1. Packages
  2. Fortios
  3. API Docs
  4. system
  5. Ha
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.system.Ha

Explore with Pulumi AI

Configure HA.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";

const trname = new fortios.system.Ha("trname", {
    cpuThreshold: "5 0 0",
    encryption: "disable",
    ftpProxyThreshold: "5 0 0",
    gratuitousArps: "enable",
    groupId: 0,
    haDirect: "disable",
    haEthType: "8890",
    haMgmtStatus: "disable",
    haUptimeDiffMargin: 300,
    hbInterval: 2,
    hbLostThreshold: 20,
    hcEthType: "8891",
    helloHolddown: 20,
    httpProxyThreshold: "5 0 0",
    imapProxyThreshold: "5 0 0",
    interClusterSessionSync: "disable",
    l2epEthType: "8893",
    linkFailedSignal: "disable",
    loadBalanceAll: "disable",
    memoryCompatibleMode: "disable",
    memoryThreshold: "5 0 0",
    mode: "standalone",
    multicastTtl: 600,
    nntpProxyThreshold: "5 0 0",
    override: "disable",
    overrideWaitTime: 0,
    secondaryVcluster: {
        override: "enable",
        overrideWaitTime: 0,
        pingserverFailoverThreshold: 0,
        pingserverSlaveForceReset: "enable",
        priority: 128,
        vclusterId: 1,
    },
    weight: "40 ",
});
Copy
import pulumi
import pulumiverse_fortios as fortios

trname = fortios.system.Ha("trname",
    cpu_threshold="5 0 0",
    encryption="disable",
    ftp_proxy_threshold="5 0 0",
    gratuitous_arps="enable",
    group_id=0,
    ha_direct="disable",
    ha_eth_type="8890",
    ha_mgmt_status="disable",
    ha_uptime_diff_margin=300,
    hb_interval=2,
    hb_lost_threshold=20,
    hc_eth_type="8891",
    hello_holddown=20,
    http_proxy_threshold="5 0 0",
    imap_proxy_threshold="5 0 0",
    inter_cluster_session_sync="disable",
    l2ep_eth_type="8893",
    link_failed_signal="disable",
    load_balance_all="disable",
    memory_compatible_mode="disable",
    memory_threshold="5 0 0",
    mode="standalone",
    multicast_ttl=600,
    nntp_proxy_threshold="5 0 0",
    override="disable",
    override_wait_time=0,
    secondary_vcluster=fortios.system.HaSecondaryVclusterArgs(
        override="enable",
        override_wait_time=0,
        pingserver_failover_threshold=0,
        pingserver_slave_force_reset="enable",
        priority=128,
        vcluster_id=1,
    ),
    weight="40 ")
Copy
package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/system"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := system.NewHa(ctx, "trname", &system.HaArgs{
			CpuThreshold:            pulumi.String("5 0 0"),
			Encryption:              pulumi.String("disable"),
			FtpProxyThreshold:       pulumi.String("5 0 0"),
			GratuitousArps:          pulumi.String("enable"),
			GroupId:                 pulumi.Int(0),
			HaDirect:                pulumi.String("disable"),
			HaEthType:               pulumi.String("8890"),
			HaMgmtStatus:            pulumi.String("disable"),
			HaUptimeDiffMargin:      pulumi.Int(300),
			HbInterval:              pulumi.Int(2),
			HbLostThreshold:         pulumi.Int(20),
			HcEthType:               pulumi.String("8891"),
			HelloHolddown:           pulumi.Int(20),
			HttpProxyThreshold:      pulumi.String("5 0 0"),
			ImapProxyThreshold:      pulumi.String("5 0 0"),
			InterClusterSessionSync: pulumi.String("disable"),
			L2epEthType:             pulumi.String("8893"),
			LinkFailedSignal:        pulumi.String("disable"),
			LoadBalanceAll:          pulumi.String("disable"),
			MemoryCompatibleMode:    pulumi.String("disable"),
			MemoryThreshold:         pulumi.String("5 0 0"),
			Mode:                    pulumi.String("standalone"),
			MulticastTtl:            pulumi.Int(600),
			NntpProxyThreshold:      pulumi.String("5 0 0"),
			Override:                pulumi.String("disable"),
			OverrideWaitTime:        pulumi.Int(0),
			SecondaryVcluster: &system.HaSecondaryVclusterArgs{
				Override:                    pulumi.String("enable"),
				OverrideWaitTime:            pulumi.Int(0),
				PingserverFailoverThreshold: pulumi.Int(0),
				PingserverSlaveForceReset:   pulumi.String("enable"),
				Priority:                    pulumi.Int(128),
				VclusterId:                  pulumi.Int(1),
			},
			Weight: pulumi.String("40 "),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortios.System.Ha("trname", new()
    {
        CpuThreshold = "5 0 0",
        Encryption = "disable",
        FtpProxyThreshold = "5 0 0",
        GratuitousArps = "enable",
        GroupId = 0,
        HaDirect = "disable",
        HaEthType = "8890",
        HaMgmtStatus = "disable",
        HaUptimeDiffMargin = 300,
        HbInterval = 2,
        HbLostThreshold = 20,
        HcEthType = "8891",
        HelloHolddown = 20,
        HttpProxyThreshold = "5 0 0",
        ImapProxyThreshold = "5 0 0",
        InterClusterSessionSync = "disable",
        L2epEthType = "8893",
        LinkFailedSignal = "disable",
        LoadBalanceAll = "disable",
        MemoryCompatibleMode = "disable",
        MemoryThreshold = "5 0 0",
        Mode = "standalone",
        MulticastTtl = 600,
        NntpProxyThreshold = "5 0 0",
        Override = "disable",
        OverrideWaitTime = 0,
        SecondaryVcluster = new Fortios.System.Inputs.HaSecondaryVclusterArgs
        {
            Override = "enable",
            OverrideWaitTime = 0,
            PingserverFailoverThreshold = 0,
            PingserverSlaveForceReset = "enable",
            Priority = 128,
            VclusterId = 1,
        },
        Weight = "40 ",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.system.Ha;
import com.pulumi.fortios.system.HaArgs;
import com.pulumi.fortios.system.inputs.HaSecondaryVclusterArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new Ha("trname", HaArgs.builder()
            .cpuThreshold("5 0 0")
            .encryption("disable")
            .ftpProxyThreshold("5 0 0")
            .gratuitousArps("enable")
            .groupId(0)
            .haDirect("disable")
            .haEthType("8890")
            .haMgmtStatus("disable")
            .haUptimeDiffMargin(300)
            .hbInterval(2)
            .hbLostThreshold(20)
            .hcEthType("8891")
            .helloHolddown(20)
            .httpProxyThreshold("5 0 0")
            .imapProxyThreshold("5 0 0")
            .interClusterSessionSync("disable")
            .l2epEthType("8893")
            .linkFailedSignal("disable")
            .loadBalanceAll("disable")
            .memoryCompatibleMode("disable")
            .memoryThreshold("5 0 0")
            .mode("standalone")
            .multicastTtl(600)
            .nntpProxyThreshold("5 0 0")
            .override("disable")
            .overrideWaitTime(0)
            .secondaryVcluster(HaSecondaryVclusterArgs.builder()
                .override("enable")
                .overrideWaitTime(0)
                .pingserverFailoverThreshold(0)
                .pingserverSlaveForceReset("enable")
                .priority(128)
                .vclusterId(1)
                .build())
            .weight("40 ")
            .build());

    }
}
Copy
resources:
  trname:
    type: fortios:system:Ha
    properties:
      cpuThreshold: 5 0 0
      encryption: disable
      ftpProxyThreshold: 5 0 0
      gratuitousArps: enable
      groupId: 0
      haDirect: disable
      haEthType: '8890'
      haMgmtStatus: disable
      haUptimeDiffMargin: 300
      hbInterval: 2
      hbLostThreshold: 20
      hcEthType: '8891'
      helloHolddown: 20
      httpProxyThreshold: 5 0 0
      imapProxyThreshold: 5 0 0
      interClusterSessionSync: disable
      l2epEthType: '8893'
      linkFailedSignal: disable
      loadBalanceAll: disable
      memoryCompatibleMode: disable
      memoryThreshold: 5 0 0
      mode: standalone
      multicastTtl: 600
      nntpProxyThreshold: 5 0 0
      override: disable
      overrideWaitTime: 0
      secondaryVcluster:
        override: enable
        overrideWaitTime: 0
        pingserverFailoverThreshold: 0
        pingserverSlaveForceReset: enable
        priority: 128
        vclusterId: 1
      weight: '40 '
Copy

Create Ha Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Ha(name: string, args?: HaArgs, opts?: CustomResourceOptions);
@overload
def Ha(resource_name: str,
       args: Optional[HaArgs] = None,
       opts: Optional[ResourceOptions] = None)

