = "string",
        },
    },
    Upstream = "string",
    UpstreamConfirm = "string",
    UpstreamPort = 0,
});

example, err := fortimanager.NewSystemCsf(ctx, "systemCsfResource", &fortimanager.SystemCsfArgs{
AcceptAuthByCert: pulumi.String("string"),
AuthorizationRequestType: pulumi.String("string"),
Certificate: pulumi.String("string"),
ConfigurationSync: pulumi.String("string"),
DownstreamAccess: pulumi.String("string"),
DownstreamAccprofile: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
FabricConnectors: .SystemCsfFabricConnectorTypeArray{
&.SystemCsfFabricConnectorTypeArgs{
Accprofile: pulumi.String("string"),
ConfigurationWriteAccess: pulumi.String("string"),
Serial: pulumi.String("string"),
},
},
FabricObjectUnification: pulumi.String("string"),
FabricWorkers: pulumi.Float64(0),
FileMgmt: pulumi.String("string"),
FileQuota: pulumi.Float64(0),
FileQuotaWarning: pulumi.Float64(0),
FixedKeys: pulumi.StringArray{
pulumi.String("string"),
},
ForticloudAccountEnforcement: pulumi.String("string"),
GroupName: pulumi.String("string"),
GroupPasswords: pulumi.StringArray{
pulumi.String("string"),
},
LogUnification: pulumi.String("string"),
SamlConfigurationSync: pulumi.String("string"),
SslProtocol: pulumi.String("string"),
Status: pulumi.String("string"),
SystemCsfId: pulumi.String("string"),
TrustedLists: .SystemCsfTrustedListTypeArray{
&.SystemCsfTrustedListTypeArgs{
Action: pulumi.String("string"),
AuthorizationType: pulumi.String("string"),
Certificate: pulumi.String("string"),
DownstreamAuthorization: pulumi.String("string"),
HaMembers: pulumi.String("string"),
Index: pulumi.Float64(0),
Name: pulumi.String("string"),
Serial: pulumi.String("string"),
},
},
Upstream: pulumi.String("string"),
UpstreamConfirm: pulumi.String("string"),
UpstreamPort: pulumi.Float64(0),
})

var systemCsfResource = new SystemCsf("systemCsfResource", SystemCsfArgs.builder()
    .acceptAuthByCert("string")
    .authorizationRequestType("string")
    .certificate("string")
    .configurationSync("string")
    .downstreamAccess("string")
    .downstreamAccprofile("string")
    .dynamicSortSubtable("string")
    .fabricConnectors(SystemCsfFabricConnectorArgs.builder()
        .accprofile("string")
        .configurationWriteAccess("string")
        .serial("string")
        .build())
    .fabricObjectUnification("string")
    .fabricWorkers(0)
    .fileMgmt("string")
    .fileQuota(0)
    .fileQuotaWarning(0)
    .fixedKeys("string")
    .forticloudAccountEnforcement("string")
    .groupName("string")
    .groupPasswords("string")
    .logUnification("string")
    .samlConfigurationSync("string")
    .sslProtocol("string")
    .status("string")
    .systemCsfId("string")
    .trustedLists(SystemCsfTrustedListArgs.builder()
        .action("string")
        .authorizationType("string")
        .certificate("string")
        .downstreamAuthorization("string")
        .haMembers("string")
        .index(0)
        .name("string")
        .serial("string")
        .build())
    .upstream("string")
    .upstreamConfirm("string")
    .upstreamPort(0)
    .build());

