Try Spotterno description
| "added in version" 1.0.0 of chillancezen.fortimanager"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install chillancezen.fortimanager:==2.1.6
collections:
- name: chillancezen.fortimanager
version: 2.1.6This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: no description
fmgr_waf_profile:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
waf_profile:
comment: <value of string>
extended-log: <value in [disable, enable]>
external: <value in [disable, enable]>
name: <value of string>
url-access:
-
access-pattern:
-
id: <value of integer>
negate: <value in [disable, enable]>
pattern: <value of string>
regex: <value in [disable, enable]>
srcaddr: <value of string>
action: <value in [bypass, permit, block]>
address: <value of string>
id: <value of integer>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
address-list:
blocked-address: <value of string>
blocked-log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
trusted-address: <value of string>
constraint:
content-length:
action: <value in [allow, block]>
length: <value of integer>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
exception:
-
address: <value of string>
content-length: <value in [disable, enable]>
header-length: <value in [disable, enable]>
hostname: <value in [disable, enable]>
id: <value of integer>
line-length: <value in [disable, enable]>
malformed: <value in [disable, enable]>
max-cookie: <value in [disable, enable]>
max-header-line: <value in [disable, enable]>
max-range-segment: <value in [disable, enable]>
max-url-param: <value in [disable, enable]>
method: <value in [disable, enable]>
param-length: <value in [disable, enable]>
pattern: <value of string>
regex: <value in [disable, enable]>
url-param-length: <value in [disable, enable]>
version: <value in [disable, enable]>
header-length:
action: <value in [allow, block]>
length: <value of integer>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
hostname:
action: <value in [allow, block]>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
line-length:
action: <value in [allow, block]>
length: <value of integer>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
malformed:
action: <value in [allow, block]>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
max-cookie:
action: <value in [allow, block]>
log: <value in [disable, enable]>
max-cookie: <value of integer>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
max-header-line:
action: <value in [allow, block]>
log: <value in [disable, enable]>
max-header-line: <value of integer>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
max-range-segment:
action: <value in [allow, block]>
log: <value in [disable, enable]>
max-range-segment: <value of integer>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
max-url-param:
action: <value in [allow, block]>
log: <value in [disable, enable]>
max-url-param: <value of integer>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
method:
action: <value in [allow, block]>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
param-length:
action: <value in [allow, block]>
length: <value of integer>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
url-param-length:
action: <value in [allow, block]>
length: <value of integer>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
version:
action: <value in [allow, block]>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
method:
default-allowed-methods:
- delete
- get
- head
- options
- post
- put
- trace
- others
- connect
log: <value in [disable, enable]>
method-policy:
-
address: <value of string>
allowed-methods:
- delete
- get
- head
- options
- post
- put
- trace
- others
- connect
id: <value of integer>
pattern: <value of string>
regex: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
signature:
credit-card-detection-threshold: <value of integer>
custom-signature:
-
action: <value in [allow, block, erase]>
case-sensitivity: <value in [disable, enable]>
direction: <value in [request, response]>
log: <value in [disable, enable]>
name: <value of string>
pattern: <value of string>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
target:
- arg
- arg-name
- req-body
- req-cookie
- req-cookie-name
- req-filename
- req-header
- req-header-name
- req-raw-uri
- req-uri
- resp-body
- resp-hdr
- resp-status
disabled-signature: <value of string>
disabled-sub-class: <value of string>
main-class:
action: <value in [allow, block, erase]>
id: <value of integer>
log: <value in [disable, enable]>
severity: <value in [low, medium, high]>
status: <value in [disable, enable]>
request_url: description: The full url requested returned: always sample: /sys/login/user type: str response_code: description: The status of api request returned: always sample: 0 type: int response_message: description: The descriptive message of the api response returned: always sample: OK. type: str