@overload
def Ha(resource_name: str,
       opts: Optional[ResourceOptions] = None,
       arps: Optional[int] = None,
       arps_interval: Optional[int] = None,
       authentication: Optional[str] = None,
       cpu_threshold: Optional[str] = None,
       dynamic_sort_subtable: Optional[str] = None,
       encryption: Optional[str] = None,
       evpn_ttl: Optional[int] = None,
       failover_hold_time: Optional[int] = None,
       ftp_proxy_threshold: Optional[str] = None,
       get_all_tables: Optional[str] = None,
       gratuitous_arps: Optional[str] = None,
       group_id: Optional[int] = None,
       group_name: Optional[str] = None,
       ha_direct: Optional[str] = None,
       ha_eth_type: Optional[str] = None,
       ha_mgmt_interfaces: Optional[Sequence[HaHaMgmtInterfaceArgs]] = None,
       ha_mgmt_status: Optional[str] = None,
       ha_uptime_diff_margin: Optional[int] = None,
       hb_interval: Optional[int] = None,
       hb_interval_in_milliseconds: Optional[str] = None,
       hb_lost_threshold: Optional[int] = None,
       hbdev: Optional[str] = None,
       hc_eth_type: Optional[str] = None,
       hello_holddown: Optional[int] = None,
       http_proxy_threshold: Optional[str] = None,
       imap_proxy_threshold: Optional[str] = None,
       inter_cluster_session_sync: Optional[str] = None,
       ipsec_phase2_proposal: Optional[str] = None,
       key: Optional[str] = None,
       l2ep_eth_type: Optional[str] = None,
       link_failed_signal: Optional[str] = None,
       load_balance_all: Optional[str] = None,
       logical_sn: Optional[str] = None,
       memory_based_failover: Optional[str] = None,
       memory_compatible_mode: Optional[str] = None,
       memory_failover_flip_timeout: Optional[int] = None,
       memory_failover_monitor_period: Optional[int] = None,
       memory_failover_sample_rate: Optional[int] = None,
       memory_failover_threshold: Optional[int] = None,
       memory_threshold: Optional[str] = None,
       mode: Optional[str] = None,
       monitor: Optional[str] = None,
       multicast_ttl: Optional[int] = None,
       nntp_proxy_threshold: Optional[str] = None,
       override: Optional[str] = None,
       override_wait_time: Optional[int] = None,
       password: Optional[str] = None,
       pingserver_failover_threshold: Optional[int] = None,
       pingserver_flip_timeout: Optional[int] = None,
       pingserver_monitor_interface: Optional[str] = None,
       pingserver_secondary_force_reset: Optional[str] = None,
       pingserver_slave_force_reset: Optional[str] = None,
       pop3_proxy_threshold: Optional[str] = None,
       priority: Optional[int] = None,
       route_hold: Optional[int] = None,
       route_ttl: Optional[int] = None,
       route_wait: Optional[int] = None,
       schedule: Optional[str] = None,
       secondary_vcluster: Optional[HaSecondaryVclusterArgs] = None,
       session_pickup: Optional[str] = None,
       session_pickup_connectionless: Optional[str] = None,
       session_pickup_delay: Optional[str] = None,
       session_pickup_expectation: Optional[str] = None,
       session_pickup_nat: Optional[str] = None,
       session_sync_dev: Optional[str] = None,
       smtp_proxy_threshold: Optional[str] = None,
       ssd_failover: Optional[str] = None,
       standalone_config_sync: Optional[str] = None,
       standalone_mgmt_vdom: Optional[str] = None,
       sync_config: Optional[str] = None,
       sync_packet_balance: Optional[str] = None,
       unicast_gateway: Optional[str] = None,
       unicast_hb: Optional[str] = None,
       unicast_hb_netmask: Optional[str] = None,
       unicast_hb_peerip: Optional[str] = None,
       unicast_peers: Optional[Sequence[HaUnicastPeerArgs]] = None,
       unicast_status: Optional[str] = None,
       uninterruptible_primary_wait: Optional[int] = None,
       uninterruptible_upgrade: Optional[str] = None,
       upgrade_mode: Optional[str] = None,
       vcluster2: Optional[str] = None,
       vcluster_id: Optional[int] = None,
       vcluster_status: Optional[str] = None,
       vclusters: Optional[Sequence[HaVclusterArgs]] = None,
       vdom: Optional[str] = None,
       vdomparam: Optional[str] = None,
       weight: Optional[str] = None)
func NewHa(ctx *Context, name string, args *HaArgs, opts ...ResourceOption) (*Ha, error)
public Ha(string name, HaArgs? args = null, CustomResourceOptions? opts = null)
public Ha(String name, HaArgs args)
public Ha(String name, HaArgs args, CustomResourceOptions options)
type: fortios:system:Ha
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args HaArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args HaArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args HaArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args HaArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. HaArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var haResource = new Fortios.System.Ha("haResource", new()
{
    Arps = 0,
    ArpsInterval = 0,
    Authentication = "string",
    CpuThreshold = "string",
    DynamicSortSubtable = "string",
    Encryption = "string",
    EvpnTtl = 0,
    FailoverHoldTime = 0,
    FtpProxyThreshold = "string",
    GetAllTables = "string",
    GratuitousArps = "string",
    GroupId = 0,
    GroupName = "string",
    HaDirect = "string",
    HaEthType = "string",
    HaMgmtInterfaces = new[]
    {
        new Fortios.System.Inputs.HaHaMgmtInterfaceArgs
        {
            Dst = "string",
            Gateway = "string",
            Gateway6 = "string",
            Id = 0,
            Interface = "string",
        },
    },
    HaMgmtStatus = "string",
    HaUptimeDiffMargin = 0,
    HbInterval = 0,
    HbIntervalInMilliseconds = "string",
    HbLostThreshold = 0,
    Hbdev = "string",
    HcEthType = "string",
    HelloHolddown = 0,
    HttpProxyThreshold = "string",
    ImapProxyThreshold = "string",
    InterClusterSessionSync = "string",
    IpsecPhase2Proposal = "string",
    Key = "string",
    L2epEthType = "string",
    LinkFailedSignal = "string",
    LoadBalanceAll = "string",
    LogicalSn = "string",
    MemoryBasedFailover = "string",
    MemoryCompatibleMode = "string",
    MemoryFailoverFlipTimeout = 0,
    MemoryFailoverMonitorPeriod = 0,
    MemoryFailoverSampleRate = 0,
    MemoryFailoverThreshold = 0,
    MemoryThreshold = "string",
    Mode = "string",
    Monitor = "string",
    MulticastTtl = 0,
    NntpProxyThreshold = "string",
    Override = "string",
    OverrideWaitTime = 0,
    Password = "string",
    PingserverFailoverThreshold = 0,
    PingserverFlipTimeout = 0,
    PingserverMonitorInterface = "string",
    PingserverSecondaryForceReset = "string",
    PingserverSlaveForceReset = "string",
    Pop3ProxyThreshold = "string",
    Priority = 0,
    RouteHold = 0,
    RouteTtl = 0,
    RouteWait = 0,
    Schedule = "string",
    SecondaryVcluster = new Fortios.System.Inputs.HaSecondaryVclusterArgs
    {
        Monitor = "string",
        Override = "string",
        OverrideWaitTime = 0,
        PingserverFailoverThreshold = 0,
        PingserverMonitorInterface = "string",
        PingserverSecondaryForceReset = "string",
        PingserverSlaveForceReset = "string",
        Priority = 0,
        VclusterId = 0,
        Vdom = "string",
    },
    SessionPickup = "string",
    SessionPickupConnectionless = "string",
    SessionPickupDelay = "string",
    SessionPickupExpectation = "string",
    SessionPickupNat = "string",
    SessionSyncDev = "string",
    SmtpProxyThreshold = "string",
    SsdFailover = "string",
    StandaloneConfigSync = "string",
    StandaloneMgmtVdom = "string",
    SyncConfig = "string",
    SyncPacketBalance = "string",
    UnicastGateway = "string",
    UnicastHb = "string",
    UnicastHbNetmask = "string",
    UnicastHbPeerip = "string",
    UnicastPeers = new[]
    {
        new Fortios.System.Inputs.HaUnicastPeerArgs
        {
            Id = 0,
            PeerIp = "string",
        },
    },
    UnicastStatus = "string",
    UninterruptiblePrimaryWait = 0,
    UninterruptibleUpgrade = "string",
    UpgradeMode = "string",
    Vcluster2 = "string",
    VclusterId = 0,
    VclusterStatus = "string",
    Vclusters = new[]
    {
        new Fortios.System.Inputs.HaVclusterArgs
        {
            Monitor = "string",
            Override = "string",
            OverrideWaitTime = 0,
            PingserverFailoverThreshold = 0,
            PingserverFlipTimeout = 0,
            PingserverMonitorInterface = "string",
            PingserverSecondaryForceReset = "string",
            PingserverSlaveForceReset = "string",
            Priority = 0,
            VclusterId = 0,
            Vdoms = new[]
            {
                new Fortios.System.Inputs.HaVclusterVdomArgs
                {
                    Name = "string",
                },
            },
        },
    },
    Vdom = "string",
    Vdomparam = "string",
    Weight = "string",
});
Copy
example, err := system.NewHa(ctx, "haResource", &system.HaArgs{
	Arps:                pulumi.Int(0),
	ArpsInterval:        pulumi.Int(0),
	Authentication:      pulumi.String("string"),
	CpuThreshold:        pulumi.String("string"),
	DynamicSortSubtable: pulumi.String("string"),
	Encryption:          pulumi.String("string"),
	EvpnTtl:             pulumi.Int(0),
	FailoverHoldTime:    pulumi.Int(0),
	FtpProxyThreshold:   pulumi.String("string"),
	GetAllTables:        pulumi.String("string"),
	GratuitousArps:      pulumi.String("string"),
	GroupId:             pulumi.Int(0),
	GroupName:           pulumi.String("string"),
	HaDirect:            pulumi.String("string"),
	HaEthType:           pulumi.String("string"),
	HaMgmtInterfaces: system.HaHaMgmtInterfaceArray{
		&system.HaHaMgmtInterfaceArgs{
			Dst:       pulumi.String("string"),
			Gateway:   pulumi.String("string"),
			Gateway6:  pulumi.String("string"),
			Id:        pulumi.Int(0),
			Interface: pulumi.String("string"),
		},
	},
	HaMgmtStatus:                  pulumi.String("string"),
	HaUptimeDiffMargin:            pulumi.Int(0),
	HbInterval:                    pulumi.Int(0),
	HbIntervalInMilliseconds:      pulumi.String("string"),
	HbLostThreshold:               pulumi.Int(0),
	Hbdev:                         pulumi.String("string"),
	HcEthType:                     pulumi.String("string"),
	HelloHolddown:                 pulumi.Int(0),
	HttpProxyThreshold:            pulumi.String("string"),
	ImapProxyThreshold:            pulumi.String("string"),
	InterClusterSessionSync:       pulumi.String("string"),
	IpsecPhase2Proposal:           pulumi.String("string"),
	Key:                           pulumi.String("string"),
	L2epEthType:                   pulumi.String("string"),
	LinkFailedSignal:              pulumi.String("string"),
	LoadBalanceAll:                pulumi.String("string"),
	LogicalSn:                     pulumi.String("string"),
	MemoryBasedFailover:           pulumi.String("string"),
	MemoryCompatibleMode:          pulumi.String("string"),
	MemoryFailoverFlipTimeout:     pulumi.Int(0),
	MemoryFailoverMonitorPeriod:   pulumi.Int(0),
	MemoryFailoverSampleRate:      pulumi.Int(0),
	MemoryFailoverThreshold:       pulumi.Int(0),
	MemoryThreshold:               pulumi.String("string"),
	Mode:                          pulumi.String("string"),
	Monitor:                       pulumi.String("string"),
	MulticastTtl:                  pulumi.Int(0),
	NntpProxyThreshold:            pulumi.String("string"),
	Override:                      pulumi.String("string"),
	OverrideWaitTime:              pulumi.Int(0),
	Password:                      pulumi.String("string"),
	PingserverFailoverThreshold:   pulumi.Int(0),
	PingserverFlipTimeout:         pulumi.Int(0),
	PingserverMonitorInterface:    pulumi.String("string"),
	PingserverSecondaryForceReset: pulumi.String("string"),
	PingserverSlaveForceReset:     pulumi.String("string"),
	Pop3ProxyThreshold:            pulumi.String("string"),
	Priority:                      pulumi.Int(0),
	RouteHold:                     pulumi.Int(0),
	RouteTtl:                      pulumi.Int(0),
	RouteWait:                     pulumi.Int(0),
	Schedule:                      pulumi.String("string"),
	SecondaryVcluster: &system.HaSecondaryVclusterArgs{
		Monitor:                       pulumi.String("string"),
		Override:                      pulumi.String("string"),
		OverrideWaitTime:              pulumi.Int(0),
		PingserverFailoverThreshold:   pulumi.Int(0),
		PingserverMonitorInterface:    pulumi.String("string"),
		PingserverSecondaryForceReset: pulumi.String("string"),
		PingserverSlaveForceReset:     pulumi.String("string"),
		Priority:                      pulumi.Int(0),
		VclusterId:                    pulumi.Int(0),
		Vdom:                          pulumi.String("string"),
	},
	SessionPickup:               pulumi.String("string"),
	SessionPickupConnectionless: pulumi.String("string"),
	SessionPickupDelay:          pulumi.String("string"),
	SessionPickupExpectation:    pulumi.String("string"),
	SessionPickupNat:            pulumi.String("string"),
	SessionSyncDev:              pulumi.String("string"),
	SmtpProxyThreshold:          pulumi.String("string"),
	SsdFailover:                 pulumi.String("string"),
	StandaloneConfigSync:        pulumi.String("string"),
	StandaloneMgmtVdom:          pulumi.String("string"),
	SyncConfig:                  pulumi.String("string"),
	SyncPacketBalance:           pulumi.String("string"),
	UnicastGateway:              pulumi.String("string"),
	UnicastHb:                   pulumi.String("string"),
	UnicastHbNetmask:            pulumi.String("string"),
	UnicastHbPeerip:             pulumi.String("string"),
	UnicastPeers: system.HaUnicastPeerArray{
		&system.HaUnicastPeerArgs{
			Id:     pulumi.Int(0),
			PeerIp: pulumi.String("string"),
		},
	},
	UnicastStatus:              pulumi.String("string"),
	UninterruptiblePrimaryWait: pulumi.Int(0),
	UninterruptibleUpgrade:     pulumi.String("string"),
	UpgradeMode:                pulumi.String("string"),
	Vcluster2:                  pulumi.String("string"),
	VclusterId:                 pulumi.Int(0),
	VclusterStatus:             pulumi.String("string"),
	Vclusters: system.HaVclusterArray{
		&system.HaVclusterArgs{
			Monitor:                       pulumi.String("string"),
			Override:                      pulumi.String("string"),
			OverrideWaitTime:              pulumi.Int(0),