system_csf_resource = fortimanager.SystemCsf("systemCsfResource",
    accept_auth_by_cert="string",
    authorization_request_type="string",
    certificate="string",
    configuration_sync="string",
    downstream_access="string",
    downstream_accprofile="string",
    dynamic_sort_subtable="string",
    fabric_connectors=[{
        "accprofile": "string",
        "configuration_write_access": "string",
        "serial": "string",
    }],
    fabric_object_unification="string",
    fabric_workers=0,
    file_mgmt="string",
    file_quota=0,
    file_quota_warning=0,
    fixed_keys=["string"],
    forticloud_account_enforcement="string",
    group_name="string",
    group_passwords=["string"],
    log_unification="string",
    saml_configuration_sync="string",
    ssl_protocol="string",
    status="string",
    system_csf_id="string",
    trusted_lists=[{
        "action": "string",
        "authorization_type": "string",
        "certificate": "string",
        "downstream_authorization": "string",
        "ha_members": "string",
        "index": 0,
        "name": "string",
        "serial": "string",
    }],
    upstream="string",
    upstream_confirm="string",
    upstream_port=0)

const systemCsfResource = new fortimanager.SystemCsf("systemCsfResource", {
    acceptAuthByCert: "string",
    authorizationRequestType: "string",
    certificate: "string",
    configurationSync: "string",
    downstreamAccess: "string",
    downstreamAccprofile: "string",
    dynamicSortSubtable: "string",
    fabricConnectors: [{
        accprofile: "string",
        configurationWriteAccess: "string",
        serial: "string",
    }],
    fabricObjectUnification: "string",
    fabricWorkers: 0,
    fileMgmt: "string",
    fileQuota: 0,
    fileQuotaWarning: 0,
    fixedKeys: ["string"],
    forticloudAccountEnforcement: "string",
    groupName: "string",
    groupPasswords: ["string"],
    logUnification: "string",
    samlConfigurationSync: "string",
    sslProtocol: "string",
    status: "string",
    systemCsfId: "string",
    trustedLists: [{
        action: "string",
        authorizationType: "string",
        certificate: "string",
        downstreamAuthorization: "string",
        haMembers: "string",
        index: 0,
        name: "string",
        serial: "string",
    }],
    upstream: "string",
    upstreamConfirm: "string",
    upstreamPort: 0,
});

type: fortimanager:SystemCsf
properties:
    acceptAuthByCert: string
    authorizationRequestType: string
    certificate: string
    configurationSync: string
    downstreamAccess: string
    downstreamAccprofile: string
    dynamicSortSubtable: string
    fabricConnectors:
        - accprofile: string
          configurationWriteAccess: string
          serial: string
    fabricObjectUnification: string
    fabricWorkers: 0
    fileMgmt: string
    fileQuota: 0
    fileQuotaWarning: 0
    fixedKeys:
        - string
    forticloudAccountEnforcement: string
    groupName: string
    groupPasswords:
        - string
    logUnification: string
    samlConfigurationSync: string
    sslProtocol: string
    status: string
    systemCsfId: string
    trustedLists:
        - action: string
          authorizationType: string
          certificate: string
          downstreamAuthorization: string
          haMembers: string
          index: 0
          name: string
          serial: string
    upstream: string
    upstreamConfirm: string
    upstreamPort: 0

SystemCsf Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SystemCsf resource accepts the following input properties:

AcceptAuthByCert string: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
AuthorizationRequestType string: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
Certificate string: Certificate.
ConfigurationSync string: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
DownstreamAccess string: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
DownstreamAccprofile string: Default access profile for requests from downstream devices.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
FabricConnectors List<SystemCsfFabricConnector>: Fabric-Connector. The structure of fabric_connector block is documented below.
FabricObjectUnification string: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
FabricWorkers double: Number of worker processes for Security Fabric daemon.
FileMgmt string: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
FileQuota double: Maximum amount of memory that can be used by the daemon files (in bytes).
FileQuotaWarning double: Warn when the set percentage of quota has been used.
FixedKeys List<string>: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
ForticloudAccountEnforcement string: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
GroupName string: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
GroupPasswords List<string>: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
LogUnification string: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
SamlConfigurationSync string: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
SslProtocol string: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
Status string: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
SystemCsfId string: an identifier for the resource.
TrustedLists List<SystemCsfTrustedList>: Trusted-List. The structure of trusted_list block is documented below.
Upstream string: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
UpstreamConfirm string: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
UpstreamPort double: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

