Hello,

I tried to export the system configuration file from my FortiGate with FortiOS v7.2.7 build1577, today the first time in YAML. When exporting using the WebUI I chose: Scope: Global, Backup to: LocalPC, File format: YAML, Password mask: enabled, Encryption: disabled.

When I then tried to load the yaml file with the PyYAML python library v6.0… without the expected success:

import yaml

with open("[…].conf.yaml", encoding='utf-8') as fd:
    yconf = yaml.safe_load(fd)

  File "[…]\Python311\site-packages\yaml\parser.py", line 438, in parse_block_mapping_key
    raise ParserError("while parsing a block mapping", self.marks[-1],
yaml.parser.ParserError: while parsing a block mapping
  in "[…].conf.yaml", line 2407, column 9
expected <block end>, but found '<scalar>'
  in "[…].conf.yaml", line 2408, column 50

When examining with a text-editor, I found the following at the guilty part of the YAML-file (starting at line 2405):

firewall_addrgrp:
    - host-grp_group-name1:
        uuid: 01234567-89ab-cdef-0123-456789abcdef
        member: "host_name1" "host_name2" "host_name3" "host_name4" "net_name1" "net_name2" "net_name3"

So it appears to me that PyYAML is right in it's complaint and the YAML-export takes some liberties in it's interpretation of the yaml specification… there are several different (and many) places in the config file, where internal lists aren't exported as lists in YAML but in space-separated sequences of strings i.e. scalars in YAML-terminology.

Is there a difference depending on the options chosen or the way the file is extracted from the FortiGate? So can I circumvent this issue or am I stuck with some other parsing strategy?

Best regards

Edit: corrected firmware version number