A Terraform script to deploy FortiGate-VM HA (A-P) on GCP.
- Terraform >= 0.12.0
- Terraform Provider for Google Cloud Platform 2.11.0
- Terraform Provider for Google Cloud Platform Beta 2.13
- Terraform Provider for random 2.2.1
- Terraform Provider for template 2.1.2
- A GCP OAuth2 access token
Terraform deploys the following components:
- A Virtual Private Cloud (VPC) with one public subnet
- A VPC with three private subnets
- Two FortiGate-VM instances with four NICs
- Four firewall rules: one for external, one for internal, one for sync, and one for HA management.
To deploy the FortiGate-VM to GCP:
- Clone the repository.
- Obtain a GCP OAuth2 token and input it in the vars.tf file.
- Customize variables in the
vars.tf
file as needed. - Initialize the providers and modules:
$ cd XXXXX $ terraform init
- Submit the Terraform plan:
$ terraform plan
- Verify output.
- Confirm and apply the plan:
$ terraform apply
- If output is satisfactory, type
yes
.
Output will include the information necessary to log in to the FortiGate-VM instances:
FortiGate-HA-Active-MGMT-IP = XXX.XXX.XXX.XXX
FortiGate-HA-Cluster-IP = XXX.XXX.XXX.XXX
FortiGate-HA-Passive-MGMT-IP = XXX.XXX.XXX.XXX
FortiGate-Password = <password here>
FortiGate-Username = admin
To destroy the instance, use the command:
$ terraform destroy
Fortinet-provided scripts in this and other GitHub projects do not fall under the regular Fortinet technical support scope and are not supported by FortiCare Support Services. For direct issues, please refer to the Issues tab of this GitHub project. For other questions related to this project, contact [email protected].
License © Fortinet Technologies. All rights reserved.