AcceptAuthByCert string: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
AuthorizationRequestType string: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
Certificate string: Certificate.
ConfigurationSync string: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
DownstreamAccess string: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
DownstreamAccprofile string: Default access profile for requests from downstream devices.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
FabricConnectors []SystemCsfFabricConnectorTypeArgs: Fabric-Connector. The structure of fabric_connector block is documented below.
FabricObjectUnification string: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
FabricWorkers float64: Number of worker processes for Security Fabric daemon.
FileMgmt string: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
FileQuota float64: Maximum amount of memory that can be used by the daemon files (in bytes).
FileQuotaWarning float64: Warn when the set percentage of quota has been used.
FixedKeys []string: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
ForticloudAccountEnforcement string: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
GroupName string: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
GroupPasswords []string: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
LogUnification string: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
SamlConfigurationSync string: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
SslProtocol string: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
Status string: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
SystemCsfId string: an identifier for the resource.
TrustedLists []SystemCsfTrustedListTypeArgs: Trusted-List. The structure of trusted_list block is documented below.
Upstream string: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
UpstreamConfirm string: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
UpstreamPort float64: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

acceptAuthByCert String: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
authorizationRequestType String: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
certificate String: Certificate.
configurationSync String: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
downstreamAccess String: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
downstreamAccprofile String: Default access profile for requests from downstream devices.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
fabricConnectors List<SystemCsfFabricConnector>: Fabric-Connector. The structure of fabric_connector block is documented below.
fabricObjectUnification String: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
fabricWorkers Double: Number of worker processes for Security Fabric daemon.
fileMgmt String: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
fileQuota Double: Maximum amount of memory that can be used by the daemon files (in bytes).
fileQuotaWarning Double: Warn when the set percentage of quota has been used.
fixedKeys List<String>: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
forticloudAccountEnforcement String: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
groupName String: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
groupPasswords List<String>: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
logUnification String: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
samlConfigurationSync String: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
sslProtocol String: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
status String: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
systemCsfId String: an identifier for the resource.
trustedLists List<SystemCsfTrustedList>: Trusted-List. The structure of trusted_list block is documented below.
upstream String: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
upstreamConfirm String: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
upstreamPort Double: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

acceptAuthByCert string: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
authorizationRequestType string: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
certificate string: Certificate.
configurationSync string: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
downstreamAccess string: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
downstreamAccprofile string: Default access profile for requests from downstream devices.
dynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
fabricConnectors SystemCsfFabricConnector[]: Fabric-Connector. The structure of fabric_connector block is documented below.
fabricObjectUnification string: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
fabricWorkers number: Number of worker processes for Security Fabric daemon.
fileMgmt string: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
fileQuota number: Maximum amount of memory that can be used by the daemon files (in bytes).
fileQuotaWarning number: Warn when the set percentage of quota has been used.
fixedKeys string[]: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
forticloudAccountEnforcement string: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
groupName string: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
groupPasswords string[]: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
logUnification string: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
samlConfigurationSync string: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
sslProtocol string: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
status string: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
systemCsfId string: an identifier for the resource.
trustedLists SystemCsfTrustedList[]: Trusted-List. The structure of trusted_list block is documented below.
upstream string: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
upstreamConfirm string: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
upstreamPort number: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

accept_auth_by_cert str: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
authorization_request_type str: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
certificate str: Certificate.
configuration_sync str: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
downstream_access str: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
downstream_accprofile str: Default access profile for requests from downstream devices.
dynamic_sort_subtable str: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
fabric_connectors Sequence[SystemCsfFabricConnectorArgs]: Fabric-Connector. The structure of fabric_connector block is documented below.
fabric_object_unification str: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
fabric_workers float: Number of worker processes for Security Fabric daemon.
file_mgmt str: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
file_quota float: Maximum amount of memory that can be used by the daemon files (in bytes).
file_quota_warning float: Warn when the set percentage of quota has been used.
fixed_keys Sequence[str]: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
forticloud_account_enforcement str: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
group_name str: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
group_passwords Sequence[str]: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
log_unification str: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
saml_configuration_sync str: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
ssl_protocol str: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
status str: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
system_csf_id str: an identifier for the resource.
trusted_lists Sequence[SystemCsfTrustedListArgs]: Trusted-List. The structure of trusted_list block is documented below.
upstream str: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
upstream_confirm str: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
upstream_port float: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

