ansible / ansible.builtin / v2.9.25 / module / fmgr_device_provision_template Manages Device Provisioning Templates in FortiManager. | "added in version" 2.8 of ansible.builtin" Authors: Luke Weighall (@lweighall), Andrew Welsh (@Ghilli3), Jim Huber (@p4r4n0y1ng) preview | supported by communityansible.builtin.fmgr_device_provision_template (v2.9.25) — module
pip
Install with pip install ansible==2.9.25
Allows the editing and assignment of device provisioning templates in FortiManager.
- name: SET SNMP SYSTEM INFO fmgr_device_provision_template: provisioning_template: "default" snmp_status: "enable" mode: "set"
- name: SET SNMP SYSTEM INFO ANSIBLE ADOM fmgr_device_provision_template: provisioning_template: "default" snmp_status: "enable" mode: "set" adom: "ansible"
- name: SET SNMP SYSTEM INFO different template (SNMPv2) fmgr_device_provision_template: provisioning_template: "ansibleTest" snmp_status: "enable" mode: "set" adom: "ansible" snmp_v2c_query_port: "162" snmp_v2c_trap_port: "161" snmp_v2c_status: "enable" snmp_v2c_trap_status: "enable" snmp_v2c_query_status: "enable" snmp_v2c_name: "ansibleV2c" snmp_v2c_id: "1" snmp_v2c_trap_src_ipv4: "10.7.220.41" snmp_v2c_trap_hosts_ipv4: "10.7.220.59 255.255.255.255, 10.7.220.60 255.255.255.255" snmp_v2c_query_hosts_ipv4: "10.7.220.59 255.255.255.255, 10.7.220.0 255.255.255.0"
- name: SET SNMP SYSTEM INFO different template (SNMPv3) fmgr_device_provision_template: provisioning_template: "ansibleTest" snmp_status: "enable" mode: "set" adom: "ansible" snmpv3_auth_proto: "sha" snmpv3_auth_pwd: "fortinet" snmpv3_name: "ansibleSNMPv3" snmpv3_notify_hosts: "10.7.220.59,10.7.220.60" snmpv3_priv_proto: "aes256" snmpv3_priv_pwd: "fortinet" snmpv3_queries: "enable" snmpv3_query_port: "161" snmpv3_security_level: "auth_priv" snmpv3_source_ip: "0.0.0.0" snmpv3_status: "enable" snmpv3_trap_rport: "162" snmpv3_trap_status: "enable"
- name: SET SYSLOG INFO fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" syslog_server: "10.7.220.59" syslog_port: "514" syslog_mode: "disable" syslog_status: "enable" syslog_filter: "information"
- name: SET NTP TO FORTIGUARD fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" ntp_status: "enable" ntp_sync_interval: "60" type: "fortiguard"
- name: SET NTP TO CUSTOM SERVER fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" ntp_status: "enable" ntp_sync_interval: "60" ntp_type: "custom" ntp_server: "10.7.220.32,10.7.220.1" ntp_auth: "enable" ntp_auth_pwd: "fortinet" ntp_v3: "disable"
- name: SET ADMIN GLOBAL SETTINGS fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" admin_https_redirect: "enable" admin_https_port: "4433" admin_http_port: "8080" admin_timeout: "30" admin_language: "english" admin_switch_controller: "enable" admin_gui_theme: "blue" admin_enable_fortiguard: "direct" admin_fortiguard_target: "10.7.220.128" admin_fortianalyzer_target: "10.7.220.61"
- name: SET CUSTOM SMTP SERVER fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" smtp_username: "ansible" smtp_password: "fortinet" smtp_port: "25" smtp_replyto: "ansible@do-not-reply.com" smtp_conn_sec: "starttls" smtp_server: "10.7.220.32" smtp_source_ipv4: "0.0.0.0" smtp_validate_cert: "disable"
- name: SET DNS SERVERS fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" dns_suffix: "ansible.local" dns_primary_ipv4: "8.8.8.8" dns_secondary_ipv4: "4.4.4.4"
- name: SET PROVISIONING TEMPLATE DEVICE TARGETS IN FORTIMANAGER fmgr_device_provision_template: provisioning_template: "ansibleTest" mode: "set" adom: "ansible" provision_targets: "FGT1, FGT2"
- name: DELETE ENTIRE PROVISIONING TEMPLATE fmgr_device_provision_template: delete_provisioning_template: "ansibleTest" mode: "delete" adom: "ansible"
