fortinetdev
diff --git a/‎CHANGELOG.md‎
Lines changed: 21 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎docs/autoscale_fgt_as_hub.md‎
Lines changed: 3 additions & 2 deletions b/‎docs/autoscale_fgt_as_hub.md‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎docs/autoscale_fgt_lb_sandwich.md‎
Lines changed: 4 additions & 3 deletions b/‎docs/autoscale_fgt_lb_sandwich.md‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎docs/guide_upgrade_fgt_asg.md‎
Lines changed: 63 additions & 0 deletions b/‎docs/guide_upgrade_fgt_asg.md‎
Lines changed: 63 additions & 0 deletions
@@ -1,3 +1,24 @@
+## 1.4.1 (June, 11, 2025)
+
+IMPROVEMENTS:
+
+* Module `modules/fortinet/generic_vm_standalone`:
+  * Added the latest versions for every Fortinet product.
+* Module `modules/fortigate/fgt_asg_with_function`:
+  * Supported health check in UMS mode.
+  * Modified default value and description of `cloud_function->service_config->max_instance_request_concurrency`.
+  * Improved concurrency logic.
+  * The cloud function can read the value of `autohealing->health_check_port` and change the probe port of FGT to this value.
+  * "HEALTHCHECK_PORT" configuration will only be uploaded to the primary FGT. The secondary FGTs could only get this information by syncing with the primary FGT.
+* Example `autoscale_fgt_as_hub`:
+  * Supported everything changed in Module `fgt_asg_with_function`.
+  * The resource `google_compute_region_health_check` will not be created if no LB is created by this example.
+* Example `examples/autoscale_fgt_lb_sandwich`:
+  * Supported everything changed in Module `fgt_asg_with_function`.
+* Document:
+  * Added new file `/docs/guide_upgrade_fgt_asg.md`.
+
+
 ## 1.4.0 (May, 16, 2025)
 
 FEATURES:
 
@@ -197,7 +197,8 @@ cloud_function = {
   # This parameter controls the instance that runs the cloud function. For simplicity, it is recommended to use the default value.
   service_config = {
     max_instance_count               = 1    # The limit on the maximum number of function instances that may coexist at a given time.
-    max_instance_request_concurrency = 3    # Sets the maximum number of concurrent requests that one cloud function can handle at the same time.
+    max_instance_request_concurrency = 10   # Sets the maximum number of concurrent requests that one cloud function can handle at the same time.
+                                            # Recommended to set it to no less than the maximum number of FGT instances (variable "autoscaler.max_instances").
     available_cpu                    = "1"  # The number of CPUs used in a single container instance.
     available_memory                 = "1G" # The amount of memory available for a function.
     timeout_seconds                  = 420  # The function execution timeout.
@@ -254,7 +255,7 @@ The cloud function will retrieve your existing unused FortiFlex entitlements and
 You need to provide your FortiFlex `username` and `password`.
 You also need to provide a FortiGate configuration `config` (A digital number). You can use our fortiflexvm Terraform to [create a FortiGate configuration](https://registry.terraform.io/providers/fortinetdev/fortiflexvm/latest/docs/resources/fortiflexvm_config) and get its config ID. You need to [use this config ID to create entitlements](https://registry.terraform.io/providers/fortinetdev/fortiflexvm/latest/docs/resources/fortiflexvm_entitlements_vm) in advance.
 
-`service_config` is a variable that controls the instance on which the cloud function runs. You can increase `max_instance_request_concurrency` to allow multiple injection license requests to run simultaneously. You need to increase `available_memory` if your `max_instance_request_concurrency` is high and running out of existing memory.
+`service_config` is a variable that controls the instance on which the cloud function runs. You can increase `max_instance_request_concurrency` to allow multiple cloud function requests to run simultaneously. You need to increase `available_memory` if your `max_instance_request_concurrency` is high and running out of existing memory.
 
 `additional_variables` specifies additional variables used by Cloud Function. Some variables are too trivial or **not recommended to be changed**. You can specify them here to overwrite the behavior of the Cloud Function for more customization.
 
 
@@ -173,7 +173,8 @@ cloud_function = {
   # This parameter controls the instance that runs the cloud function. For simplicity, it is recommended to use the default value.
   service_config = {
     max_instance_count               = 1    # The limit on the maximum number of function instances that may coexist at a given time.
-    max_instance_request_concurrency = 3    # Sets the maximum number of concurrent requests that one cloud function can handle at the same time.
+    max_instance_request_concurrency = 10   # Sets the maximum number of concurrent requests that one cloud function can handle at the same time.
+                                            # Recommended to set it to no less than the maximum number of FGT instances (variable "autoscaler.max_instances").
     available_cpu                    = "1"  # The number of CPUs used in a single container instance.
     available_memory                 = "1G" # The amount of memory available for a function.
     timeout_seconds                  = 420  # The function execution timeout.
@@ -209,7 +210,7 @@ The cloud function will retrieve your existing unused FortiFlex entitlements and
 You need to provide your FortiFlex `username` and `password`.
 You also need to provide a FortiGate configuration `config` (A digital number). You can use our fortiflexvm Terraform to [create a FortiGate configuration](https://registry.terraform.io/providers/fortinetdev/fortiflexvm/latest/docs/resources/fortiflexvm_config) and get its config ID. You need to [use this config ID to create entitlements](https://registry.terraform.io/providers/fortinetdev/fortiflexvm/latest/docs/resources/fortiflexvm_entitlements_vm) in advance.
 