acceptAuthByCert String: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
authorizationRequestType String: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
certificate String: Certificate.
configurationSync String: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
downstreamAccess String: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
downstreamAccprofile String: Default access profile for requests from downstream devices.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
fabricConnectors List<Property Map>: Fabric-Connector. The structure of fabric_connector block is documented below.
fabricObjectUnification String: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
fabricWorkers Number: Number of worker processes for Security Fabric daemon.
fileMgmt String: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
fileQuota Number: Maximum amount of memory that can be used by the daemon files (in bytes).
fileQuotaWarning Number: Warn when the set percentage of quota has been used.
fixedKeys List<String>: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
forticloudAccountEnforcement String: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
groupName String: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
groupPasswords List<String>: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
logUnification String: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
samlConfigurationSync String: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
sslProtocol String: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
status String: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
systemCsfId String: an identifier for the resource.
trustedLists List<Property Map>: Trusted-List. The structure of trusted_list block is documented below.
upstream String: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
upstreamConfirm String: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
upstreamPort Number: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

Outputs

All input properties are implicitly available as output properties. Additionally, the SystemCsf resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing SystemCsf Resource

Get an existing SystemCsf resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SystemCsfState, opts?: CustomResourceOptions): SystemCsf

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        accept_auth_by_cert: Optional[str] = None,
        authorization_request_type: Optional[str] = None,
        certificate: Optional[str] = None,
        configuration_sync: Optional[str] = None,
        downstream_access: Optional[str] = None,
        downstream_accprofile: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        fabric_connectors: Optional[Sequence[SystemCsfFabricConnectorArgs]] = None,
        fabric_object_unification: Optional[str] = None,
        fabric_workers: Optional[float] = None,
        file_mgmt: Optional[str] = None,
        file_quota: Optional[float] = None,
        file_quota_warning: Optional[float] = None,
        fixed_keys: Optional[Sequence[str]] = None,
        forticloud_account_enforcement: Optional[str] = None,
        group_name: Optional[str] = None,
        group_passwords: Optional[Sequence[str]] = None,
        log_unification: Optional[str] = None,
        saml_configuration_sync: Optional[str] = None,
        ssl_protocol: Optional[str] = None,
        status: Optional[str] = None,
        system_csf_id: Optional[str] = None,
        trusted_lists: Optional[Sequence[SystemCsfTrustedListArgs]] = None,
        upstream: Optional[str] = None,
        upstream_confirm: Optional[str] = None,
        upstream_port: Optional[float] = None) -> SystemCsf

func GetSystemCsf(ctx *Context, name string, id IDInput, state *SystemCsfState, opts ...ResourceOption) (*SystemCsf, error)

public static SystemCsf Get(string name, Input<string> id, SystemCsfState? state, CustomResourceOptions? opts = null)

public static SystemCsf get(String name, Output<String> id, SystemCsfState state, CustomResourceOptions options)

resources:  _:    type: fortimanager:SystemCsf    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AcceptAuthByCert string: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
AuthorizationRequestType string: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
Certificate string: Certificate.
ConfigurationSync string: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
DownstreamAccess string: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
DownstreamAccprofile string: Default access profile for requests from downstream devices.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
FabricConnectors List<SystemCsfFabricConnector>: Fabric-Connector. The structure of fabric_connector block is documented below.
FabricObjectUnification string: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
FabricWorkers double: Number of worker processes for Security Fabric daemon.
FileMgmt string: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
FileQuota double: Maximum amount of memory that can be used by the daemon files (in bytes).
FileQuotaWarning double: Warn when the set percentage of quota has been used.
FixedKeys List<string>: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
ForticloudAccountEnforcement string: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
GroupName string: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
GroupPasswords List<string>: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
LogUnification string: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
SamlConfigurationSync string: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
SslProtocol string: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
Status string: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
SystemCsfId string: an identifier for the resource.
TrustedLists List<SystemCsfTrustedList>: Trusted-List. The structure of trusted_list block is documented below.
Upstream string: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
UpstreamConfirm string: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
UpstreamPort double: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

