Using existing objects
FMC ships with a set of pre-defined objects — network objects, port objects, countries, continents and more. Those objects may be needed to complete your configuration. However, FMC uses IDs — not names — to establish references between objects. Therefore, to use any existing object in your configuration, Terraform will first need to query FMC to retrieve its ID.
Objects about which information needs to be extracted from FMC can be defined under the existing keyword in YAML. Those objects cannot be modified.
You can refer to any object that already exists on FMC, including those manually created. For details, please refer to the documentation.
In this example, information about countries and continents is extracted.
existing: fmc: domains: - name: Global objects: countries: - name: Poland - name: Germany continents: - name: North AmericaThese can later be used in a Service Access policy.
fmc: domains: - name: Global objects: service_accesses: - name: MyServiceAccessName1 default_action: DENY rules: - action: ALLOW geolocation_sources: - Poland - Germany - action: ALLOW geolocation_sources: - North AmericaObjects defined under existing will not be re-created even if they also appear under fmc. In the following example MyDeviceName1 will not be created, however the interface GigabitEthernet0/0 of that device will be configured.
existing: fmc: domains: - name: Global devices: devices: - name: MyDeviceName1
fmc: domains: - name: Global devices: devices: - name: MyDeviceName1 vrfs: - name: Global physical_interfaces: - name: GigabitEthernet0/0 logical_name: INSIDE ipv4_static_address: 10.20.30.1 ipv4_static_netmask: 24 security_zone: MySecurityZoneName1