ansible / ansible.builtin / v2.8.18 / module / fmgr_secprof_dns Manage DNS security profiles in FortiManager | "added in version" 2.8 of ansible.builtin" Authors: Luke Weighall (@lweighall), Andrew Welsh (@Ghilli3), Jim Huber (@p4r4n0y1ng) preview | supported by communityansible.builtin.fmgr_secprof_dns (v2.8.18) — module
pip
Install with pip install ansible==2.8.18
Manage DNS security profiles in FortiManager
- name: DELETE Profile fmgr_secprof_dns: name: "Ansible_DNS_Profile" comment: "Created by Ansible Module TEST" mode: "delete"
- name: CREATE Profile fmgr_secprof_dns: name: "Ansible_DNS_Profile" comment: "Created by Ansible Module TEST" mode: "set" block_action: "block"
adom: default: root description: - The ADOM the configuration should belong to. required: false mode: choices: - add - set - delete - update default: add description: - Sets one of three modes for managing the object. - Allows use of soft-adds instead of overwriting existing values. required: false name: description: - Profile name. required: false type: str comment: description: - Comment for the security profile to show in the FortiManager GUI. required: false type: str safe_search: choices: - disable - enable description: - Enable/disable Google, Bing, and YouTube safe search. - choice | disable | Disable Google, Bing, and YouTube safe search. - choice | enable | Enable Google, Bing, and YouTube safe search. required: false type: str block_action: choices: - block - redirect description: - Action to take for blocked domains. - choice | block | Return NXDOMAIN for blocked domains. - choice | redirect | Redirect blocked domains to SDNS portal. required: false type: str block_botnet: choices: - disable - enable description: - Enable/disable blocking botnet C&C; DNS lookups. - choice | disable | Disable blocking botnet C&C; DNS lookups. - choice | enable | Enable blocking botnet C&C; DNS lookups. required: false type: str log_all_domain: choices: - disable - enable description: - Enable/disable logging of all domains visited (detailed DNS logging). - choice | disable | Disable logging of all domains visited. - choice | enable | Enable logging of all domains visited. required: false type: str redirect_portal: description: - IP address of the SDNS redirect portal. required: false type: str sdns_domain_log: choices: - disable - enable description: - Enable/disable domain filtering and botnet domain logging. - choice | disable | Disable domain filtering and botnet domain logging. - choice | enable | Enable domain filtering and botnet domain logging. required: false type: str ftgd_dns_options: choices: - error-allow - ftgd-disable description: - FortiGuard DNS filter options. - FLAG Based Options. Specify multiple in list form. - flag | error-allow | Allow all domains when FortiGuard DNS servers fail. - flag | ftgd-disable | Disable FortiGuard DNS domain rating. required: false type: str youtube_restrict: choices: - strict - moderate description: - Set safe search for YouTube restriction level. - choice | strict | Enable strict safe seach for YouTube. - choice | moderate | Enable moderate safe search for YouTube. required: false type: str sdns_ftgd_err_log: choices: - disable - enable description: - Enable/disable FortiGuard SDNS rating error logging. - choice | disable | Disable FortiGuard SDNS rating error logging. - choice | enable | Enable FortiGuard SDNS rating error logging. required: false type: str ftgd_dns_filters_log: choices: - disable - enable description: - Enable/disable DNS filter logging for this DNS profile. - choice | disable | Disable DNS filter logging. - choice | enable | Enable DNS filter logging. required: false type: str external_ip_blocklist: description: - One or more external IP block lists. required: false type: str ftgd_dns_filters_action: choices: - monitor - block description: - Action to take for DNS requests matching the category. - choice | monitor | Allow DNS requests matching the category and log the result. - choice | block | Block DNS requests matching the category. required: false type: str ftgd_dns_filters_category: description: - Category number. required: false type: str domain_filter_domain_filter_table: description: - DNS domain filter table ID. required: false type: str
api_result: description: full API response, includes status code and message returned: always type: str