AcceptAuthByCert string: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
AuthorizationRequestType string: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
Certificate string: Certificate.
ConfigurationSync string: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
DownstreamAccess string: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
DownstreamAccprofile string: Default access profile for requests from downstream devices.
DynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
FabricConnectors []SystemCsfFabricConnectorTypeArgs: Fabric-Connector. The structure of fabric_connector block is documented below.
FabricObjectUnification string: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
FabricWorkers float64: Number of worker processes for Security Fabric daemon.
FileMgmt string: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
FileQuota float64: Maximum amount of memory that can be used by the daemon files (in bytes).
FileQuotaWarning float64: Warn when the set percentage of quota has been used.
FixedKeys []string: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
ForticloudAccountEnforcement string: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
GroupName string: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
GroupPasswords []string: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
LogUnification string: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
SamlConfigurationSync string: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
SslProtocol string: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
Status string: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
SystemCsfId string: an identifier for the resource.
TrustedLists []SystemCsfTrustedListTypeArgs: Trusted-List. The structure of trusted_list block is documented below.
Upstream string: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
UpstreamConfirm string: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
UpstreamPort float64: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

acceptAuthByCert String: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
authorizationRequestType String: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
certificate String: Certificate.
configurationSync String: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
downstreamAccess String: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
downstreamAccprofile String: Default access profile for requests from downstream devices.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
fabricConnectors List<SystemCsfFabricConnector>: Fabric-Connector. The structure of fabric_connector block is documented below.
fabricObjectUnification String: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
fabricWorkers Double: Number of worker processes for Security Fabric daemon.
fileMgmt String: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
fileQuota Double: Maximum amount of memory that can be used by the daemon files (in bytes).
fileQuotaWarning Double: Warn when the set percentage of quota has been used.
fixedKeys List<String>: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
forticloudAccountEnforcement String: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
groupName String: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
groupPasswords List<String>: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
logUnification String: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
samlConfigurationSync String: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
sslProtocol String: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
status String: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
systemCsfId String: an identifier for the resource.
trustedLists List<SystemCsfTrustedList>: Trusted-List. The structure of trusted_list block is documented below.
upstream String: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
upstreamConfirm String: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
upstreamPort Double: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

acceptAuthByCert string: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
authorizationRequestType string: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
certificate string: Certificate.
configurationSync string: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
downstreamAccess string: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
downstreamAccprofile string: Default access profile for requests from downstream devices.
dynamicSortSubtable string: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
fabricConnectors SystemCsfFabricConnector[]: Fabric-Connector. The structure of fabric_connector block is documented below.
fabricObjectUnification string: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
fabricWorkers number: Number of worker processes for Security Fabric daemon.
fileMgmt string: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
fileQuota number: Maximum amount of memory that can be used by the daemon files (in bytes).
fileQuotaWarning number: Warn when the set percentage of quota has been used.
fixedKeys string[]: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
forticloudAccountEnforcement string: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
groupName string: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
groupPasswords string[]: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
logUnification string: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
samlConfigurationSync string: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
sslProtocol string: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
status string: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
systemCsfId string: an identifier for the resource.
trustedLists SystemCsfTrustedList[]: Trusted-List. The structure of trusted_list block is documented below.
upstream string: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
upstreamConfirm string: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
upstreamPort number: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

