Using Terraform to deploy a single FortiGate-VM
You can deploy FortiGate-VM using Terraform. In this example, OCI is a Terraform provider, and FortiGate is a Terraform consumer. For details about Terraform, see What is Terraform?
Before using Terraform to deploy a FortiGate-VM, ensure to meet the following prerequisites:
- See Getting Started with the Terraform Provider.
- Prepare a PEM key file for the user to authenticate themselves with the OCI platform.
- Upload the FortiGate-VM image to OCI where you plan to deploy the FortiGate-VM. See To obtain the deployment image file and place it in your bucket:.
The following lists the steps for deploying a FortiGate-VM using Terraform:
To use Terraform to deploy a single FortiGate-VM:
- Prepare Terraform deployment files. There is a sample set of Terraform files available on GitHub. Clone or download the files in the Single-VM-BareMinimum-BYOL directory. This creates a new VCN.
- Select your OS with the Terraform applications. See Terraform Downloads.
- Edit the Terraform variables and config files to suit your environment:
- Change the OCI variables in the terraform.tfvars file. You must know the OCIDs of your tenant, compartment, user, and AD. If using Windows, you do not need to specify the C: drive in paths.
- Change the resource names in the block.tf, compute.tf, network.tf, and variables.tf files. You can modify resources including the following:
- FortiGate-VM hostname
- VCN name
- Network interface, subnet, volume names
- Security list settings. Ensure you open port 443 to allow access to the FortiGate-VM.
- Disk size for the second drive. By default, this is 50 GB.
- Network CIDRs
- Run Terraform:
- Run
terraform.exe init
to initialize the Terraform environment. - Run
terraform.exe plan
.Check the output for newly creating resources. You can add "-out" and an output file to check the output in the file.
- Run
terraform.exe apply
.At the
Enter a value
prompt, enteryes
to continue. Wait about ten minutes for the command to end.
- Run
- In the OCI console, go to the newly created resources. The FortiGate-VM instances and VCN have been created.
- Connect to the FortiGate-VMs. See Accessing the FortiGate-VM.