			PingserverFailoverThreshold:   pulumi.Int(0),
			PingserverFlipTimeout:         pulumi.Int(0),
			PingserverMonitorInterface:    pulumi.String("string"),
			PingserverSecondaryForceReset: pulumi.String("string"),
			PingserverSlaveForceReset:     pulumi.String("string"),
			Priority:                      pulumi.Int(0),
			VclusterId:                    pulumi.Int(0),
			Vdoms: system.HaVclusterVdomArray{
				&system.HaVclusterVdomArgs{
					Name: pulumi.String("string"),
				},
			},
		},
	},
	Vdom:      pulumi.String("string"),
	Vdomparam: pulumi.String("string"),
	Weight:    pulumi.String("string"),
})
Copy
var haResource = new Ha("haResource", HaArgs.builder()
    .arps(0)
    .arpsInterval(0)
    .authentication("string")
    .cpuThreshold("string")
    .dynamicSortSubtable("string")
    .encryption("string")
    .evpnTtl(0)
    .failoverHoldTime(0)
    .ftpProxyThreshold("string")
    .getAllTables("string")
    .gratuitousArps("string")
    .groupId(0)
    .groupName("string")
    .haDirect("string")
    .haEthType("string")
    .haMgmtInterfaces(HaHaMgmtInterfaceArgs.builder()
        .dst("string")
        .gateway("string")
        .gateway6("string")
        .id(0)
        .interface_("string")
        .build())
    .haMgmtStatus("string")
    .haUptimeDiffMargin(0)
    .hbInterval(0)
    .hbIntervalInMilliseconds("string")
    .hbLostThreshold(0)
    .hbdev("string")
    .hcEthType("string")
    .helloHolddown(0)
    .httpProxyThreshold("string")
    .imapProxyThreshold("string")
    .interClusterSessionSync("string")
    .ipsecPhase2Proposal("string")
    .key("string")
    .l2epEthType("string")
    .linkFailedSignal("string")
    .loadBalanceAll("string")
    .logicalSn("string")
    .memoryBasedFailover("string")
    .memoryCompatibleMode("string")
    .memoryFailoverFlipTimeout(0)
    .memoryFailoverMonitorPeriod(0)
    .memoryFailoverSampleRate(0)
    .memoryFailoverThreshold(0)
    .memoryThreshold("string")
    .mode("string")
    .monitor("string")
    .multicastTtl(0)
    .nntpProxyThreshold("string")
    .override("string")
    .overrideWaitTime(0)
    .password("string")
    .pingserverFailoverThreshold(0)
    .pingserverFlipTimeout(0)
    .pingserverMonitorInterface("string")
    .pingserverSecondaryForceReset("string")
    .pingserverSlaveForceReset("string")
    .pop3ProxyThreshold("string")
    .priority(0)
    .routeHold(0)
    .routeTtl(0)
    .routeWait(0)
    .schedule("string")
    .secondaryVcluster(HaSecondaryVclusterArgs.builder()
        .monitor("string")
        .override("string")
        .overrideWaitTime(0)
        .pingserverFailoverThreshold(0)
        .pingserverMonitorInterface("string")
        .pingserverSecondaryForceReset("string")
        .pingserverSlaveForceReset("string")
        .priority(0)
        .vclusterId(0)
        .vdom("string")
        .build())
    .sessionPickup("string")
    .sessionPickupConnectionless("string")
    .sessionPickupDelay("string")
    .sessionPickupExpectation("string")
    .sessionPickupNat("string")
    .sessionSyncDev("string")
    .smtpProxyThreshold("string")
    .ssdFailover("string")
    .standaloneConfigSync("string")
    .standaloneMgmtVdom("string")
    .syncConfig("string")
    .syncPacketBalance("string")
    .unicastGateway("string")
    .unicastHb("string")
    .unicastHbNetmask("string")
    .unicastHbPeerip("string")
    .unicastPeers(HaUnicastPeerArgs.builder()
        .id(0)
        .peerIp("string")
        .build())
    .unicastStatus("string")
    .uninterruptiblePrimaryWait(0)
    .uninterruptibleUpgrade("string")
    .upgradeMode("string")
    .vcluster2("string")
    .vclusterId(0)
    .vclusterStatus("string")
    .vclusters(HaVclusterArgs.builder()
        .monitor("string")
        .override("string")
        .overrideWaitTime(0)
        .pingserverFailoverThreshold(0)
        .pingserverFlipTimeout(0)
        .pingserverMonitorInterface("string")
        .pingserverSecondaryForceReset("string")
        .pingserverSlaveForceReset("string")
        .priority(0)
        .vclusterId(0)
        .vdoms(HaVclusterVdomArgs.builder()
            .name("string")
            .build())
        .build())
    .vdom("string")
    .vdomparam("string")
    .weight("string")
    .build());
Copy
ha_resource = fortios.system.Ha("haResource",
    arps=0,
    arps_interval=0,
    authentication="string",
    cpu_threshold="string",
    dynamic_sort_subtable="string",
    encryption="string",
    evpn_ttl=0,
    failover_hold_time=0,
    ftp_proxy_threshold="string",
    get_all_tables="string",
    gratuitous_arps="string",
    group_id=0,
    group_name="string",
    ha_direct="string",
    ha_eth_type="string",
    ha_mgmt_interfaces=[{
        "dst": "string",
        "gateway": "string",
        "gateway6": "string",
        "id": 0,
        "interface": "string",
    }],
    ha_mgmt_status="string",
    ha_uptime_diff_margin=0,
    hb_interval=0,
    hb_interval_in_milliseconds="string",
    hb_lost_threshold=0,
    hbdev="string",
    hc_eth_type="string",
    hello_holddown=0,
    http_proxy_threshold="string",
    imap_proxy_threshold="string",
    inter_cluster_session_sync="string",
    ipsec_phase2_proposal="string",
    key="string",
    l2ep_eth_type="string",
    link_failed_signal="string",
    load_balance_all="string",
    logical_sn="string",
    memory_based_failover="string",
    memory_compatible_mode="string",
    memory_failover_flip_timeout=0,
    memory_failover_monitor_period=0,
    memory_failover_sample_rate=0,
    memory_failover_threshold=0,
    memory_threshold="string",
    mode="string",
    monitor="string",
    multicast_ttl=0,
    nntp_proxy_threshold="string",
    override="string",
    override_wait_time=0,
    password="string",
    pingserver_failover_threshold=0,
    pingserver_flip_timeout=0,
    pingserver_monitor_interface="string",
    pingserver_secondary_force_reset="string",
    pingserver_slave_force_reset="string",
    pop3_proxy_threshold="string",
    priority=0,
    route_hold=0,
    route_ttl=0,
    route_wait=0,
    schedule="string",
    secondary_vcluster={
        "monitor": "string",
        "override": "string",
        "override_wait_time": 0,
        "pingserver_failover_threshold": 0,
        "pingserver_monitor_interface": "string",
        "pingserver_secondary_force_reset": "string",
        "pingserver_slave_force_reset": "string",
        "priority": 0,
        "vcluster_id": 0,
        "vdom": "string",
    },
    session_pickup="string",
    session_pickup_connectionless="string",
    session_pickup_delay="string",
    session_pickup_expectation="string",
    session_pickup_nat="string",
    session_sync_dev="string",
    smtp_proxy_threshold="string",
    ssd_failover="string",
    standalone_config_sync="string",
    standalone_mgmt_vdom="string",
    sync_config="string",
    sync_packet_balance="string",
    unicast_gateway="string",
    unicast_hb="string",
    unicast_hb_netmask="string",
    unicast_hb_peerip="string",
    unicast_peers=[{
        "id": 0,
        "peer_ip": "string",
    }],
    unicast_status="string",
    uninterruptible_primary_wait=0,
    uninterruptible_upgrade="string",
    upgrade_mode="string",
    vcluster2="string",
    vcluster_id=0,
    vcluster_status="string",
    vclusters=[{
        "monitor": "string",
        "override": "string",
        "override_wait_time": 0,
        "pingserver_failover_threshold": 0,
        "pingserver_flip_timeout": 0,
        "pingserver_monitor_interface": "string",
        "pingserver_secondary_force_reset": "string",
        "pingserver_slave_force_reset": "string",
        "priority": 0,
        "vcluster_id": 0,
        "vdoms": [{
            "name": "string",
        }],
    }],
    vdom="string",
    vdomparam="string",
    weight="string")
Copy
const haResource = new fortios.system.Ha("haResource", {
    arps: 0,
    arpsInterval: 0,
    authentication: "string",
    cpuThreshold: "string",
    dynamicSortSubtable: "string",
    encryption: "string",
    evpnTtl: 0,
    failoverHoldTime: 0,
    ftpProxyThreshold: "string",
    getAllTables: "string",
    gratuitousArps: "string",
    groupId: 0,
    groupName: "string",
    haDirect: "string",
    haEthType: "string",
    haMgmtInterfaces: [{
        dst: "string",
        gateway: "string",
        gateway6: "string",
        id: 0,
        "interface": "string",
    }],
    haMgmtStatus: "string",
    haUptimeDiffMargin: 0,
    hbInterval: 0,
    hbIntervalInMilliseconds: "string",
    hbLostThreshold: 0,
    hbdev: "string",
    hcEthType: "string",
    helloHolddown: 0,
    httpProxyThreshold: "string",
    imapProxyThreshold: "string",
    interClusterSessionSync: "string",
    ipsecPhase2Proposal: "string",
    key: "string",
    l2epEthType: "string",
    linkFailedSignal: "string",
    loadBalanceAll: "string",
    logicalSn: "string",
    memoryBasedFailover: "string",
    memoryCompatibleMode: "string",
    memoryFailoverFlipTimeout: 0,
    memoryFailoverMonitorPeriod: 0,
    memoryFailoverSampleRate: 0,
    memoryFailoverThreshold: 0,
    memoryThreshold: "string",
    mode: "string",
    monitor: "string",
    multicastTtl: 0,
    nntpProxyThreshold: "string",
    override: "string",
    overrideWaitTime: 0,
    password: "string",
    pingserverFailoverThreshold: 0,
    pingserverFlipTimeout: 0,
    pingserverMonitorInterface: "string",
    pingserverSecondaryForceReset: "string",
    pingserverSlaveForceReset: "string",
    pop3ProxyThreshold: "string",
    priority: 0,
    routeHold: 0,
    routeTtl: 0,
    routeWait: 0,
    schedule: "string",
    secondaryVcluster: {
        monitor: "string",
        override: "string",
        overrideWaitTime: 0,
        pingserverFailoverThreshold: 0,
        pingserverMonitorInterface: "string",
        pingserverSecondaryForceReset: "string",
        pingserverSlaveForceReset: "string",
        priority: 0,
        vclusterId: 0,
        vdom: "string",
    },
    sessionPickup: "string",
    sessionPickupConnectionless: "string",
    sessionPickupDelay: "string",
    sessionPickupExpectation: "string",
    sessionPickupNat: "string",
    sessionSyncDev: "string",
    smtpProxyThreshold: "string",
    ssdFailover: "string",
    standaloneConfigSync: "string",
    standaloneMgmtVdom: "string",
    syncConfig: "string",
    syncPacketBalance: "string",
    unicastGateway: "string",
    unicastHb: "string",
    unicastHbNetmask: "string",
    unicastHbPeerip: "string",
    unicastPeers: [{
        id: 0,
        peerIp: "string",
    }],
    unicastStatus: "string",
    uninterruptiblePrimaryWait: 0,
    uninterruptibleUpgrade: "string",
    upgradeMode: "string",
    vcluster2: "string",
    vclusterId: 0,
    vclusterStatus: "string",
    vclusters: [{
        monitor: "string",
        override: "string",
        overrideWaitTime: 0,
        pingserverFailoverThreshold: 0,
        pingserverFlipTimeout: 0,
        pingserverMonitorInterface: "string",
        pingserverSecondaryForceReset: "string",
        pingserverSlaveForceReset: "string",
        priority: 0,
        vclusterId: 0,
        vdoms: [{
            name: "string",
        }],
    }],
    vdom: "string",
    vdomparam: "string",
    weight: "string",
});
Copy
type: fortios:system:Ha
properties:
    arps: 0
    arpsInterval: 0
    authentication: string
    cpuThreshold: string
    dynamicSortSubtable: string
    encryption: string
    evpnTtl: 0
    failoverHoldTime: 0
    ftpProxyThreshold: string
    getAllTables: string
    gratuitousArps: string
    groupId: 0
    groupName: string
    haDirect: string
    haEthType: string
    haMgmtInterfaces:
        - dst: string
          gateway: string
          gateway6: string
          id: 0
          interface: string
    haMgmtStatus: string
    haUptimeDiffMargin: 0
    hbInterval: 0
    hbIntervalInMilliseconds: string
    hbLostThreshold: 0
    hbdev: string
    hcEthType: string
    helloHolddown: 0
    httpProxyThreshold: string
    imapProxyThreshold: string
    interClusterSessionSync: string
    ipsecPhase2Proposal: string
    key: string
    l2epEthType: string
    linkFailedSignal: string
    loadBalanceAll: string
    logicalSn: string
    memoryBasedFailover: string
    memoryCompatibleMode: string
    memoryFailoverFlipTimeout: 0
    memoryFailoverMonitorPeriod: 0
    memoryFailoverSampleRate: 0
    memoryFailoverThreshold: 0
    memoryThreshold: string
    mode: string
    monitor: string
    multicastTtl: 0
    nntpProxyThreshold: string
    override: string
    overrideWaitTime: 0
    password: string
    pingserverFailoverThreshold: 0
    pingserverFlipTimeout: 0
    pingserverMonitorInterface: string
    pingserverSecondaryForceReset: string
    pingserverSlaveForceReset: string
    pop3ProxyThreshold: string
    priority: 0
    routeHold: 0
    routeTtl: 0
    routeWait: 0
    schedule: string
    secondaryVcluster:
        monitor: string
        override: string
        overrideWaitTime: 0
        pingserverFailoverThreshold: 0
        pingserverMonitorInterface: string
        pingserverSecondaryForceReset: string
        pingserverSlaveForceReset: string
        priority: 0
        vclusterId: 0
        vdom: string
    sessionPickup: string
    sessionPickupConnectionless: string
    sessionPickupDelay: string
    sessionPickupExpectation: string
    sessionPickupNat: string
    sessionSyncDev: string
    smtpProxyThreshold: string
    ssdFailover: string
    standaloneConfigSync: string
    standaloneMgmtVdom: string
    syncConfig: string
    syncPacketBalance: string
    unicastGateway: string
    unicastHb: string
    unicastHbNetmask: string
    unicastHbPeerip: string
    unicastPeers:
        - id: 0
          peerIp: string
    unicastStatus: string
    uninterruptiblePrimaryWait: 0
    uninterruptibleUpgrade: string
    upgradeMode: string
    vcluster2: string
    vclusterId: 0
    vclusterStatus: string
    vclusters:
        - monitor: string
          override: string
          overrideWaitTime: 0
          pingserverFailoverThreshold: 0
          pingserverFlipTimeout: 0
          pingserverMonitorInterface: string
          pingserverSecondaryForceReset: string
          pingserverSlaveForceReset: string
          priority: 0
          vclusterId: 0
          vdoms:
            - name: string
    vdom: string
    vdomparam: string
    weight: string
Copy

