cts-agpu
fortinetdev/cts-agpu/fortimanager
Fortinet FortiManager Address, Group and Package Update (AGPU) module for Consul Terraform Sync (CTS) This Terraform module connects to FortiManager and creates Firewall addresses for each Consul service and updates address groups based on service names. Each address group will include all firewall addresses with the service names in variable addrgrp_name_map. Using the module in automation with Consul Terraform Sync will dynamically add or remove service instances from the address group based on Consul service discovery. This way FortiManager will be configured with the dynamically learned services IP addresses and push them to the managed FortiOS/FortiGate devices, thus allowing FortiOS/FortiGate to implement Firewall policies based on dynamically learned service information. Using this
| Name | Type | Description | Default |
|---|---|---|---|
| addrgrp_name_map | map(list(string)) | Map of Firewall Address Group name to services | |
| services | map( object({ id | Consul services monitored by Consul-Terraform-Sync | |
| addrname_sufix | string | (Optional)Sufix added to each address name | "" |
| net_mask | string | (Optional)Net mask for firewall address | "255.255.255.255" |
| package | string | Package name for target device | "default" |
| scopetype | string | (Optional)The scope of application of the resource | "inherit" |
| adom | string | ADOM name | "root" |
| addrname_prefix | string | (Optional)Prefix added to each address name | "" |
| install_package | string | Flag of whether install package to device automatically | "No" |