A Terraform script to deploy FortiGate-VM HA (A-P) on GCP.

• Terraform >= 0.12.0
• Terraform Provider for Google Cloud Platform 2.11.0
• Terraform Provider for Google Cloud Platform Beta 2.13
• Terraform Provider for random 2.2.1
• Terraform Provider for template 2.1.2
• A GCP OAuth2 access token

Terraform deploys the following components:

• A Virtual Private Cloud (VPC) with one public subnet
• A VPC with three private subnets
• Two FortiGate-VM instances with four NICs
• Four firewall rules: one for external, one for internal, one for sync, and one for HA management.

To deploy the FortiGate-VM to GCP:

1. Clone the repository.
2. Obtain a GCP OAuth2 token and input it in the vars.tf file.
3. Customize variables in the vars.tf file as needed.
4. Initialize the providers and modules:

   $ cd XXXXX
   $ terraform init

5. Submit the Terraform plan:

   $ terraform plan

6. Verify output.
7. Confirm and apply the plan:

   $ terraform apply

8. If output is satisfactory, type yes.

Output will include the information necessary to log in to the FortiGate-VM instances:

FortiGate-HA-Active-MGMT-IP = XXX.XXX.XXX.XXX
FortiGate-HA-Cluster-IP = XXX.XXX.XXX.XXX
FortiGate-HA-Passive-MGMT-IP = XXX.XXX.XXX.XXX
FortiGate-Password = <password here>
FortiGate-Username = admin

To destroy the instance, use the command:

$ terraform destroy

Fortinet-provided scripts in this and other GitHub projects do not fall under the regular Fortinet technical support scope and are not supported by FortiCare Support Services. For direct issues, please refer to the Issues tab of this GitHub project. For other questions related to this project, contact [email protected].

License © Fortinet Technologies. All rights reserved.