Ha Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Ha resource accepts the following input properties:

Arps int
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
ArpsInterval int
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
Authentication string
Enable/disable heartbeat message authentication. Valid values: enable, disable.
CpuThreshold string
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
DynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
Encryption string
Enable/disable heartbeat message encryption. Valid values: enable, disable.
EvpnTtl int
HA EVPN FDB TTL on primary box (5 - 3600 sec).
FailoverHoldTime int
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
FtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
GetAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
GratuitousArps string
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
GroupId int
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
GroupName string
Cluster group name. Must be the same for all members.
HaDirect string
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
HaEthType string
HA heartbeat packet Ethertype (4-digit hex).
HaMgmtInterfaces List<Pulumiverse.Fortios.System.Inputs.HaHaMgmtInterface>
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
HaMgmtStatus string
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
HaUptimeDiffMargin int
Normally you would only reduce this value for failover testing.
HbInterval int
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
HbIntervalInMilliseconds string
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
HbLostThreshold int
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
Hbdev string
Heartbeat interfaces. Must be the same for all members.
HcEthType string
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
HelloHolddown int
Time to wait before changing from hello to work state (5 - 300 sec).
HttpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
ImapProxyThreshold string
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
InterClusterSessionSync string
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
IpsecPhase2Proposal string
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
Key string
key
L2epEthType string
Telnet session HA heartbeat packet Ethertype (4-digit hex).
LinkFailedSignal string
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
LoadBalanceAll string
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
LogicalSn string
Enable/disable usage of the logical serial number. Valid values: enable, disable.
MemoryBasedFailover string
Enable/disable memory based failover. Valid values: enable, disable.
MemoryCompatibleMode string
Enable/disable memory compatible mode. Valid values: enable, disable.
MemoryFailoverFlipTimeout int
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
MemoryFailoverMonitorPeriod int
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
MemoryFailoverSampleRate int
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
MemoryFailoverThreshold int
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
MemoryThreshold string
Dynamic weighted load balancing memory usage weight and high and low thresholds.
Mode string
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
Monitor string
Interfaces to check for port monitoring (or link failure).
MulticastTtl int
HA multicast TTL on primary (5 - 3600 sec).
NntpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
Override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
OverrideWaitTime int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
Password string
Cluster password. Must be the same for all members.
PingserverFailoverThreshold int
Remote IP monitoring failover threshold (0 - 50).
PingserverFlipTimeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
PingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
PingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
PingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
Pop3ProxyThreshold string
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
Priority int
Increase the priority to select the primary unit (0 - 255).
RouteHold int
Time to wait between routing table updates to the cluster (0 - 3600 sec).
RouteTtl int
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
RouteWait int
Time to wait before sending new routes to the cluster (0 - 3600 sec).
Schedule string
Type of A-A load balancing. Use none if you have external load balancers.
SecondaryVcluster Pulumiverse.Fortios.System.Inputs.HaSecondaryVcluster
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
SessionPickup string
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
SessionPickupConnectionless string
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
SessionPickupDelay string
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
SessionPickupExpectation string
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
SessionPickupNat string
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
SessionSyncDev string
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
SmtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
SsdFailover string
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
StandaloneConfigSync string
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
StandaloneMgmtVdom string
Enable/disable standalone management VDOM. Valid values: enable, disable.
SyncConfig string
Enable/disable configuration synchronization. Valid values: enable, disable.
SyncPacketBalance string
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
UnicastGateway string
Default route gateway for unicast interface.
UnicastHb string
Enable/disable unicast heartbeat. Valid values: enable, disable.
UnicastHbNetmask string
Unicast heartbeat netmask.
UnicastHbPeerip string
Unicast heartbeat peer IP.
UnicastPeers List<Pulumiverse.Fortios.System.Inputs.HaUnicastPeer>
Number of unicast peers. The structure of unicast_peers block is documented below.
UnicastStatus string
Enable/disable unicast connection. Valid values: enable, disable.
UninterruptiblePrimaryWait int
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
UninterruptibleUpgrade string
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
UpgradeMode string
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
Vcluster2 string
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
VclusterId int
Cluster ID.
VclusterStatus string
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
Vclusters List<Pulumiverse.Fortios.System.Inputs.HaVcluster>
Virtual cluster table. The structure of vcluster block is documented below.
Vdom string
VDOMs in virtual cluster 1.
Vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Weight string
Weight-round-robin weight for each cluster unit. Syntax .
Arps int
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
ArpsInterval int
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
Authentication string
Enable/disable heartbeat message authentication. Valid values: enable, disable.
CpuThreshold string
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
DynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
Encryption string
Enable/disable heartbeat message encryption. Valid values: enable, disable.
EvpnTtl int
HA EVPN FDB TTL on primary box (5 - 3600 sec).
FailoverHoldTime int
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
FtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
GetAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
GratuitousArps string
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
GroupId int
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
GroupName string
Cluster group name. Must be the same for all members.
HaDirect string
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
HaEthType string
HA heartbeat packet Ethertype (4-digit hex).
HaMgmtInterfaces []HaHaMgmtInterfaceArgs
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
HaMgmtStatus string
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
HaUptimeDiffMargin int
Normally you would only reduce this value for failover testing.
HbInterval int
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
HbIntervalInMilliseconds string
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
HbLostThreshold int
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
Hbdev string
Heartbeat interfaces. Must be the same for all members.
HcEthType string
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
HelloHolddown int
Time to wait before changing from hello to work state (5 - 300 sec).
HttpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
ImapProxyThreshold string
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
InterClusterSessionSync string
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
IpsecPhase2Proposal string
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
Key string
key
L2epEthType string
Telnet session HA heartbeat packet Ethertype (4-digit hex).
LinkFailedSignal string
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
LoadBalanceAll string
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
LogicalSn string
Enable/disable usage of the logical serial number. Valid values: enable, disable.
MemoryBasedFailover string
Enable/disable memory based failover. Valid values: enable, disable.
MemoryCompatibleMode string
Enable/disable memory compatible mode. Valid values: enable, disable.
MemoryFailoverFlipTimeout int
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
MemoryFailoverMonitorPeriod int
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
MemoryFailoverSampleRate int
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
MemoryFailoverThreshold int
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
MemoryThreshold string
Dynamic weighted load balancing memory usage weight and high and low thresholds.
Mode string
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
Monitor string
Interfaces to check for port monitoring (or link failure).
MulticastTtl int
HA multicast TTL on primary (5 - 3600 sec).
NntpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
Override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
OverrideWaitTime int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
Password string
Cluster password. Must be the same for all members.
PingserverFailoverThreshold int
Remote IP monitoring failover threshold (0 - 50).
PingserverFlipTimeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
PingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
PingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
PingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
Pop3ProxyThreshold string
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
Priority int
Increase the priority to select the primary unit (0 - 255).
RouteHold int
Time to wait between routing table updates to the cluster (0 - 3600 sec).
RouteTtl int
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
RouteWait int
Time to wait before sending new routes to the cluster (0 - 3600 sec).
Schedule string
Type of A-A load balancing. Use none if you have external load balancers.
SecondaryVcluster HaSecondaryVclusterArgs
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
SessionPickup string
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
SessionPickupConnectionless string
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
SessionPickupDelay string
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
SessionPickupExpectation string
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
SessionPickupNat string
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
SessionSyncDev string
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
SmtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
SsdFailover string
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
StandaloneConfigSync string
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
StandaloneMgmtVdom string
Enable/disable standalone management VDOM. Valid values: enable, disable.
SyncConfig string
Enable/disable configuration synchronization. Valid values: enable, disable.
SyncPacketBalance string
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
UnicastGateway string
Default route gateway for unicast interface.
UnicastHb string
Enable/disable unicast heartbeat. Valid values: enable, disable.
UnicastHbNetmask string
Unicast heartbeat netmask.
UnicastHbPeerip string
Unicast heartbeat peer IP.
UnicastPeers []HaUnicastPeerArgs
Number of unicast peers. The structure of unicast_peers block is documented below.
UnicastStatus string
Enable/disable unicast connection. Valid values: enable, disable.
UninterruptiblePrimaryWait int
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
UninterruptibleUpgrade string
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
UpgradeMode string
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
Vcluster2 string
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
VclusterId int
Cluster ID.
VclusterStatus string
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
Vclusters []HaVclusterArgs
Virtual cluster table. The structure of vcluster block is documented below.
Vdom string
VDOMs in virtual cluster 1.
Vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Weight string
Weight-round-robin weight for each cluster unit. Syntax .
arps Integer
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
arpsInterval Integer
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
authentication String
Enable/disable heartbeat message authentication. Valid values: enable, disable.
cpuThreshold String
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
dynamicSortSubtable String
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
encryption String
Enable/disable heartbeat message encryption. Valid values: enable, disable.
evpnTtl Integer
HA EVPN FDB TTL on primary box (5 - 3600 sec).
failoverHoldTime Integer
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
ftpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
getAllTables String
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
gratuitousArps String
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
groupId Integer
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
groupName String
Cluster group name. Must be the same for all members.
haDirect String
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
haEthType String
HA heartbeat packet Ethertype (4-digit hex).
haMgmtInterfaces List<HaHaMgmtInterface>
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
haMgmtStatus String
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
haUptimeDiffMargin Integer
Normally you would only reduce this value for failover testing.
hbInterval Integer
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
hbIntervalInMilliseconds String
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
hbLostThreshold Integer
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
hbdev String
Heartbeat interfaces. Must be the same for all members.
hcEthType String
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
helloHolddown Integer
Time to wait before changing from hello to work state (5 - 300 sec).
httpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
imapProxyThreshold String
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
interClusterSessionSync String
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
ipsecPhase2Proposal String
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
key String
key
l2epEthType String
Telnet session HA heartbeat packet Ethertype (4-digit hex).
linkFailedSignal String
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
loadBalanceAll String
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
logicalSn String
Enable/disable usage of the logical serial number. Valid values: enable, disable.
memoryBasedFailover String
Enable/disable memory based failover. Valid values: enable, disable.
memoryCompatibleMode String
Enable/disable memory compatible mode. Valid values: enable, disable.
memoryFailoverFlipTimeout Integer
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
memoryFailoverMonitorPeriod Integer
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
memoryFailoverSampleRate Integer
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
memoryFailoverThreshold Integer
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
memoryThreshold String
Dynamic weighted load balancing memory usage weight and high and low thresholds.
mode String
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
monitor String
Interfaces to check for port monitoring (or link failure).
multicastTtl Integer
HA multicast TTL on primary (5 - 3600 sec).
nntpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
override String
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime Integer
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
password String
Cluster password. Must be the same for all members.
pingserverFailoverThreshold Integer
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout Integer
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface String
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pop3ProxyThreshold String
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
priority Integer
Increase the priority to select the primary unit (0 - 255).
routeHold Integer
Time to wait between routing table updates to the cluster (0 - 3600 sec).
routeTtl Integer
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
routeWait Integer
Time to wait before sending new routes to the cluster (0 - 3600 sec).
schedule String
Type of A-A load balancing. Use none if you have external load balancers.
secondaryVcluster HaSecondaryVcluster
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
sessionPickup String
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
sessionPickupConnectionless String
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
sessionPickupDelay String
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
sessionPickupExpectation String
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
sessionPickupNat String
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
sessionSyncDev String
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
smtpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
ssdFailover String
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
standaloneConfigSync String
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
standaloneMgmtVdom String
Enable/disable standalone management VDOM. Valid values: enable, disable.
syncConfig String
Enable/disable configuration synchronization. Valid values: enable, disable.
syncPacketBalance String
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
unicastGateway String
Default route gateway for unicast interface.
unicastHb String
Enable/disable unicast heartbeat. Valid values: enable, disable.
unicastHbNetmask String
Unicast heartbeat netmask.
unicastHbPeerip String
Unicast heartbeat peer IP.
unicastPeers List<HaUnicastPeer>
Number of unicast peers. The structure of unicast_peers block is documented below.
unicastStatus String
Enable/disable unicast connection. Valid values: enable, disable.
uninterruptiblePrimaryWait Integer
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
uninterruptibleUpgrade String
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
upgradeMode String
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
vcluster2 String
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
vclusterId Integer
Cluster ID.
vclusterStatus String
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
vclusters List<HaVcluster>
Virtual cluster table. The structure of vcluster block is documented below.
vdom String
VDOMs in virtual cluster 1.
