ansible / ansible.builtin / v2.9.26 / module / fmgr_secprof_av Manage security profile | "added in version" 2.8 of ansible.builtin" Authors: Luke Weighall (@lweighall), Andrew Welsh (@Ghilli3), Jim Huber (@p4r4n0y1ng) preview | supported by communityansible.builtin.fmgr_secprof_av (v2.9.26) — module
pip
Install with pip install ansible==2.9.26
Manage security profile groups for FortiManager objects
- name: DELETE Profile fmgr_secprof_av: name: "Ansible_AV_Profile" mode: "delete"
- name: CREATE Profile fmgr_secprof_av: name: "Ansible_AV_Profile" comment: "Created by Ansible Module TEST" mode: "set" inspection_mode: "proxy" ftgd_analytics: "everything" av_block_log: "enable" av_virus_log: "enable" scan_mode: "full" mobile_malware_db: "enable" ftp_archive_block: "encrypted" ftp_outbreak_prevention: "files" ftp_archive_log: "timeout" ftp_emulator: "disable" ftp_options: "scan"
ftp: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false smb: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false adom: default: root description: - The ADOM the configuration should belong to. required: false http: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false imap: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false mapi: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false mode: choices: - add - set - delete - update default: add description: - Sets one of three modes for managing the object. - Allows use of soft-adds instead of overwriting existing values required: false name: description: - Profile name. required: false nntp: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false pop3: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false smtp: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false comment: description: - Comment. required: false nac_quar: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false scan_mode: choices: - quick - full description: - Choose between full scan mode and quick scan mode. required: false ftp_options: choices: - scan - quarantine - avmonitor description: - Enable/disable FTP AntiVirus scanning, monitoring, and quarantine. - FLAG Based Options. Specify multiple in list form. required: false smb_options: choices: - scan - quarantine - avmonitor description: - Enable/disable SMB AntiVirus scanning, monitoring, and quarantine. - FLAG Based Options. Specify multiple in list form. required: false analytics_db: choices: - disable - enable description: - Enable/disable using the FortiSandbox signature database to supplement the AV signature databases. required: false av_block_log: choices: - disable - enable description: - Enable/disable logging for AntiVirus file blocking. required: false av_virus_log: choices: - disable - enable description: - Enable/disable AntiVirus logging. required: false extended_log: choices: - disable - enable description: - Enable/disable extended logging for antivirus. required: false ftp_emulator: choices: - disable - enable description: - Enable/disable the virus emulator. required: false http_options: choices: - scan - quarantine - avmonitor description: - Enable/disable HTTP AntiVirus scanning, monitoring, and quarantine. - FLAG Based Options. Specify multiple in list form. required: false imap_options: choices: - scan - quarantine - avmonitor description: - Enable/disable IMAP AntiVirus scanning, monitoring, and quarantine. - FLAG Based Options. Specify multiple in list form. required: false mapi_options: choices: - scan - quarantine - avmonitor description: - Enable/disable MAPI AntiVirus scanning, monitoring, and quarantine. - FLAG Based Options. Specify multiple in list form. required: false nac_quar_log: choices: - disable - enable description: - Enable/disable AntiVirus quarantine logging. required: false nntp_options: choices: - scan - quarantine - avmonitor description: - Enable/disable NNTP AntiVirus scanning, monitoring, and quarantine. - FLAG Based Options. Specify multiple in list form. required: false pop3_options: choices: - scan - quarantine - avmonitor description: - Enable/disable POP3 AntiVirus scanning, monitoring, and quarantine. - FLAG Based Options. Specify multiple in list form. required: false smb_emulator: choices: - disable - enable description: - Enable/disable the virus emulator. required: false smtp_options: choices: - scan - quarantine - avmonitor description: - Enable/disable SMTP AntiVirus scanning, monitoring, and quarantine. - FLAG Based Options. Specify multiple in list form. required: false http_emulator: choices: - disable - enable description: - Enable/disable the virus emulator. required: false imap_emulator: choices: - disable - enable description: - Enable/disable the virus emulator. required: false mapi_emulator: choices: - disable - enable description: - Enable/disable the virus emulator. required: false nntp_emulator: choices: - disable - enable description: - Enable/disable the virus emulator. required: false pop3_emulator: choices: - disable - enable description: - Enable/disable the virus emulator. required: false smtp_emulator: choices: - disable - enable description: - Enable/disable the virus emulator. required: false content_disarm: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false ftgd_analytics: choices: - disable - suspicious - everything description: - Settings to control which files are uploaded to FortiSandbox. required: false ftp_archive_log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to log. - FLAG Based Options. Specify multiple in list form. required: false inspection_mode: choices: - proxy - flow-based description: - Inspection mode. required: false nac_quar_expiry: description: - Duration of quarantine. required: false smb_archive_log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to log. - FLAG Based Options. Specify multiple in list form. required: false http_archive_log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to log. - FLAG Based Options. Specify multiple in list form. required: false imap_archive_log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to log. - FLAG Based Options. Specify multiple in list form. required: false imap_executables: choices: - default - virus description: - Treat Windows executable files as viruses for the purpose of blocking or monitoring. required: false mapi_archive_log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to log. - FLAG Based Options. Specify multiple in list form. required: false mapi_executables: choices: - default - virus description: - Treat Windows executable files as viruses for the purpose of blocking or monitoring. required: false nntp_archive_log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to log. - FLAG Based Options. Specify multiple in list form. required: false pop3_archive_log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to log. - FLAG Based Options. Specify multiple in list form. required: false pop3_executables: choices: - default - virus