accept_auth_by_cert str: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
authorization_request_type str: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
certificate str: Certificate.
configuration_sync str: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
downstream_access str: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
downstream_accprofile str: Default access profile for requests from downstream devices.
dynamic_sort_subtable str: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
fabric_connectors Sequence[SystemCsfFabricConnectorArgs]: Fabric-Connector. The structure of fabric_connector block is documented below.
fabric_object_unification str: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
fabric_workers float: Number of worker processes for Security Fabric daemon.
file_mgmt str: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
file_quota float: Maximum amount of memory that can be used by the daemon files (in bytes).
file_quota_warning float: Warn when the set percentage of quota has been used.
fixed_keys Sequence[str]: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
forticloud_account_enforcement str: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
group_name str: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
group_passwords Sequence[str]: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
log_unification str: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
saml_configuration_sync str: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
ssl_protocol str: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
status str: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
system_csf_id str: an identifier for the resource.
trusted_lists Sequence[SystemCsfTrustedListArgs]: Trusted-List. The structure of trusted_list block is documented below.
upstream str: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
upstream_confirm str: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
upstream_port float: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

acceptAuthByCert String: Accept connections with unknown certificates and ask admin for approval. disable - Do not accept SSL connections with unknown certificates. enable - Accept SSL connections without automatic certificate verification. Valid values: disable, enable.
authorizationRequestType String: Authorization request type. certificate - Request verification by certificate. serial - Request verification by serial number. Valid values: certificate, serial.
certificate String: Certificate.
configurationSync String: Configuration sync mode. default - Synchronize configuration for IPAM, FortiAnalyzer, FortiSandbox, and Central Management to root node. local - Do not synchronize configuration with root node. Valid values: default, local.
downstreamAccess String: Enable/disable downstream device access to this device's configuration and data. disable - Disable downstream device access to this device's configuration and data. enable - Enable downstream device access to this device's configuration and data. Valid values: disable, enable.
downstreamAccprofile String: Default access profile for requests from downstream devices.
dynamicSortSubtable String: true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
fabricConnectors List<Property Map>: Fabric-Connector. The structure of fabric_connector block is documented below.
fabricObjectUnification String: Fabric CMDB Object Unification. local - Global CMDB objects will not be synchronized to and from this device. default - Global CMDB objects will be synchronized in Security Fabric. Valid values: local, default.
fabricWorkers Number: Number of worker processes for Security Fabric daemon.
fileMgmt String: Enable/disable Security Fabric daemon file management. disable - Disable daemon file management. enable - Enable daemon file management. Valid values: disable, enable.
fileQuota Number: Maximum amount of memory that can be used by the daemon files (in bytes).
fileQuotaWarning Number: Warn when the set percentage of quota has been used.
fixedKeys List<String>: Auto-generated fixed key used when this device is the root. (Will automatically be generated if not set.)
forticloudAccountEnforcement String: Fabric FortiCloud account unification. disable - Disable FortiCloud accound ID matching for Security Fabric. enable - Enable FortiCloud account ID matching for Security Fabric. Valid values: disable, enable.
groupName String: Security Fabric group name. All FortiGates in a Security Fabric must have the same group name.
groupPasswords List<String>: Security Fabric group password. All FortiGates in a Security Fabric must have the same group password.
logUnification String: Enable/disable broadcast of discovery messages for log unification. disable - Disable broadcast of discovery messages for log unification. enable - Enable broadcast of discovery messages for log unification. Valid values: disable, enable.
samlConfigurationSync String: SAML setting configuration synchronization. local - Do not apply SAML configuration generated by root. default - SAML setting for fabric members is created by fabric root. Valid values: local, default.
sslProtocol String: set the lowest SSL protocol version for upstream and downstream connections. follow-global-ssl-protocol - Follow system.global.global-ssl-protocol setting (default). sslv3 - set SSLv3 as the lowest version. tlsv1.0 - set TLSv1.0 as the lowest version. tlsv1.1 - set TLSv1.1 as the lowest version. tlsv1.2 - set TLSv1.2 as the lowest version. tlsv1.3 - set TLSv1.3 as the lowest version. Valid values: follow-global-ssl-protocol, sslv3, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3.
status String: Enable/disable Security Fabric. disable - Disable Security Fabric. enable - Enable Security Fabric. Valid values: disable, enable.
systemCsfId String: an identifier for the resource.
trustedLists List<Property Map>: Trusted-List. The structure of trusted_list block is documented below.
upstream String: IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric.
upstreamConfirm String: Upstream authorization confirm. discover - Discover upstream device's info. confirm - Confirm upstream device's access. Valid values: discover, confirm.
upstreamPort Number: The port number to use to communicate with the FortiGate upstream from this FortiGate in the Security Fabric (default = 8013).