vdomparam Changes to this property will trigger replacement. String
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
weight String
Weight-round-robin weight for each cluster unit. Syntax .
arps number
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
arpsInterval number
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
authentication string
Enable/disable heartbeat message authentication. Valid values: enable, disable.
cpuThreshold string
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
dynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
encryption string
Enable/disable heartbeat message encryption. Valid values: enable, disable.
evpnTtl number
HA EVPN FDB TTL on primary box (5 - 3600 sec).
failoverHoldTime number
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
ftpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
getAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
gratuitousArps string
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
groupId number
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
groupName string
Cluster group name. Must be the same for all members.
haDirect string
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
haEthType string
HA heartbeat packet Ethertype (4-digit hex).
haMgmtInterfaces HaHaMgmtInterface[]
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
haMgmtStatus string
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
haUptimeDiffMargin number
Normally you would only reduce this value for failover testing.
hbInterval number
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
hbIntervalInMilliseconds string
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
hbLostThreshold number
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
hbdev string
Heartbeat interfaces. Must be the same for all members.
hcEthType string
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
helloHolddown number
Time to wait before changing from hello to work state (5 - 300 sec).
httpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
imapProxyThreshold string
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
interClusterSessionSync string
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
ipsecPhase2Proposal string
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
key string
key
l2epEthType string
Telnet session HA heartbeat packet Ethertype (4-digit hex).
linkFailedSignal string
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
loadBalanceAll string
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
logicalSn string
Enable/disable usage of the logical serial number. Valid values: enable, disable.
memoryBasedFailover string
Enable/disable memory based failover. Valid values: enable, disable.
memoryCompatibleMode string
Enable/disable memory compatible mode. Valid values: enable, disable.
memoryFailoverFlipTimeout number
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
memoryFailoverMonitorPeriod number
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
memoryFailoverSampleRate number
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
memoryFailoverThreshold number
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
memoryThreshold string
Dynamic weighted load balancing memory usage weight and high and low thresholds.
mode string
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
monitor string
Interfaces to check for port monitoring (or link failure).
multicastTtl number
HA multicast TTL on primary (5 - 3600 sec).
nntpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime number
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
password string
Cluster password. Must be the same for all members.
pingserverFailoverThreshold number
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout number
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pop3ProxyThreshold string
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
priority number
Increase the priority to select the primary unit (0 - 255).
routeHold number
Time to wait between routing table updates to the cluster (0 - 3600 sec).
routeTtl number
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
routeWait number
Time to wait before sending new routes to the cluster (0 - 3600 sec).
schedule string
Type of A-A load balancing. Use none if you have external load balancers.
secondaryVcluster HaSecondaryVcluster
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
sessionPickup string
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
sessionPickupConnectionless string
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
sessionPickupDelay string
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
sessionPickupExpectation string
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
sessionPickupNat string
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
sessionSyncDev string
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
smtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
ssdFailover string
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
standaloneConfigSync string
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
standaloneMgmtVdom string
Enable/disable standalone management VDOM. Valid values: enable, disable.
syncConfig string
Enable/disable configuration synchronization. Valid values: enable, disable.
syncPacketBalance string
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
unicastGateway string
Default route gateway for unicast interface.
unicastHb string
Enable/disable unicast heartbeat. Valid values: enable, disable.
unicastHbNetmask string
Unicast heartbeat netmask.
unicastHbPeerip string
Unicast heartbeat peer IP.
unicastPeers HaUnicastPeer[]
Number of unicast peers. The structure of unicast_peers block is documented below.
unicastStatus string
Enable/disable unicast connection. Valid values: enable, disable.
uninterruptiblePrimaryWait number
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
uninterruptibleUpgrade string
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
upgradeMode string
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
vcluster2 string
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
vclusterId number
Cluster ID.
vclusterStatus string
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
vclusters HaVcluster[]
Virtual cluster table. The structure of vcluster block is documented below.
vdom string
VDOMs in virtual cluster 1.
vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
weight string
Weight-round-robin weight for each cluster unit. Syntax .
arps int
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
arps_interval int
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
authentication str
Enable/disable heartbeat message authentication. Valid values: enable, disable.
cpu_threshold str
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
dynamic_sort_subtable str
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
encryption str
Enable/disable heartbeat message encryption. Valid values: enable, disable.
evpn_ttl int
HA EVPN FDB TTL on primary box (5 - 3600 sec).
failover_hold_time int
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
ftp_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
get_all_tables str
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
gratuitous_arps str
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
group_id int
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
group_name str
Cluster group name. Must be the same for all members.
ha_direct str
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
ha_eth_type str
HA heartbeat packet Ethertype (4-digit hex).
ha_mgmt_interfaces Sequence[HaHaMgmtInterfaceArgs]
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
ha_mgmt_status str
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
ha_uptime_diff_margin int
Normally you would only reduce this value for failover testing.
hb_interval int
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
hb_interval_in_milliseconds str
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
hb_lost_threshold int
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
hbdev str
Heartbeat interfaces. Must be the same for all members.
hc_eth_type str
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
hello_holddown int
Time to wait before changing from hello to work state (5 - 300 sec).
http_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
imap_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
inter_cluster_session_sync str
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
ipsec_phase2_proposal str
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
key str
key
l2ep_eth_type str
Telnet session HA heartbeat packet Ethertype (4-digit hex).
link_failed_signal str
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
load_balance_all str
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
logical_sn str
Enable/disable usage of the logical serial number. Valid values: enable, disable.
memory_based_failover str
Enable/disable memory based failover. Valid values: enable, disable.
memory_compatible_mode str
Enable/disable memory compatible mode. Valid values: enable, disable.
memory_failover_flip_timeout int
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
memory_failover_monitor_period int
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
memory_failover_sample_rate int
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
memory_failover_threshold int
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
memory_threshold str
Dynamic weighted load balancing memory usage weight and high and low thresholds.
mode str
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
monitor str
Interfaces to check for port monitoring (or link failure).
multicast_ttl int
HA multicast TTL on primary (5 - 3600 sec).
nntp_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
override str
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
override_wait_time int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
password str
Cluster password. Must be the same for all members.
pingserver_failover_threshold int
Remote IP monitoring failover threshold (0 - 50).
pingserver_flip_timeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserver_monitor_interface str
Interfaces to check for remote IP monitoring.
pingserver_secondary_force_reset str
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserver_slave_force_reset str
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pop3_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
priority int
Increase the priority to select the primary unit (0 - 255).
route_hold int
Time to wait between routing table updates to the cluster (0 - 3600 sec).
route_ttl int
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
route_wait int
Time to wait before sending new routes to the cluster (0 - 3600 sec).
schedule str
Type of A-A load balancing. Use none if you have external load balancers.
secondary_vcluster HaSecondaryVclusterArgs
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
session_pickup str
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
session_pickup_connectionless str
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
session_pickup_delay str
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
session_pickup_expectation str
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
session_pickup_nat str
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
session_sync_dev str
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
smtp_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
ssd_failover str
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
standalone_config_sync str
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
standalone_mgmt_vdom str
Enable/disable standalone management VDOM. Valid values: enable, disable.
sync_config str
Enable/disable configuration synchronization. Valid values: enable, disable.
sync_packet_balance str
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
unicast_gateway str
Default route gateway for unicast interface.
unicast_hb str
Enable/disable unicast heartbeat. Valid values: enable, disable.
unicast_hb_netmask str
Unicast heartbeat netmask.
unicast_hb_peerip str
Unicast heartbeat peer IP.
unicast_peers Sequence[HaUnicastPeerArgs]
Number of unicast peers. The structure of unicast_peers block is documented below.
unicast_status str
Enable/disable unicast connection. Valid values: enable, disable.
uninterruptible_primary_wait int
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
uninterruptible_upgrade str
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
upgrade_mode str
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
vcluster2 str
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
vcluster_id int
Cluster ID.
vcluster_status str
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
vclusters Sequence[HaVclusterArgs]
Virtual cluster table. The structure of vcluster block is documented below.
vdom str
VDOMs in virtual cluster 1.
vdomparam Changes to this property will trigger replacement. str
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
weight str
Weight-round-robin weight for each cluster unit. Syntax .
arps Number
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
arpsInterval Number
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
authentication String
Enable/disable heartbeat message authentication. Valid values: enable, disable.
cpuThreshold String
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
dynamicSortSubtable String
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
encryption String
Enable/disable heartbeat message encryption. Valid values: enable, disable.
evpnTtl Number
HA EVPN FDB TTL on primary box (5 - 3600 sec).
failoverHoldTime Number
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
ftpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
getAllTables String
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
gratuitousArps String
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
groupId Number
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
groupName String
Cluster group name. Must be the same for all members.
haDirect String
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
haEthType String
HA heartbeat packet Ethertype (4-digit hex).
haMgmtInterfaces List<Property Map>
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
haMgmtStatus String
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
haUptimeDiffMargin Number
Normally you would only reduce this value for failover testing.
hbInterval Number
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
hbIntervalInMilliseconds String
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
hbLostThreshold Number
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
hbdev String
Heartbeat interfaces. Must be the same for all members.
hcEthType String
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
helloHolddown Number
Time to wait before changing from hello to work state (5 - 300 sec).
httpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
imapProxyThreshold String
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
interClusterSessionSync String
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
ipsecPhase2Proposal String
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
key String
key
l2epEthType String
Telnet session HA heartbeat packet Ethertype (4-digit hex).
linkFailedSignal String
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
loadBalanceAll String
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
logicalSn String
Enable/disable usage of the logical serial number. Valid values: enable, disable.
memoryBasedFailover String
Enable/disable memory based failover. Valid values: enable, disable.
memoryCompatibleMode String
Enable/disable memory compatible mode. Valid values: enable, disable.
memoryFailoverFlipTimeout Number
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
memoryFailoverMonitorPeriod Number
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
memoryFailoverSampleRate Number
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
memoryFailoverThreshold Number
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
memoryThreshold String
Dynamic weighted load balancing memory usage weight and high and low thresholds.
mode String
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
monitor String
Interfaces to check for port monitoring (or link failure).
multicastTtl Number
HA multicast TTL on primary (5 - 3600 sec).
nntpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
override String
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime Number
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
password String
Cluster password. Must be the same for all members.
pingserverFailoverThreshold Number
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout Number
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface String
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pop3ProxyThreshold String
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
priority Number
Increase the priority to select the primary unit (0 - 255).
routeHold Number
Time to wait between routing table updates to the cluster (0 - 3600 sec).
routeTtl Number
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
routeWait Number
Time to wait before sending new routes to the cluster (0 - 3600 sec).
schedule String
Type of A-A load balancing. Use none if you have external load balancers.
secondaryVcluster Property Map
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
sessionPickup String
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
sessionPickupConnectionless String
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
sessionPickupDelay String
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
sessionPickupExpectation String
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
sessionPickupNat String
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
sessionSyncDev String
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
smtpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
ssdFailover String
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
standaloneConfigSync String
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
standaloneMgmtVdom String
Enable/disable standalone management VDOM. Valid values: enable, disable.
syncConfig String
Enable/disable configuration synchronization. Valid values: enable, disable.
syncPacketBalance String
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
unicastGateway String
Default route gateway for unicast interface.
unicastHb String
Enable/disable unicast heartbeat. Valid values: enable, disable.
unicastHbNetmask String
Unicast heartbeat netmask.
unicastHbPeerip String
Unicast heartbeat peer IP.
unicastPeers List<Property Map>
Number of unicast peers. The structure of unicast_peers block is documented below.
unicastStatus String
Enable/disable unicast connection. Valid values: enable, disable.
uninterruptiblePrimaryWait Number
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
uninterruptibleUpgrade String
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
upgradeMode String
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
vcluster2 String
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
vclusterId Number
Cluster ID.
vclusterStatus String
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
vclusters List<Property Map>
Virtual cluster table. The structure of vcluster block is documented below.
vdom String
VDOMs in virtual cluster 1.
vdomparam Changes to this property will trigger replacement. String
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
weight String
Weight-round-robin weight for each cluster unit. Syntax .

