FortiManager Installation Target by Terraform

fortinetdev / terraform-provider-fortimanager

Mozilla Public License 2.0

11 stars 10 forks source link

FortiManager Installation Target by Terraform #40

Closed Kakakaz75 closed 1 week ago

Kakakaz75 commented 1 year ago

HI All

Sorry if this section are not valide for my problem, but i find a solution

I want to associate a Fortimanager Package to installation Target by Terraform In a fortiManager WebGui, i select Policy-Package->PolicyPackageName->Installation Targets->Edit->Select FortiGate fortimanager_install_targets I using Fortimanager provider on Terraform and I create a Package with fortimanager_packages_pkg, but i not able to associate this package with my Fortigate device.

Do you have any idea? Thanks a lot

Maurizio

jpforcioli commented 1 year ago

Hi,

You can use the fortimanager_packages_pkg fortinet.fortimanager resource.

For instance:

resource "fortimanager_packages_pkg" "ppkg_002" {
  scopetype = "adom"
  adom      = "dc_emea"
  name      = "ppkg_002"
  type      = "pkg"
  scopemember {
    name = "dut_fgt_03"
    vdom = "root"
  }
  scopemember {
    name = "dc_emea_dev_001"
    vdom = "root"
  }  
}

valerioblasi commented 1 year ago

Hi,

You can use the fortimanager_packages_pkg fortinet.fortimanager resource.

For instance:

resource "fortimanager_packages_pkg" "ppkg_002" {
  scopetype = "adom"
  adom      = "dc_emea"
  name      = "ppkg_002"
  type      = "pkg"
  scopemember {
    name = "dut_fgt_03"
    vdom = "root"
  }
  scopemember {
    name = "dc_emea_dev_001"
    vdom = "root"
  }  
}

Hi jpfarcioli, if I create new resource "fortimanager_packages_pkg" where I'd like to insert a new "member" in block "scopemember" without considering other member altready eventually configured with some other resource previously applied, the result of the related apply is that the new member/vdom replace all other members/vdom.

To avoid this I should know all the members/vdom that use my package and insert as many scopemember block as many member/vdom I have but this is not always possible.

There is some flag to add (not replace) a new member without replacing the old member/vdom list?

Thanks Valerio

MaxxLiu22 commented 1 week ago

Hi all,

I apologize for missing the comments. If you have an existing object, it would be advisable to import it using a command like terraform import fortimanager_packages_pkg.ppkg_002 ppkg_002. After that, you can use terraform plan to identify any missing elements in your current Terraform configuration and add them accordingly.

Please note that, at this time, the scope members are managed as a whole by Terraform and cannot be handled individually. If you would like to separate the scope members into individual resources for better management, please let me know.

Thank you for your understanding! I will proceed to close this case due to a lack of recent activity, but feel free to open a new case if you have any questions.

Thanks, Maxx