adom: description: - The ADOM the configuration should belong to. required: true mode: choices: - add - set - delete - update default: add description: - Sets one of three modes for managing the object. - Allows use of soft-adds instead of overwriting existing values. required: false ntp_v3: choices: - enable - disable description: - Enables or disables ntpv3 (default is ntpv4). required: false ntp_auth: choices: - enable - disable description: - Enables or disables ntp authentication. required: false ntp_type: choices: - fortiguard - custom description: - Enables fortiguard servers or custom servers are the ntp source. required: false smtp_port: description: - SMTP port number. required: false dns_suffix: description: - Sets the local dns domain suffix. required: false ntp_server: description: - Only used with custom ntp_type -- specifies IP of server to sync to -- comma separated ip addresses for multiples. required: false ntp_status: choices: - enable - disable description: - Enables or disables ntp. required: false smtp_server: description: - SMTP server ipv4 address. required: false snmp_status: choices: - enable - disable description: - Enables or disables SNMP globally. required: false snmp_v2c_id: description: - Primary key for the snmp community. this must be unique! required: false snmpv3_name: description: - SNMPv3 user name. required: false syslog_mode: choices: - udp - legacy-reliable - reliable default: udp description: - Remote syslog logging over UDP/Reliable TCP. - choice | udp | Enable syslogging over UDP. - choice | legacy-reliable | Enable legacy reliable syslogging by RFC3195 (Reliable Delivery for Syslog). - choice | reliable | Enable reliable syslogging by RFC6587 (Transmission of Syslog Messages over TCP). required: false syslog_port: description: - Syslog port that will be set. required: false ntp_auth_pwd: description: - Sets the ntp auth password. required: false smtp_replyto: description: - SMTP reply to address. required: false admin_timeout: description: - Admin timeout in minutes. required: false smtp_conn_sec: choices: - none - starttls - smtps description: - defines the ssl level for smtp. required: false smtp_password: description: - SMTP password. required: false smtp_username: description: - SMTP auth username. required: false snmp_v2c_name: description: - Specifies the v2c community name. required: false snmpv3_status: choices: - enable - disable description: - SNMPv3 user is enabled or disabled. required: false syslog_filter: choices: - emergency - alert - critical - error - warning - notification - information - debug description: - Sets the logging level for syslog. required: false syslog_server: description: - Server the syslogs will be sent to. required: false syslog_status: choices: - enable - disable description: - Enables or disables syslogs. required: false admin_language: choices: - english - simch - japanese - korean - spanish - trach - french - portuguese description: - Sets the admin gui language. required: false snmpv3_queries: choices: - enable - disable description: - Allow snmpv3_queries. required: false admin_gui_theme: choices: - green - red - blue - melongene - mariner description: - Changes the admin gui theme. required: false admin_http_port: description: - Non-SSL admin gui port number. required: false snmp_v2c_status: choices: - enable - disable description: - Enables or disables the v2c community specified. required: false snmpv3_auth_pwd: description: - SNMPv3 auth pwd __ currently not encrypted! ensure this file is locked down permissions wise! required: false snmpv3_priv_pwd: description: - SNMPv3 priv pwd currently not encrypted! ensure this file is locked down permissions wise! required: false syslog_facility: choices: - kernel - user - mail - daemon - auth - syslog - lpr - news - uucp - cron - authpriv - ftp - ntp - audit - alert - clock - local0 - local1 - local2 - local3 - local4 - local5 - local6 - local7 default: syslog description: - Remote syslog facility. - choice | kernel | Kernel messages. - choice | user | Random user-level messages. - choice | mail | Mail system. - choice | daemon | System daemons. - choice | auth | Security/authorization messages. - choice | syslog | Messages generated internally by syslog. - choice | lpr | Line printer subsystem. - choice | news | Network news subsystem. - choice | uucp | Network news subsystem. - choice | cron | Clock daemon. - choice | authpriv | Security/authorization messages (private). - choice | ftp | FTP daemon. - choice | ntp | NTP daemon. - choice | audit | Log audit. - choice | alert | Log alert. - choice | clock | Clock daemon. - choice | local0 | Reserved for local use. - choice | local1 | Reserved for local use. - choice | local2 | Reserved for local use. - choice | local3 | Reserved for local use. - choice | local4 | Reserved for local use. - choice | local5 | Reserved for local use. - choice | local6 | Reserved for local use. - choice | local7 | Reserved for local use. required: false admin_https_port: description: - SSL admin gui port number. required: false dns_primary_ipv4: description: - primary ipv4 dns forwarder. required: false smtp_source_ipv4: description: - SMTP source ip address. required: false snmpv3_source_ip: description: - SNMPv3 source ipv4 address for traps. required: false ntp_sync_interval: description: - Sets the interval in minutes for ntp sync. required: false provision_targets: description: - The friendly names of devices in FortiManager to assign the provisioning template to. CSV separated list. required: true snmpv3_auth_proto: choices: - md5 - sha description: - SNMPv3 auth protocol. required: false snmpv3_priv_proto: choices: - aes - des - aes256 - aes256cisco description: - SNMPv3 priv protocol. required: false snmpv3_query_port: description: - SNMPv3 query port. required: false snmpv3_trap_rport: description: - SNMPv3 trap remote port. required: false device_unique_name: description: - The unique device's name that you are editing. required: true dns_secondary_ipv4: description: - secondary ipv4 dns forwarder. required: false smtp_validate_cert: choices: - enable - disable description: - Enables or disables valid certificate checking for smtp. required: false snmp_v2c_trap_port: description: - Sets the snmp v2c community trap port. required: false snmpv3_trap_status: choices: - enable - disable description: - SNMPv3 traps is enabled or disabled. required: false syslog_certificate: description: - Certificate used to communicate with Syslog server if encryption on. required: false snmp_v2c_query_port: description: - Sets the snmp v2c community query port. required: false snmpv3_notify_hosts: description: - List of ipv4 hosts to send snmpv3 traps to. Comma separated IPv4 list. required: false admin_https_redirect: choices: - enable - disable description: - Enables or disables https redirect from http. required: false snmp_v2c_trap_status: choices: - enable - disable description: - Enables or disables the v2c community specified for traps. required: false syslog_enc_algorithm: choices: - high - low - disable - high-medium default: disable description: - Enable/disable reliable syslogging with TLS encryption. - choice | high | SSL communication with high encryption algorithms. - choice | low | SSL communication with low encryption algorithms. - choice | disable | Disable SSL communication. - choice | high-medium | SSL communication with high and medium encryption algorithms. required: false provisioning_template: description: - The provisioning template you want to apply (default = default). required: true snmp_v2c_query_status: choices: - enable - disable description: - Enables or disables the v2c community specified for queries. required: false snmpv3_security_level: choices: - no-auth-no-priv - auth-no-priv - auth-priv description: - SNMPv3 security level. required: false snmp_v2c_trap_src_ipv4: description: - Source ip the traps should come from IPv4. required: false admin_enable_fortiguard: choices: - none - direct - this-fmg description: - Enables FortiGuard security updates to their default settings. required: false admin_fortiguard_target: description: - Configures fortiguard target. - admin_enable_fortiguard must be set to "direct". required: false admin_switch_controller: choices: - enable - disable description: - Enables or disables the switch controller. required: false snmp_v2c_trap_hosts_ipv4: description: '- IPv4 addresses of the hosts that should get SNMP v2c traps, comma separated, must include mask ("10.7.220.59 255.255.255.255, 10.7.220.60 255.255.255.255"). ' required: false snmp_v2c_query_hosts_ipv4: description: '- IPv4 addresses or subnets that are allowed to query SNMP v2c, comma separated ("10.7.220.59 255.255.255.0, 10.7.220.0 255.255.255.0"). ' required: false admin_fortianalyzer_target: description: - Configures faz target. required: false delete_provisioning_template: description: - If specified, all other options are ignored. The specified provisioning template will be deleted. required: false
api_result: description: full API response, includes status code and message returned: always type: str