Outputs

All input properties are implicitly available as output properties. Additionally, the Ha resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing Ha Resource

Get an existing Ha resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: HaState, opts?: CustomResourceOptions): Ha
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        arps: Optional[int] = None,
        arps_interval: Optional[int] = None,
        authentication: Optional[str] = None,
        cpu_threshold: Optional[str] = None,
        dynamic_sort_subtable: Optional[str] = None,
        encryption: Optional[str] = None,
        evpn_ttl: Optional[int] = None,
        failover_hold_time: Optional[int] = None,
        ftp_proxy_threshold: Optional[str] = None,
        get_all_tables: Optional[str] = None,
        gratuitous_arps: Optional[str] = None,
        group_id: Optional[int] = None,
        group_name: Optional[str] = None,
        ha_direct: Optional[str] = None,
        ha_eth_type: Optional[str] = None,
        ha_mgmt_interfaces: Optional[Sequence[HaHaMgmtInterfaceArgs]] = None,
        ha_mgmt_status: Optional[str] = None,
        ha_uptime_diff_margin: Optional[int] = None,
        hb_interval: Optional[int] = None,
        hb_interval_in_milliseconds: Optional[str] = None,
        hb_lost_threshold: Optional[int] = None,
        hbdev: Optional[str] = None,
        hc_eth_type: Optional[str] = None,
        hello_holddown: Optional[int] = None,
        http_proxy_threshold: Optional[str] = None,
        imap_proxy_threshold: Optional[str] = None,
        inter_cluster_session_sync: Optional[str] = None,
        ipsec_phase2_proposal: Optional[str] = None,
        key: Optional[str] = None,
        l2ep_eth_type: Optional[str] = None,
        link_failed_signal: Optional[str] = None,
        load_balance_all: Optional[str] = None,
        logical_sn: Optional[str] = None,
        memory_based_failover: Optional[str] = None,
        memory_compatible_mode: Optional[str] = None,
        memory_failover_flip_timeout: Optional[int] = None,
        memory_failover_monitor_period: Optional[int] = None,
        memory_failover_sample_rate: Optional[int] = None,
        memory_failover_threshold: Optional[int] = None,
        memory_threshold: Optional[str] = None,
        mode: Optional[str] = None,
        monitor: Optional[str] = None,
        multicast_ttl: Optional[int] = None,
        nntp_proxy_threshold: Optional[str] = None,
        override: Optional[str] = None,
        override_wait_time: Optional[int] = None,
        password: Optional[str] = None,
        pingserver_failover_threshold: Optional[int] = None,
        pingserver_flip_timeout: Optional[int] = None,
        pingserver_monitor_interface: Optional[str] = None,
        pingserver_secondary_force_reset: Optional[str] = None,
        pingserver_slave_force_reset: Optional[str] = None,
        pop3_proxy_threshold: Optional[str] = None,
        priority: Optional[int] = None,
        route_hold: Optional[int] = None,
        route_ttl: Optional[int] = None,
        route_wait: Optional[int] = None,
        schedule: Optional[str] = None,
        secondary_vcluster: Optional[HaSecondaryVclusterArgs] = None,
        session_pickup: Optional[str] = None,
        session_pickup_connectionless: Optional[str] = None,
        session_pickup_delay: Optional[str] = None,
        session_pickup_expectation: Optional[str] = None,
        session_pickup_nat: Optional[str] = None,
        session_sync_dev: Optional[str] = None,
        smtp_proxy_threshold: Optional[str] = None,
        ssd_failover: Optional[str] = None,
        standalone_config_sync: Optional[str] = None,
        standalone_mgmt_vdom: Optional[str] = None,
        sync_config: Optional[str] = None,
        sync_packet_balance: Optional[str] = None,
        unicast_gateway: Optional[str] = None,
        unicast_hb: Optional[str] = None,
        unicast_hb_netmask: Optional[str] = None,
        unicast_hb_peerip: Optional[str] = None,
        unicast_peers: Optional[Sequence[HaUnicastPeerArgs]] = None,
        unicast_status: Optional[str] = None,
        uninterruptible_primary_wait: Optional[int] = None,
        uninterruptible_upgrade: Optional[str] = None,
        upgrade_mode: Optional[str] = None,
        vcluster2: Optional[str] = None,
        vcluster_id: Optional[int] = None,
        vcluster_status: Optional[str] = None,
        vclusters: Optional[Sequence[HaVclusterArgs]] = None,
        vdom: Optional[str] = None,
        vdomparam: Optional[str] = None,
        weight: Optional[str] = None) -> Ha
func GetHa(ctx *Context, name string, id IDInput, state *HaState, opts ...ResourceOption) (*Ha, error)
public static Ha Get(string name, Input<string> id, HaState? state, CustomResourceOptions? opts = null)
public static Ha get(String name, Output<String> id, HaState state, CustomResourceOptions options)
resources:  _:    type: fortios:system:Ha    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Arps int
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
ArpsInterval int
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
Authentication string
Enable/disable heartbeat message authentication. Valid values: enable, disable.
CpuThreshold string
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
DynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
Encryption string
Enable/disable heartbeat message encryption. Valid values: enable, disable.
EvpnTtl int
HA EVPN FDB TTL on primary box (5 - 3600 sec).
FailoverHoldTime int
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
FtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
GetAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
GratuitousArps string
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
GroupId int
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
GroupName string
Cluster group name. Must be the same for all members.
HaDirect string
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
HaEthType string
HA heartbeat packet Ethertype (4-digit hex).
HaMgmtInterfaces List<Pulumiverse.Fortios.System.Inputs.HaHaMgmtInterface>
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
HaMgmtStatus string
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
HaUptimeDiffMargin int
Normally you would only reduce this value for failover testing.
HbInterval int
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
HbIntervalInMilliseconds string
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
HbLostThreshold int
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
Hbdev string
Heartbeat interfaces. Must be the same for all members.
HcEthType string
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
HelloHolddown int
Time to wait before changing from hello to work state (5 - 300 sec).
HttpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
ImapProxyThreshold string
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
InterClusterSessionSync string
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
IpsecPhase2Proposal string
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
Key string
key
L2epEthType string
Telnet session HA heartbeat packet Ethertype (4-digit hex).
LinkFailedSignal string
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
LoadBalanceAll string
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
LogicalSn string
Enable/disable usage of the logical serial number. Valid values: enable, disable.
MemoryBasedFailover string
Enable/disable memory based failover. Valid values: enable, disable.
MemoryCompatibleMode string
Enable/disable memory compatible mode. Valid values: enable, disable.
MemoryFailoverFlipTimeout int
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
MemoryFailoverMonitorPeriod int
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
MemoryFailoverSampleRate int
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
MemoryFailoverThreshold int
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
MemoryThreshold string
Dynamic weighted load balancing memory usage weight and high and low thresholds.
Mode string
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
Monitor string
Interfaces to check for port monitoring (or link failure).
MulticastTtl int
HA multicast TTL on primary (5 - 3600 sec).
NntpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
Override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
OverrideWaitTime int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
Password string
Cluster password. Must be the same for all members.
PingserverFailoverThreshold int
Remote IP monitoring failover threshold (0 - 50).
PingserverFlipTimeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
PingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
PingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
PingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
Pop3ProxyThreshold string
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
Priority int
Increase the priority to select the primary unit (0 - 255).
RouteHold int
Time to wait between routing table updates to the cluster (0 - 3600 sec).
RouteTtl int
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
RouteWait int
Time to wait before sending new routes to the cluster (0 - 3600 sec).
Schedule string
Type of A-A load balancing. Use none if you have external load balancers.
SecondaryVcluster Pulumiverse.Fortios.System.Inputs.HaSecondaryVcluster
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
SessionPickup string
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
SessionPickupConnectionless string
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
SessionPickupDelay string
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
SessionPickupExpectation string
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
SessionPickupNat string
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
SessionSyncDev string
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
SmtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
SsdFailover string
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
StandaloneConfigSync string
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
StandaloneMgmtVdom string
Enable/disable standalone management VDOM. Valid values: enable, disable.
SyncConfig string
Enable/disable configuration synchronization. Valid values: enable, disable.
SyncPacketBalance string
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
UnicastGateway string
Default route gateway for unicast interface.
UnicastHb string
Enable/disable unicast heartbeat. Valid values: enable, disable.
UnicastHbNetmask string
Unicast heartbeat netmask.
UnicastHbPeerip string
Unicast heartbeat peer IP.
UnicastPeers List<Pulumiverse.Fortios.System.Inputs.HaUnicastPeer>
Number of unicast peers. The structure of unicast_peers block is documented below.
UnicastStatus string
Enable/disable unicast connection. Valid values: enable, disable.
UninterruptiblePrimaryWait int
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
UninterruptibleUpgrade string
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
UpgradeMode string
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
Vcluster2 string
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
VclusterId int
Cluster ID.
VclusterStatus string
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
Vclusters List<Pulumiverse.Fortios.System.Inputs.HaVcluster>
Virtual cluster table. The structure of vcluster block is documented below.
Vdom string
VDOMs in virtual cluster 1.
Vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Weight string
Weight-round-robin weight for each cluster unit. Syntax .
Arps int
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
ArpsInterval int
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
Authentication string
Enable/disable heartbeat message authentication. Valid values: enable, disable.
CpuThreshold string
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
DynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
Encryption string
Enable/disable heartbeat message encryption. Valid values: enable, disable.
EvpnTtl int
HA EVPN FDB TTL on primary box (5 - 3600 sec).
FailoverHoldTime int
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
FtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
GetAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
GratuitousArps string
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
GroupId int
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
GroupName string
Cluster group name. Must be the same for all members.
HaDirect string
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
HaEthType string
HA heartbeat packet Ethertype (4-digit hex).
HaMgmtInterfaces []HaHaMgmtInterfaceArgs
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
HaMgmtStatus string
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
HaUptimeDiffMargin int
Normally you would only reduce this value for failover testing.
HbInterval int
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
HbIntervalInMilliseconds string
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
HbLostThreshold int
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
Hbdev string
Heartbeat interfaces. Must be the same for all members.
HcEthType string
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
HelloHolddown int
Time to wait before changing from hello to work state (5 - 300 sec).
HttpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
ImapProxyThreshold string
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
InterClusterSessionSync string
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
IpsecPhase2Proposal string
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
Key string
key
L2epEthType string
Telnet session HA heartbeat packet Ethertype (4-digit hex).
LinkFailedSignal string
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
LoadBalanceAll string
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
LogicalSn string
Enable/disable usage of the logical serial number. Valid values: enable, disable.
MemoryBasedFailover string
Enable/disable memory based failover. Valid values: enable, disable.
MemoryCompatibleMode string
Enable/disable memory compatible mode. Valid values: enable, disable.
MemoryFailoverFlipTimeout int
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
MemoryFailoverMonitorPeriod int
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
MemoryFailoverSampleRate int
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
MemoryFailoverThreshold int
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
MemoryThreshold string
Dynamic weighted load balancing memory usage weight and high and low thresholds.
Mode string
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
Monitor string
Interfaces to check for port monitoring (or link failure).
MulticastTtl int
HA multicast TTL on primary (5 - 3600 sec).
NntpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
Override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
OverrideWaitTime int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
Password string
Cluster password. Must be the same for all members.
PingserverFailoverThreshold int
Remote IP monitoring failover threshold (0 - 50).
PingserverFlipTimeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
PingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
PingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
PingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
Pop3ProxyThreshold string
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
Priority int
Increase the priority to select the primary unit (0 - 255).
RouteHold int
Time to wait between routing table updates to the cluster (0 - 3600 sec).
RouteTtl int
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
RouteWait int
Time to wait before sending new routes to the cluster (0 - 3600 sec).
Schedule string
Type of A-A load balancing. Use none if you have external load balancers.
SecondaryVcluster HaSecondaryVclusterArgs
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
SessionPickup string
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
SessionPickupConnectionless string
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
SessionPickupDelay string
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
SessionPickupExpectation string
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
SessionPickupNat string
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
SessionSyncDev string
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
SmtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
SsdFailover string
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
StandaloneConfigSync string
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
StandaloneMgmtVdom string
Enable/disable standalone management VDOM. Valid values: enable, disable.
SyncConfig string
Enable/disable configuration synchronization. Valid values: enable, disable.
SyncPacketBalance string
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
UnicastGateway string
Default route gateway for unicast interface.
UnicastHb string
Enable/disable unicast heartbeat. Valid values: enable, disable.
UnicastHbNetmask string
Unicast heartbeat netmask.
UnicastHbPeerip string
Unicast heartbeat peer IP.
UnicastPeers []HaUnicastPeerArgs
Number of unicast peers. The structure of unicast_peers block is documented below.
UnicastStatus string
Enable/disable unicast connection. Valid values: enable, disable.
UninterruptiblePrimaryWait int
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
UninterruptibleUpgrade string
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
UpgradeMode string
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
Vcluster2 string
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
VclusterId int
Cluster ID.
VclusterStatus string
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
Vclusters []HaVclusterArgs
Virtual cluster table. The structure of vcluster block is documented below.
Vdom string
VDOMs in virtual cluster 1.
Vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
Weight string
Weight-round-robin weight for each cluster unit. Syntax .
arps Integer
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
arpsInterval Integer
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
authentication String
Enable/disable heartbeat message authentication. Valid values: enable, disable.
cpuThreshold String
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
dynamicSortSubtable String
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
encryption String
Enable/disable heartbeat message encryption. Valid values: enable, disable.
evpnTtl Integer
HA EVPN FDB TTL on primary box (5 - 3600 sec).
failoverHoldTime Integer
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
ftpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
getAllTables String
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
gratuitousArps String
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
groupId Integer
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
groupName String
Cluster group name. Must be the same for all members.
haDirect String
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
haEthType String
HA heartbeat packet Ethertype (4-digit hex).
haMgmtInterfaces List<HaHaMgmtInterface>
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
haMgmtStatus String
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
haUptimeDiffMargin Integer
Normally you would only reduce this value for failover testing.
hbInterval Integer
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
hbIntervalInMilliseconds String
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
hbLostThreshold Integer
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
hbdev String
Heartbeat interfaces. Must be the same for all members.
hcEthType String
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
helloHolddown Integer
Time to wait before changing from hello to work state (5 - 300 sec).
httpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
imapProxyThreshold String
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
interClusterSessionSync String
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
ipsecPhase2Proposal String
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
key String
key
l2epEthType String
Telnet session HA heartbeat packet Ethertype (4-digit hex).
linkFailedSignal String
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
loadBalanceAll String
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
logicalSn String
Enable/disable usage of the logical serial number. Valid values: enable, disable.
memoryBasedFailover String
Enable/disable memory based failover. Valid values: enable, disable.
memoryCompatibleMode String
Enable/disable memory compatible mode. Valid values: enable, disable.
memoryFailoverFlipTimeout Integer
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
memoryFailoverMonitorPeriod Integer
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
memoryFailoverSampleRate Integer
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
memoryFailoverThreshold Integer
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
memoryThreshold String
Dynamic weighted load balancing memory usage weight and high and low thresholds.
mode String
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
monitor String
Interfaces to check for port monitoring (or link failure).
multicastTtl Integer
HA multicast TTL on primary (5 - 3600 sec).
nntpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
override String
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime Integer
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
password String
Cluster password. Must be the same for all members.
pingserverFailoverThreshold Integer
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout Integer
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface String
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pop3ProxyThreshold String
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
priority Integer
Increase the priority to select the primary unit (0 - 255).
routeHold Integer
Time to wait between routing table updates to the cluster (0 - 3600 sec).
routeTtl Integer
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
routeWait Integer
Time to wait before sending new routes to the cluster (0 - 3600 sec).
schedule String
Type of A-A load balancing. Use none if you have external load balancers.
secondaryVcluster HaSecondaryVcluster
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
sessionPickup String
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
sessionPickupConnectionless String
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
sessionPickupDelay String
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
sessionPickupExpectation String
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
sessionPickupNat String
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
sessionSyncDev String
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
smtpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
ssdFailover String
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
standaloneConfigSync String
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
standaloneMgmtVdom String
Enable/disable standalone management VDOM. Valid values: enable, disable.
syncConfig String
Enable/disable configuration synchronization. Valid values: enable, disable.
