community / community.network / 1.3.1 / module / fmgr_fwpol_package Manages FortiManager Firewall Policies Packages. Authors: Luke Weighall (@lweighall), Andrew Welsh (@Ghilli3), Jim Huber (@p4r4n0y1ng)community.network.fmgr_fwpol_package (1.3.1) — module
Install with ansible-galaxy collection install community.network:==1.3.1
collections: - name: community.network version: 1.3.1
Manages FortiManager Firewall Policies Packages. Policy Packages contain one or more Firewall Policies/Rules and are distritbuted via FortiManager to Fortigates.
This module controls the creation/edit/delete/assign of these packages.
- name: CREATE BASIC POLICY PACKAGE community.network.fmgr_fwpol_package: adom: "ansible" mode: "add" name: "testPackage" object_type: "pkg"
- name: ADD PACKAGE WITH TARGETS community.network.fmgr_fwpol_package: mode: "add" adom: "ansible" name: "ansibleTestPackage1" object_type: "pkg" inspection_mode: "flow" ngfw_mode: "profile-based" scope_members: "seattle-fgt02, seattle-fgt03"
- name: ADD FOLDER community.network.fmgr_fwpol_package: mode: "add" adom: "ansible" name: "ansibleTestFolder1" object_type: "folder"
- name: ADD PACKAGE INTO PARENT FOLDER community.network.fmgr_fwpol_package: mode: "set" adom: "ansible" name: "ansibleTestPackage2" object_type: "pkg" parent_folder: "ansibleTestFolder1"
- name: ADD FOLDER INTO PARENT FOLDER community.network.fmgr_fwpol_package: mode: "set" adom: "ansible" name: "ansibleTestFolder2" object_type: "folder" parent_folder: "ansibleTestFolder1"
- name: INSTALL PACKAGE community.network.fmgr_fwpol_package: mode: "set" adom: "ansible" name: "ansibleTestPackage1" object_type: "install" scope_members: "seattle-fgt03, seattle-fgt02"
- name: REMOVE PACKAGE community.network.fmgr_fwpol_package: mode: "delete" adom: "ansible" name: "ansibleTestPackage1" object_type: "pkg"
- name: REMOVE NESTED PACKAGE community.network.fmgr_fwpol_package: mode: "delete" adom: "ansible" name: "ansibleTestPackage2" object_type: "pkg" parent_folder: "ansibleTestFolder1"
- name: REMOVE NESTED FOLDER community.network.fmgr_fwpol_package: mode: "delete" adom: "ansible" name: "ansibleTestFolder2" object_type: "folder" parent_folder: "ansibleTestFolder1"
- name: REMOVE FOLDER community.network.fmgr_fwpol_package: mode: "delete" adom: "ansible" name: "ansibleTestFolder1" object_type: "folder"
adom: default: root description: - The ADOM the configuration should belong to. required: false mode: choices: - add - set - delete default: add description: - Sets one of three modes for managing the object. name: description: - Name of the FortiManager package or folder. required: true ngfw_mode: choices: - profile-based - policy-based default: profile-based description: - NGFW mode setting for the policies flow or proxy. required: false central_nat: choices: - enable - disable default: disable description: - Central NAT setting. required: false object_type: choices: - pkg - folder - install description: - Are we managing packages or folders, or installing packages? required: true parent_folder: description: - The parent folder name you want to add this object under. required: false scope_members: description: - The devices or scope that you want to assign this policy package to. required: false package_folder: description: - Name of the folder you want to put the package into. required: false inspection_mode: choices: - flow - proxy default: flow description: - Inspection mode setting for the policies flow or proxy. required: false ssl_ssh_profile: description: - if policy-based ngfw-mode, refer to firewall ssl-ssh-profile. required: false scope_members_vdom: default: root description: - The members VDOM you want to assign the package to. required: false fwpolicy_implicit_log: choices: - enable - disable default: disable description: - Implicit Log setting for all IPv4 policies in package. required: false fwpolicy6_implicit_log: choices: - enable - disable default: disable description: - Implicit Log setting for all IPv6 policies in package. required: false
api_result: description: full API response, includes status code and message returned: always type: str