Try Spotterno description
| "added in version" 1.0.0 of chillancezen.fortimanager"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install chillancezen.fortimanager:==2.1.6
collections:
- name: chillancezen.fortimanager
version: 2.1.6This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: no description
fmgr_firewall_accessproxy:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
firewall_accessproxy:
api-gateway:
-
http-cookie-age: <value of integer>
http-cookie-domain: <value of string>
http-cookie-domain-from-host: <value in [disable, enable]>
http-cookie-generation: <value of integer>
http-cookie-path: <value of string>
http-cookie-share: <value in [disable, same-ip]>
https-cookie-secure: <value in [disable, enable]>
id: <value of integer>
ldb-method: <value in [static, round-robin, weighted, ...]>
persistence: <value in [none, http-cookie]>
realservers:
-
address: <value of string>
health-check: <value in [disable, enable]>
health-check-proto: <value in [ping, http, tcp-connect]>
http-host: <value of string>
id: <value of integer>
ip: <value of string>
mappedport: <value of string>
port: <value of integer>
status: <value in [active, standby, disable]>
weight: <value of integer>
addr-type: <value in [fqdn, ip]>
domain: <value of string>
holddown-interval: <value in [disable, enable]>
ssh-client-cert: <value of string>
ssh-host-key: <value of string>
ssh-host-key-validation: <value in [disable, enable]>
type: <value in [tcp-forwarding, ssh]>
saml-server: <value of string>
service: <value in [http, https, tcp-forwarding, ...]>
ssl-algorithm: <value in [high, medium, low, ...]>
ssl-cipher-suites:
-
cipher: <value in [TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, ...]>
priority: <value of integer>
versions:
- tls-1.0
- tls-1.1
- tls-1.2
- tls-1.3
ssl-dh-bits: <value in [768, 1024, 1536, ...]>
ssl-max-version: <value in [tls-1.0, tls-1.1, tls-1.2, ...]>
ssl-min-version: <value in [tls-1.0, tls-1.1, tls-1.2, ...]>
url-map: <value of string>
url-map-type: <value in [sub-string, wildcard, regex]>
virtual-host: <value of string>
saml-redirect: <value in [disable, enable]>
ssl-vpn-web-portal: <value of string>
client-cert: <value in [disable, enable]>
empty-cert-action: <value in [block, accept]>
ldb-method: <value in [static, round-robin, weighted, ...]>
name: <value of string>
realservers:
-
id: <value of integer>
ip: <value of string>
port: <value of integer>
status: <value in [active, standby, disable]>
weight: <value of integer>
server-pubkey-auth: <value in [disable, enable]>
server-pubkey-auth-settings:
auth-ca: <value of string>
cert-extension:
-
critical: <value in [no, yes]>
data: <value of string>
name: <value of string>
type: <value in [fixed, user]>
permit-agent-forwarding: <value in [disable, enable]>
permit-port-forwarding: <value in [disable, enable]>
permit-pty: <value in [disable, enable]>
permit-user-rc: <value in [disable, enable]>
permit-x11-forwarding: <value in [disable, enable]>
source-address: <value in [disable, enable]>
vip: <value of string>
api-gateway6:
-
http-cookie-age: <value of integer>
http-cookie-domain: <value of string>
http-cookie-domain-from-host: <value in [disable, enable]>
http-cookie-generation: <value of integer>
http-cookie-path: <value of string>
http-cookie-share: <value in [disable, same-ip]>
https-cookie-secure: <value in [disable, enable]>
id: <value of integer>
ldb-method: <value in [static, round-robin, weighted, ...]>
persistence: <value in [none, http-cookie]>
realservers:
-
addr-type: <value in [fqdn, ip]>
address: <value of string>
domain: <value of string>
health-check: <value in [disable, enable]>
health-check-proto: <value in [ping, http, tcp-connect]>
holddown-interval: <value in [disable, enable]>
http-host: <value of string>
id: <value of integer>
ip: <value of string>
mappedport: <value of string>
port: <value of integer>
ssh-client-cert: <value of string>
ssh-host-key: <value of string>
ssh-host-key-validation: <value in [disable, enable]>
status: <value in [active, standby, disable]>
type: <value in [tcp-forwarding, ssh]>
weight: <value of integer>
saml-redirect: <value in [disable, enable]>
saml-server: <value of string>
service: <value in [http, https, tcp-forwarding, ...]>
ssl-algorithm: <value in [high, medium, low]>
ssl-cipher-suites:
-
cipher: <value in [TLS-RSA-WITH-RC4-128-MD5, TLS-RSA-WITH-RC4-128-SHA, TLS-RSA-WITH-DES-CBC-SHA, ...]>
priority: <value of integer>
versions:
- tls-1.0
- tls-1.1
- tls-1.2
- tls-1.3
ssl-dh-bits: <value in [768, 1024, 1536, ...]>
ssl-max-version: <value in [tls-1.0, tls-1.1, tls-1.2, ...]>
ssl-min-version: <value in [tls-1.0, tls-1.1, tls-1.2, ...]>
ssl-vpn-web-portal: <value of string>
url-map: <value of string>
url-map-type: <value in [sub-string, wildcard, regex]>
virtual-host: <value of string>
auth-portal: <value in [disable, enable]>
auth-virtual-host: <value of string>
decrypted-traffic-mirror: <value of string>
log-blocked-traffic: <value in [disable, enable]>
request_url: description: The full url requested returned: always sample: /sys/login/user type: str response_code: description: The status of api request returned: always sample: 0 type: int response_message: description: The descriptive message of the api response returned: always sample: OK. type: str