syncPacketBalance String
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
unicastGateway String
Default route gateway for unicast interface.
unicastHb String
Enable/disable unicast heartbeat. Valid values: enable, disable.
unicastHbNetmask String
Unicast heartbeat netmask.
unicastHbPeerip String
Unicast heartbeat peer IP.
unicastPeers List<HaUnicastPeer>
Number of unicast peers. The structure of unicast_peers block is documented below.
unicastStatus String
Enable/disable unicast connection. Valid values: enable, disable.
uninterruptiblePrimaryWait Integer
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
uninterruptibleUpgrade String
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
upgradeMode String
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
vcluster2 String
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
vclusterId Integer
Cluster ID.
vclusterStatus String
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
vclusters List<HaVcluster>
Virtual cluster table. The structure of vcluster block is documented below.
vdom String
VDOMs in virtual cluster 1.
vdomparam Changes to this property will trigger replacement. String
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
weight String
Weight-round-robin weight for each cluster unit. Syntax .
arps number
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
arpsInterval number
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
authentication string
Enable/disable heartbeat message authentication. Valid values: enable, disable.
cpuThreshold string
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
dynamicSortSubtable string
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
encryption string
Enable/disable heartbeat message encryption. Valid values: enable, disable.
evpnTtl number
HA EVPN FDB TTL on primary box (5 - 3600 sec).
failoverHoldTime number
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
ftpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
getAllTables string
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
gratuitousArps string
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
groupId number
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
groupName string
Cluster group name. Must be the same for all members.
haDirect string
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
haEthType string
HA heartbeat packet Ethertype (4-digit hex).
haMgmtInterfaces HaHaMgmtInterface[]
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
haMgmtStatus string
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
haUptimeDiffMargin number
Normally you would only reduce this value for failover testing.
hbInterval number
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
hbIntervalInMilliseconds string
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
hbLostThreshold number
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
hbdev string
Heartbeat interfaces. Must be the same for all members.
hcEthType string
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
helloHolddown number
Time to wait before changing from hello to work state (5 - 300 sec).
httpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
imapProxyThreshold string
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
interClusterSessionSync string
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
ipsecPhase2Proposal string
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
key string
key
l2epEthType string
Telnet session HA heartbeat packet Ethertype (4-digit hex).
linkFailedSignal string
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
loadBalanceAll string
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
logicalSn string
Enable/disable usage of the logical serial number. Valid values: enable, disable.
memoryBasedFailover string
Enable/disable memory based failover. Valid values: enable, disable.
memoryCompatibleMode string
Enable/disable memory compatible mode. Valid values: enable, disable.
memoryFailoverFlipTimeout number
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
memoryFailoverMonitorPeriod number
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
memoryFailoverSampleRate number
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
memoryFailoverThreshold number
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
memoryThreshold string
Dynamic weighted load balancing memory usage weight and high and low thresholds.
mode string
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
monitor string
Interfaces to check for port monitoring (or link failure).
multicastTtl number
HA multicast TTL on primary (5 - 3600 sec).
nntpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime number
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
password string
Cluster password. Must be the same for all members.
pingserverFailoverThreshold number
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout number
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pop3ProxyThreshold string
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
priority number
Increase the priority to select the primary unit (0 - 255).
routeHold number
Time to wait between routing table updates to the cluster (0 - 3600 sec).
routeTtl number
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
routeWait number
Time to wait before sending new routes to the cluster (0 - 3600 sec).
schedule string
Type of A-A load balancing. Use none if you have external load balancers.
secondaryVcluster HaSecondaryVcluster
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
sessionPickup string
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
sessionPickupConnectionless string
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
sessionPickupDelay string
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
sessionPickupExpectation string
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
sessionPickupNat string
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
sessionSyncDev string
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
smtpProxyThreshold string
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
ssdFailover string
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
standaloneConfigSync string
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
standaloneMgmtVdom string
Enable/disable standalone management VDOM. Valid values: enable, disable.
syncConfig string
Enable/disable configuration synchronization. Valid values: enable, disable.
syncPacketBalance string
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
unicastGateway string
Default route gateway for unicast interface.
unicastHb string
Enable/disable unicast heartbeat. Valid values: enable, disable.
unicastHbNetmask string
Unicast heartbeat netmask.
unicastHbPeerip string
Unicast heartbeat peer IP.
unicastPeers HaUnicastPeer[]
Number of unicast peers. The structure of unicast_peers block is documented below.
unicastStatus string
Enable/disable unicast connection. Valid values: enable, disable.
uninterruptiblePrimaryWait number
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
uninterruptibleUpgrade string
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
upgradeMode string
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
vcluster2 string
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
vclusterId number
Cluster ID.
vclusterStatus string
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
vclusters HaVcluster[]
Virtual cluster table. The structure of vcluster block is documented below.
vdom string
VDOMs in virtual cluster 1.
vdomparam Changes to this property will trigger replacement. string
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
weight string
Weight-round-robin weight for each cluster unit. Syntax .
arps int
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
arps_interval int
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
authentication str
Enable/disable heartbeat message authentication. Valid values: enable, disable.
cpu_threshold str
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
dynamic_sort_subtable str
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
encryption str
Enable/disable heartbeat message encryption. Valid values: enable, disable.
evpn_ttl int
HA EVPN FDB TTL on primary box (5 - 3600 sec).
failover_hold_time int
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
ftp_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
get_all_tables str
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
gratuitous_arps str
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
group_id int
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
group_name str
Cluster group name. Must be the same for all members.
ha_direct str
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
ha_eth_type str
HA heartbeat packet Ethertype (4-digit hex).
ha_mgmt_interfaces Sequence[HaHaMgmtInterfaceArgs]
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
ha_mgmt_status str
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
ha_uptime_diff_margin int
Normally you would only reduce this value for failover testing.
hb_interval int
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
hb_interval_in_milliseconds str
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
hb_lost_threshold int
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
hbdev str
Heartbeat interfaces. Must be the same for all members.
hc_eth_type str
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
hello_holddown int
Time to wait before changing from hello to work state (5 - 300 sec).
http_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
imap_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
inter_cluster_session_sync str
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
ipsec_phase2_proposal str
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
key str
key
l2ep_eth_type str
Telnet session HA heartbeat packet Ethertype (4-digit hex).
link_failed_signal str
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
load_balance_all str
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
logical_sn str
Enable/disable usage of the logical serial number. Valid values: enable, disable.
memory_based_failover str
Enable/disable memory based failover. Valid values: enable, disable.
memory_compatible_mode str
Enable/disable memory compatible mode. Valid values: enable, disable.
memory_failover_flip_timeout int
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
memory_failover_monitor_period int
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
memory_failover_sample_rate int
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
memory_failover_threshold int
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
memory_threshold str
Dynamic weighted load balancing memory usage weight and high and low thresholds.
mode str
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
monitor str
Interfaces to check for port monitoring (or link failure).
multicast_ttl int
HA multicast TTL on primary (5 - 3600 sec).
nntp_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
override str
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
override_wait_time int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
password str
Cluster password. Must be the same for all members.
pingserver_failover_threshold int
Remote IP monitoring failover threshold (0 - 50).
pingserver_flip_timeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserver_monitor_interface str
Interfaces to check for remote IP monitoring.
pingserver_secondary_force_reset str
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserver_slave_force_reset str
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pop3_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
priority int
Increase the priority to select the primary unit (0 - 255).
route_hold int
Time to wait between routing table updates to the cluster (0 - 3600 sec).
route_ttl int
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
route_wait int
Time to wait before sending new routes to the cluster (0 - 3600 sec).
schedule str
Type of A-A load balancing. Use none if you have external load balancers.
secondary_vcluster HaSecondaryVclusterArgs
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
session_pickup str
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
session_pickup_connectionless str
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
session_pickup_delay str
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
session_pickup_expectation str
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
session_pickup_nat str
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
session_sync_dev str
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
smtp_proxy_threshold str
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
ssd_failover str
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
standalone_config_sync str
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
standalone_mgmt_vdom str
Enable/disable standalone management VDOM. Valid values: enable, disable.
sync_config str
Enable/disable configuration synchronization. Valid values: enable, disable.
sync_packet_balance str
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
unicast_gateway str
Default route gateway for unicast interface.
unicast_hb str
Enable/disable unicast heartbeat. Valid values: enable, disable.
unicast_hb_netmask str
Unicast heartbeat netmask.
unicast_hb_peerip str
Unicast heartbeat peer IP.
unicast_peers Sequence[HaUnicastPeerArgs]
Number of unicast peers. The structure of unicast_peers block is documented below.
unicast_status str
Enable/disable unicast connection. Valid values: enable, disable.
uninterruptible_primary_wait int
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
uninterruptible_upgrade str
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
upgrade_mode str
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
vcluster2 str
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
vcluster_id int
Cluster ID.
vcluster_status str
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
vclusters Sequence[HaVclusterArgs]
Virtual cluster table. The structure of vcluster block is documented below.
vdom str
VDOMs in virtual cluster 1.
vdomparam Changes to this property will trigger replacement. str
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
weight str
Weight-round-robin weight for each cluster unit. Syntax .
arps Number
Number of gratuitous ARPs (1 - 60). Lower to reduce traffic. Higher to reduce failover time.
arpsInterval Number
Time between gratuitous ARPs (1 - 20 sec). Lower to reduce failover time. Higher to reduce traffic.
authentication String
Enable/disable heartbeat message authentication. Valid values: enable, disable.
cpuThreshold String
Dynamic weighted load balancing CPU usage weight and high and low thresholds.
dynamicSortSubtable String
Sort sub-tables, please do not set this parameter when configuring static sub-tables. Options: [ false, true, natural, alphabetical ]. false: Default value, do not sort tables; true/natural: sort tables in natural order. For example: [ a10, a2 ] -> [ a2, a10 ]; alphabetical: sort tables in alphabetical order. For example: [ a10, a2 ] -> [ a10, a2 ].
encryption String
Enable/disable heartbeat message encryption. Valid values: enable, disable.
evpnTtl Number
HA EVPN FDB TTL on primary box (5 - 3600 sec).
failoverHoldTime Number
Time to wait before failover (0 - 300 sec, default = 0), to avoid flip.
ftpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of FTP proxy sessions.
getAllTables String
Get all sub-tables including unconfigured tables. Do not set this variable to true if you configure sub-table in another resource, otherwise, conflicts and overwrite will occur. Options: [ false, true ]. false: Default value, do not get unconfigured tables; true: get all tables including unconfigured tables.
gratuitousArps String
Enable/disable gratuitous ARPs. Disable if link-failed-signal enabled. Valid values: enable, disable.
groupId Number
HA group ID. Must be the same for all members. On FortiOS versions 6.2.0-6.2.6: 0 - 255. On FortiOS versions 7.0.2-7.0.15: 0 - 1023. On FortiOS versions 7.2.0: 0 - 1023; or 0 - 7 when there are more than 2 vclusters.
groupName String
Cluster group name. Must be the same for all members.
haDirect String
Enable/disable using ha-mgmt interface for syslog, SNMP, remote authentication (RADIUS), FortiAnalyzer, FortiSandbox, sFlow, and Netflow. Valid values: enable, disable.
haEthType String
HA heartbeat packet Ethertype (4-digit hex).
haMgmtInterfaces List<Property Map>
Reserve interfaces to manage individual cluster units. The structure of ha_mgmt_interfaces block is documented below.
haMgmtStatus String
Enable to reserve interfaces to manage individual cluster units. Valid values: enable, disable.
haUptimeDiffMargin Number
Normally you would only reduce this value for failover testing.
hbInterval Number
Time between sending heartbeat packets (1 - 20). Increase to reduce false positives.
hbIntervalInMilliseconds String
Number of milliseconds for each heartbeat interval: 100ms or 10ms. Valid values: 100ms, 10ms.
hbLostThreshold Number
Number of lost heartbeats to signal a failure (1 - 60). Increase to reduce false positives.
hbdev String
Heartbeat interfaces. Must be the same for all members.
hcEthType String
Transparent mode HA heartbeat packet Ethertype (4-digit hex).
helloHolddown Number
Time to wait before changing from hello to work state (5 - 300 sec).
httpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of HTTP proxy sessions.
imapProxyThreshold String
Dynamic weighted load balancing weight and high and low number of IMAP proxy sessions.
interClusterSessionSync String
Enable/disable synchronization of sessions among HA clusters. Valid values: enable, disable.
ipsecPhase2Proposal String
IPsec phase2 proposal. Valid values: aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305.
key String
key
l2epEthType String
Telnet session HA heartbeat packet Ethertype (4-digit hex).
linkFailedSignal String
Enable to shut down all interfaces for 1 sec after a failover. Use if gratuitous ARPs do not update network. Valid values: enable, disable.
loadBalanceAll String
Enable to load balance TCP sessions. Disable to load balance proxy sessions only. Valid values: enable, disable.
logicalSn String
Enable/disable usage of the logical serial number. Valid values: enable, disable.
memoryBasedFailover String
Enable/disable memory based failover. Valid values: enable, disable.
memoryCompatibleMode String
Enable/disable memory compatible mode. Valid values: enable, disable.
memoryFailoverFlipTimeout Number
Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6).
memoryFailoverMonitorPeriod Number
Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60).
memoryFailoverSampleRate Number
Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1).
memoryFailoverThreshold Number
Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system.global).
memoryThreshold String
Dynamic weighted load balancing memory usage weight and high and low thresholds.
mode String
HA mode. Must be the same for all members. FGSP requires standalone. Valid values: standalone, a-a, a-p.
monitor String
Interfaces to check for port monitoring (or link failure).
multicastTtl Number
HA multicast TTL on primary (5 - 3600 sec).
nntpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of NNTP proxy sessions.
override String
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime Number
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
password String
Cluster password. Must be the same for all members.
pingserverFailoverThreshold Number
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout Number
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface String
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pop3ProxyThreshold String
Dynamic weighted load balancing weight and high and low number of POP3 proxy sessions.
priority Number
Increase the priority to select the primary unit (0 - 255).
routeHold Number
Time to wait between routing table updates to the cluster (0 - 3600 sec).
routeTtl Number
TTL for primary unit routes (5 - 3600 sec). Increase to maintain active routes during failover.
routeWait Number
Time to wait before sending new routes to the cluster (0 - 3600 sec).
schedule String
Type of A-A load balancing. Use none if you have external load balancers.
secondaryVcluster Property Map
Configure virtual cluster 2. The structure of secondary_vcluster block is documented below.
sessionPickup String
Enable/disable session pickup. Enabling it can reduce session down time when fail over happens. Valid values: enable, disable.
sessionPickupConnectionless String
Enable/disable UDP and ICMP session sync. Valid values: enable, disable.
sessionPickupDelay String
Enable to sync sessions longer than 30 sec. Only longer lived sessions need to be synced. Valid values: enable, disable.
sessionPickupExpectation String
Enable/disable session helper expectation session sync for FGSP. Valid values: enable, disable.
sessionPickupNat String
Enable/disable NAT session sync for FGSP. Valid values: enable, disable.
sessionSyncDev String
Offload session-sync process to kernel and sync sessions using connected interface(s) directly.
smtpProxyThreshold String
Dynamic weighted load balancing weight and high and low number of SMTP proxy sessions.
ssdFailover String
Enable/disable automatic HA failover on SSD disk failure. Valid values: enable, disable.
standaloneConfigSync String
Enable/disable FGSP configuration synchronization. Valid values: enable, disable.
standaloneMgmtVdom String
Enable/disable standalone management VDOM. Valid values: enable, disable.
syncConfig String
Enable/disable configuration synchronization. Valid values: enable, disable.
syncPacketBalance String
Enable/disable HA packet distribution to multiple CPUs. Valid values: enable, disable.
unicastGateway String
Default route gateway for unicast interface.
unicastHb String
Enable/disable unicast heartbeat. Valid values: enable, disable.
unicastHbNetmask String
Unicast heartbeat netmask.
unicastHbPeerip String
Unicast heartbeat peer IP.
unicastPeers List<Property Map>
Number of unicast peers. The structure of unicast_peers block is documented below.
unicastStatus String
Enable/disable unicast connection. Valid values: enable, disable.
uninterruptiblePrimaryWait Number
Number of minutes the primary HA unit waits before the secondary HA unit is considered upgraded and the system is started before starting its own upgrade (default = 30). On FortiOS versions 6.4.10-6.4.15, 7.0.2-7.0.5: 1 - 300. On FortiOS versions >= 7.0.6: 15 - 300.
uninterruptibleUpgrade String
Enable to upgrade a cluster without blocking network traffic. Valid values: enable, disable.
upgradeMode String
The mode to upgrade a cluster. Valid values: simultaneous, uninterruptible, local-only, secondary-only.
vcluster2 String
Enable/disable virtual cluster 2 for virtual clustering. Valid values: enable, disable.
vclusterId Number
Cluster ID.
vclusterStatus String
Enable/disable virtual cluster for virtual clustering. Valid values: enable, disable.
vclusters List<Property Map>
Virtual cluster table. The structure of vcluster block is documented below.
vdom String
VDOMs in virtual cluster 1.
vdomparam Changes to this property will trigger replacement. String
Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
weight String
Weight-round-robin weight for each cluster unit. Syntax .