-`service_config` is a variable that controls the instance on which the cloud function runs. You can increase `max_instance_request_concurrency` to allow multiple injection license requests to run simultaneously. You need to increase `available_memory` if your `max_instance_request_concurrency` is high and running out of existing memory.
+`service_config` is a variable that controls the instance on which the cloud function runs. You can increase `max_instance_request_concurrency` to allow multiple cloud function requests to run simultaneously. You need to increase `available_memory` if your `max_instance_request_concurrency` is high and running out of existing memory.
 
 `additional_variables` specifies additional variables used by Cloud Function. Some variables are too trivial or **not recommended to be changed**. You can specify them here to overwrite the behavior of the Cloud Function for more customization.
 
@@ -259,7 +260,7 @@ Autoscaler is used to control when to autoscale and control the number of FortiG
 
 `cpu_utilization` is the autoscaling signal. If CPU utilization is above this value, Google Cloud will create new FGT instances. Google Cloud will also delete idle FGT instances if CPU utilization is low for a long time.
 
-`autohealing.health_check_port` is the port used for health checks by autohealing. Autohealing recreates VM instances if your application cannot be reached by the health check.  Set it to 0 to disable autohealing. `load_balancer.health_check_port` is used for the load balancer and it can't be disabled. Normally, `autoscaler.autohealing.health_check_port` and `load_balancer.health_check_port` should have the same port number, and its default is 8008 for FortiGates.
+`autohealing.health_check_port` is the port used for health checks by autohealing. Autohealing recreates VM instances if your application cannot be reached by the health check. Set it to 0 to disable autohealing. `load_balancer.health_check_port` is used for the load balancer and it can't be disabled. Normally, `autoscaler.autohealing.health_check_port` and `load_balancer.health_check_port` should have the same port number, and its default is 8008 for FortiGates.
 
 `scale_in_control_sec` can prevent the aggressive scale down. If `scale_in_control_sec` is not 0, when the group scales down, Google Cloud will delete at most one FGT every 'scale_in_control_sec' seconds. By default, its value is 300.
 
 
@@ -0,0 +1,63 @@
+# Guide: Upgrading FortiGate AutoScale Group
+
+After deploying the examples `autoscale_fgt_as_hub`, `autoscale_fgt_lb_sandwich`, or the module `fortigate/fgt_asg_with_function`, you can upgrade the FortiGate (FGT) image version and the [Cloud Function](https://github.com/fortinetdev/terraform-google-cloud-modules/blob/main/docs/guide_function.md) code.
+
+### Upgrading the FortiGate Image Version
+
+The upgrade process depends on how the FGT image is specified in your Terraform configuration:
+
+- Using `image_type`:
+
+    If you specify the image via the variable `image_type`, Terraform will automatically retrieve the latest available image. Simply run the command `terraform apply` and confirm the changes.
+
+- Using `image_type`:
+
+    If the FGT image is set via the variable `image_source`, update this variable with the new image reference. Then, run the command `terraform apply` and confirm the changes.
+
+### Upgrading the Cloud Function (Available in version >= 1.4.1)
+
+The [Cloud Function](https://github.com/fortinetdev/terraform-google-cloud-modules/blob/main/docs/guide_function.md) is continuously updated to support new features and improvements. To benefit from these updates, you can upgrade the Cloud Function code using one of the following methods:
+
+#### 1. If you are using a local copy of the project
+
+If you have cloned or downloaded the source code locally (using `terraform.tfvars` file to deploy), you can manually update the Cloud Function code:
+
+1. Download the latest [`cloud function code file`](https://github.com/fortinetdev/terraform-google-cloud-modules/blob/main/modules/fortigate/fgt_asg_with_function/cloud_function.zip)
+2. Replace the existing file at `/modules/fortigate/fgt_asg_with_function/cloud_function.zip`.
+3. Re-run `terraform apply` to deploy the updated function.
+
+
+#### 2. If you are using the project as a module (recommended for version ≥ 1.4.1)
+
+If you're using this project as a module, for example, by creating your own `main.tf` file and including the following block:
+
+**Example (initial use without version pinning):**
+```
+module "autoscale_fgt_lb_sandwich" {
+  source = "fortinetdev/cloud-modules/google//examples/autoscale_fgt_lb_sandwich"
+
+  # other parameters
+}
+```
+Terraform will fetch the latest available version at the time of the first `terraform init`. However, this version is **locked** in your `.terraform.lock.hcl` file and will not automatically update, even if newer versions become available later.
+
+To ensure you're using a specific version, or to upgrade to a newer one, you should explicitly specify the version attribute in your module block.
+
+**To upgrade to a newer version:**
+
+Update the `version` field to the desired version number. For example:
+
+```
+module "autoscale_fgt_lb_sandwich" {
+  source = "fortinetdev/cloud-modules/google//examples/autoscale_fgt_lb_sandwich"
+  version = "1.4.1"  # <-- Update this to a new version
+
+  # other parameters
+}
+```
+
+Then run the following commands to upgrade and apply the changes:
+```
+terraform init -upgrade
+terraform apply
+```