Supporting Types

SystemCsfFabricConnector, SystemCsfFabricConnectorArgs

Accprofile string: Override access profile.
ConfigurationWriteAccess string: Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable, enable.
Serial string: Serial.

Accprofile string: Override access profile.
ConfigurationWriteAccess string: Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable, enable.
Serial string: Serial.

accprofile String: Override access profile.
configurationWriteAccess String: Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable, enable.
serial String: Serial.

accprofile string: Override access profile.
configurationWriteAccess string: Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable, enable.
serial string: Serial.

accprofile str: Override access profile.
configuration_write_access str: Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable, enable.
serial str: Serial.

accprofile String: Override access profile.
configurationWriteAccess String: Enable/disable downstream device write access to configuration. disable - Disable downstream device write access to configuration. enable - Enable downstream device write access to configuration. Valid values: disable, enable.
serial String: Serial.

SystemCsfTrustedList, SystemCsfTrustedListArgs

Action string: Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept, deny.
AuthorizationType string: Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial, certificate.
Certificate string: Certificate.
DownstreamAuthorization string: Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable, enable.
HaMembers string: HA members.
Index double: Index of the downstream in tree.
Name string: Name.
Serial string: Serial.

Action string: Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept, deny.
AuthorizationType string: Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial, certificate.
Certificate string: Certificate.
DownstreamAuthorization string: Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable, enable.
HaMembers string: HA members.
Index float64: Index of the downstream in tree.
Name string: Name.
Serial string: Serial.

action String: Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept, deny.
authorizationType String: Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial, certificate.
certificate String: Certificate.
downstreamAuthorization String: Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable, enable.
haMembers String: HA members.
index Double: Index of the downstream in tree.
name String: Name.
serial String: Serial.

action string: Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept, deny.
authorizationType string: Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial, certificate.
certificate string: Certificate.
downstreamAuthorization string: Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable, enable.
haMembers string: HA members.
index number: Index of the downstream in tree.
name string: Name.
serial string: Serial.

action str: Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept, deny.
authorization_type str: Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial, certificate.
certificate str: Certificate.
downstream_authorization str: Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable, enable.
ha_members str: HA members.
index float: Index of the downstream in tree.
name str: Name.
serial str: Serial.

action String: Security fabric authorization action. accept - Accept authorization request. deny - Deny authorization request. Valid values: accept, deny.
authorizationType String: Authorization type. serial - Verify downstream by serial number. certificate - Verify downstream by certificate. Valid values: serial, certificate.
certificate String: Certificate.
downstreamAuthorization String: Trust authorizations by this node's administrator. disable - Disable downstream authorization. enable - Enable downstream authorization. Valid values: disable, enable.
haMembers String: HA members.
index Number: Index of the downstream in tree.
name String: Name.
serial String: Serial.

Import

System Csf can be imported using any of these accepted formats:

$ export “FORTIMANAGER_IMPORT_TABLE”=“true”

$ pulumi import fortimanager:index/systemCsf:SystemCsf labelname SystemCsf

$ unset “FORTIMANAGER_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortimanager fortinetdev/terraform-provider-fortimanager
License
Notes: This Pulumi package is based on the fortimanager Terraform Provider.

fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev

fortinetdev/terraform-provider-fortimanager

fortimanager.SystemCsf

On this page

On this page

Create SystemCsf Resource

Constructor syntax

Parameters

Constructor example

SystemCsf Resource Properties

Inputs

Outputs

Look up Existing SystemCsf Resource

Supporting Types

SystemCsfFabricConnector, SystemCsfFabricConnectorArgs

SystemCsfTrustedList, SystemCsfTrustedListArgs

Import

Package Details

On this page

On this page