description: - Treat Windows executable files as viruses for the purpose of blocking or monitoring. required: false replacemsg_group: description: - Replacement message group customized for this profile. required: false smtp_archive_log: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to log. - FLAG Based Options. Specify multiple in list form. required: false smtp_executables: choices: - default - virus description: - Treat Windows executable files as viruses for the purpose of blocking or monitoring. required: false ftp_archive_block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to block. - FLAG Based Options. Specify multiple in list form. required: false mobile_malware_db: choices: - disable - enable description: - Enable/disable using the mobile malware signature database. required: false nac_quar_infected: choices: - none - quar-src-ip description: - Enable/Disable quarantining infected hosts to the banned user list. required: false smb_archive_block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to block. - FLAG Based Options. Specify multiple in list form. required: false http_archive_block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to block. - FLAG Based Options. Specify multiple in list form. required: false imap_archive_block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to block. - FLAG Based Options. Specify multiple in list form. required: false mapi_archive_block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to block. - FLAG Based Options. Specify multiple in list form. required: false nntp_archive_block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to block. - FLAG Based Options. Specify multiple in list form. required: false pop3_archive_block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to block. - FLAG Based Options. Specify multiple in list form. required: false smtp_archive_block: choices: - encrypted - corrupted - multipart - nested - mailbomb - unhandled - partiallycorrupted - fileslimit - timeout description: - Select the archive types to block. - FLAG Based Options. Specify multiple in list form. required: false http_content_disarm: choices: - disable - enable description: - Enable Content Disarm and Reconstruction for this protocol. required: false imap_content_disarm: choices: - disable - enable description: - Enable Content Disarm and Reconstruction for this protocol. required: false pop3_content_disarm: choices: - disable - enable description: - Enable Content Disarm and Reconstruction for this protocol. required: false smtp_content_disarm: choices: - disable - enable description: - Enable Content Disarm and Reconstruction for this protocol. required: false analytics_max_upload: description: - Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes, default = 10). required: false analytics_bl_filetype: description: - Only submit files matching this DLP file-pattern to FortiSandbox. required: false analytics_wl_filetype: description: - Do not submit files matching this DLP file-pattern to FortiSandbox. required: false ftp_outbreak_prevention: choices: - disabled - files - full-archive description: - Enable FortiGuard Virus Outbreak Prevention service. required: false smb_outbreak_prevention: choices: - disabled - files - full-archive description: - Enable FortiGuard Virus Outbreak Prevention service. required: false http_outbreak_prevention: choices: - disabled - files - full-archive description: - Enable FortiGuard Virus Outbreak Prevention service. required: false imap_outbreak_prevention: choices: - disabled - files - full-archive description: - Enable FortiGuard Virus Outbreak Prevention service. required: false mapi_outbreak_prevention: choices: - disabled - files - full-archive description: - Enable FortiGuard Virus Outbreak Prevention service. required: false nntp_outbreak_prevention: choices: - disabled - files - full-archive description: - Enable FortiGuard Virus Outbreak Prevention service. required: false pop3_outbreak_prevention: choices: - disabled - files - full-archive description: - Enable FortiGuard Virus Outbreak Prevention service. required: false smtp_outbreak_prevention: choices: - disabled - files - full-archive description: - Enable FortiGuard Virus Outbreak Prevention service. required: false content_disarm_cover_page: choices: - disable - enable description: - Enable/disable inserting a cover page into the disarmed document. required: false content_disarm_detect_only: choices: - disable - enable description: - Enable/disable only detect disarmable files, do not alter content. required: false content_disarm_office_embed: choices: - disable - enable description: - Enable/disable stripping of embedded objects in Microsoft Office documents. required: false content_disarm_office_macro: choices: - disable - enable description: - Enable/disable stripping of macros in Microsoft Office documents. required: false content_disarm_pdf_act_form: choices: - disable - enable description: - Enable/disable stripping of actions that submit data to other targets in PDF documents. required: false content_disarm_pdf_act_java: choices: - disable - enable description: - Enable/disable stripping of actions that execute JavaScript code in PDF documents. required: false content_disarm_pdf_javacode: choices: - disable - enable description: - Enable/disable stripping of JavaScript code in PDF documents. required: false content_disarm_office_hylink: choices: - disable - enable description: - Enable/disable stripping of hyperlinks in Microsoft Office documents. required: false content_disarm_office_linked: choices: - disable - enable description: - Enable/disable stripping of linked objects in Microsoft Office documents. required: false content_disarm_pdf_act_gotor: choices: - disable - enable description: - Enable/disable stripping of links to other PDFs in PDF documents. required: false content_disarm_pdf_act_movie: choices: - disable - enable description: - Enable/disable stripping of embedded movies in PDF documents. required: false content_disarm_pdf_act_sound: choices: - disable - enable description: - Enable/disable stripping of embedded sound files in PDF documents. required: false content_disarm_pdf_embedfile: choices: - disable - enable description: - Enable/disable stripping of embedded files in PDF documents. required: false content_disarm_pdf_hyperlink: choices: - disable - enable description: - Enable/disable stripping of hyperlinks from PDF documents. required: false content_disarm_pdf_act_launch: choices: - disable - enable description: - Enable/disable stripping of links to external applications in PDF documents. required: false content_disarm_original_file_destination: choices: - fortisandbox - quarantine - discard description: - Destination to send original file if active content is removed. required: false
api_result: description: full API response, includes status code and message returned: always type: str