Supporting Types

HaHaMgmtInterface
, HaHaMgmtInterfaceArgs

Dst string
Default route destination for reserved HA management interface.
Gateway string
Default route gateway for reserved HA management interface.
Gateway6 string
Default IPv6 gateway for reserved HA management interface.
Id int
Table ID.
Interface string
Interface to reserve for HA management.
Dst string
Default route destination for reserved HA management interface.
Gateway string
Default route gateway for reserved HA management interface.
Gateway6 string
Default IPv6 gateway for reserved HA management interface.
Id int
Table ID.
Interface string
Interface to reserve for HA management.
dst String
Default route destination for reserved HA management interface.
gateway String
Default route gateway for reserved HA management interface.
gateway6 String
Default IPv6 gateway for reserved HA management interface.
id Integer
Table ID.
interface_ String
Interface to reserve for HA management.
dst string
Default route destination for reserved HA management interface.
gateway string
Default route gateway for reserved HA management interface.
gateway6 string
Default IPv6 gateway for reserved HA management interface.
id number
Table ID.
interface string
Interface to reserve for HA management.
dst str
Default route destination for reserved HA management interface.
gateway str
Default route gateway for reserved HA management interface.
gateway6 str
Default IPv6 gateway for reserved HA management interface.
id int
Table ID.
interface str
Interface to reserve for HA management.
dst String
Default route destination for reserved HA management interface.
gateway String
Default route gateway for reserved HA management interface.
gateway6 String
Default IPv6 gateway for reserved HA management interface.
id Number
Table ID.
interface String
Interface to reserve for HA management.

HaSecondaryVcluster
, HaSecondaryVclusterArgs

Monitor string
Interfaces to check for port monitoring (or link failure).
Override string
Enable and increase the priority of the unit that should always be primary. Valid values: enable, disable.
OverrideWaitTime int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
PingserverFailoverThreshold int
Remote IP monitoring failover threshold (0 - 50).
PingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
PingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
PingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
Priority int
Increase the priority to select the primary unit (0 - 255).
VclusterId int
Cluster ID.
Vdom string
VDOMs in virtual cluster 2.
Monitor string
Interfaces to check for port monitoring (or link failure).
Override string
Enable and increase the priority of the unit that should always be primary. Valid values: enable, disable.
OverrideWaitTime int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
PingserverFailoverThreshold int
Remote IP monitoring failover threshold (0 - 50).
PingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
PingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
PingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
Priority int
Increase the priority to select the primary unit (0 - 255).
VclusterId int
Cluster ID.
Vdom string
VDOMs in virtual cluster 2.
monitor String
Interfaces to check for port monitoring (or link failure).
override String
Enable and increase the priority of the unit that should always be primary. Valid values: enable, disable.
overrideWaitTime Integer
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
pingserverFailoverThreshold Integer
Remote IP monitoring failover threshold (0 - 50).
pingserverMonitorInterface String
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
priority Integer
Increase the priority to select the primary unit (0 - 255).
vclusterId Integer
Cluster ID.
vdom String
VDOMs in virtual cluster 2.
monitor string
Interfaces to check for port monitoring (or link failure).
override string
Enable and increase the priority of the unit that should always be primary. Valid values: enable, disable.
overrideWaitTime number
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
pingserverFailoverThreshold number
Remote IP monitoring failover threshold (0 - 50).
pingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
priority number
Increase the priority to select the primary unit (0 - 255).
vclusterId number
Cluster ID.
vdom string
VDOMs in virtual cluster 2.
monitor str
Interfaces to check for port monitoring (or link failure).
override str
Enable and increase the priority of the unit that should always be primary. Valid values: enable, disable.
override_wait_time int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
pingserver_failover_threshold int
Remote IP monitoring failover threshold (0 - 50).
pingserver_monitor_interface str
Interfaces to check for remote IP monitoring.
pingserver_secondary_force_reset str
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserver_slave_force_reset str
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
priority int
Increase the priority to select the primary unit (0 - 255).
vcluster_id int
Cluster ID.
vdom str
VDOMs in virtual cluster 2.
monitor String
Interfaces to check for port monitoring (or link failure).
override String
Enable and increase the priority of the unit that should always be primary. Valid values: enable, disable.
overrideWaitTime Number
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
pingserverFailoverThreshold Number
Remote IP monitoring failover threshold (0 - 50).
pingserverMonitorInterface String
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
priority Number
Increase the priority to select the primary unit (0 - 255).
vclusterId Number
Cluster ID.
vdom String
VDOMs in virtual cluster 2.

HaUnicastPeer
, HaUnicastPeerArgs

Id int
Table ID.
PeerIp string
Unicast peer IP.
Id int
Table ID.
PeerIp string
Unicast peer IP.
id Integer
Table ID.
peerIp String
Unicast peer IP.
id number
Table ID.
peerIp string
Unicast peer IP.
id int
Table ID.
peer_ip str
Unicast peer IP.
id Number
Table ID.
peerIp String
Unicast peer IP.

HaVcluster
, HaVclusterArgs

Monitor string
Interfaces to check for port monitoring (or link failure).
Override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
OverrideWaitTime int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
PingserverFailoverThreshold int
Remote IP monitoring failover threshold (0 - 50).
PingserverFlipTimeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
PingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
PingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
PingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
Priority int
Increase the priority to select the primary unit (0 - 255).
VclusterId int
ID.
Vdoms List<Pulumiverse.Fortios.System.Inputs.HaVclusterVdom>
Virtual domain(s) in the virtual cluster. The structure of vdom block is documented below.
Monitor string
Interfaces to check for port monitoring (or link failure).
Override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
OverrideWaitTime int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
PingserverFailoverThreshold int
Remote IP monitoring failover threshold (0 - 50).
PingserverFlipTimeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
PingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
PingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
PingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
Priority int
Increase the priority to select the primary unit (0 - 255).
VclusterId int
ID.
Vdoms []HaVclusterVdom
Virtual domain(s) in the virtual cluster. The structure of vdom block is documented below.
monitor String
Interfaces to check for port monitoring (or link failure).
override String
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime Integer
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
pingserverFailoverThreshold Integer
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout Integer
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface String
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
priority Integer
Increase the priority to select the primary unit (0 - 255).
vclusterId Integer
ID.
vdoms List<HaVclusterVdom>
Virtual domain(s) in the virtual cluster. The structure of vdom block is documented below.
monitor string
Interfaces to check for port monitoring (or link failure).
override string
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime number
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
pingserverFailoverThreshold number
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout number
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface string
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset string
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
priority number
Increase the priority to select the primary unit (0 - 255).
vclusterId number
ID.
vdoms HaVclusterVdom[]
Virtual domain(s) in the virtual cluster. The structure of vdom block is documented below.
monitor str
Interfaces to check for port monitoring (or link failure).
override str
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
override_wait_time int
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
pingserver_failover_threshold int
Remote IP monitoring failover threshold (0 - 50).
pingserver_flip_timeout int
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserver_monitor_interface str
Interfaces to check for remote IP monitoring.
pingserver_secondary_force_reset str
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserver_slave_force_reset str
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
priority int
Increase the priority to select the primary unit (0 - 255).
vcluster_id int
ID.
vdoms Sequence[HaVclusterVdom]
Virtual domain(s) in the virtual cluster. The structure of vdom block is documented below.
monitor String
Interfaces to check for port monitoring (or link failure).
override String
Enable and increase the priority of the unit that should always be primary (master). Valid values: enable, disable.
overrideWaitTime Number
Delay negotiating if override is enabled (0 - 3600 sec). Reduces how often the cluster negotiates.
pingserverFailoverThreshold Number
Remote IP monitoring failover threshold (0 - 50).
pingserverFlipTimeout Number
Time to wait in minutes before renegotiating after a remote IP monitoring failover.
pingserverMonitorInterface String
Interfaces to check for remote IP monitoring.
pingserverSecondaryForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
pingserverSlaveForceReset String
Enable to force the cluster to negotiate after a remote IP monitoring failover. Valid values: enable, disable.
priority Number
Increase the priority to select the primary unit (0 - 255).
vclusterId Number
ID.
vdoms List<Property Map>
Virtual domain(s) in the virtual cluster. The structure of vdom block is documented below.

HaVclusterVdom
, HaVclusterVdomArgs

Name string
Virtual domain name.
Name string
Virtual domain name.
name String
Virtual domain name.
name string
Virtual domain name.
name str
Virtual domain name.
name String
Virtual domain name.

Import

System Ha can be imported using any of these accepted formats:

$ pulumi import fortios:system/ha:Ha labelname SystemHa
Copy

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:system/ha:Ha labelname SystemHa
Copy

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
fortios pulumiverse/pulumi-fortios
License
Apache-2.0
Notes
This Pulumi package is based on the fortios Terraform Provider.