drmofu / drmofu.fortianalyzer / 1.3.0 / module / faz_cli_system_admin_user Admin user. | "added in version" 1.0.0 of drmofu.fortianalyzer" Authors: Xinwei Du (@dux-fortinet), Link Zheng (@chillancezen), Jie Xue (@JieX19), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortianalyzer.faz_cli_system_admin_user (1.3.0) — module
Install with ansible-galaxy collection install drmofu.fortianalyzer:==1.3.0
collections: - name: drmofu.fortianalyzer version: 1.3.0
This module is able to configure a FortiAnalyzer device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- collections: - fortinet.fortianalyzer connection: httpapi hosts: fortianalyzer_inventory tasks: - faz_cli_system_admin_user: cli_system_admin_user: change-password: disable description: "admin user created via Ansible" email-address: "foo@ansible.com" ext-auth-accprofile-override: disable ext-auth-adom-override: disable profileid: 1 two-factor-auth: disable userid: fooadminuser state: present name: Admin user. vars: ansible_httpapi_port: 443 ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false
state: choices: - present - absent description: The directive to create, update or delete an object required: true type: str log_path: default: /tmp/fortianalyzer.ansible.log description: - The path to save log. Used if enable_log is true. - Please use absolute path instead of relative path. - If the log_path setting is incorrect, the log will be saved in /tmp/fortianalyzer.ansible.log required: false type: str rc_failed: description: the rc codes list with which the conditions to fail will be overriden elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: the rc codes list with which the conditions to succeed will be overriden elements: int required: false type: list proposed_method: choices: - set - update - add description: The overridden method for the underlying Json RPC request required: false type: str bypass_validation: default: false description: only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters required: false type: bool cli_system_admin_user: description: the top level parameters set required: false suboptions: adom: description: no description elements: dict suboptions: adom-name: description: Admin domain names. type: str type: list adom-access: choices: - all - specify - exclude - per-adom-profile description: - set all/specify/exclude adom access mode. - all - All ADOMs access. - specify - Specify ADOMs access. - exclude - Exclude ADOMs access. type: str adom-exclude: description: no description elements: dict suboptions: adom-name: description: Admin domain names. type: str type: list avatar: description: Image file for avatar (maximum 4K base64 encoded). type: str ca: description: PKI user certificate CA (CA name in local). type: str change-password: choices: - disable - enable description: - Enable/disable restricted user to change self password. - disable - Disable setting. - enable - Enable setting. type: str cors-allow-origin: description: Access-Control-Allow-Origin. type: str dashboard: description: no description elements: dict suboptions: column: description: Widgets column ID. type: int diskio-content-type: choices: - util - iops - blks description: - Disk I/O Monitor widgets chart type. - util - bandwidth utilization. - iops - the number of I/O requests. - blks - the amount of data of I/O requests. type: str diskio-period: choices: - 1hour - 8hour - 24hour description: - Disk I/O Monitor widgets data period. - 1hour - 1 hour. - 8hour - 8 hour. - 24hour - 24 hour. type: str log-rate-period: choices: - '2min ' - 1hour - 6hours description: - Log receive monitor widgets data period. - 2min - 2 minutes. - 1hour - 1 hour. - 6hours - 6 hours. type: str log-rate-topn: choices: - '1' - '2' - '3' - '4' - '5' description: - Log receive monitor widgets number of top items to display. - 1 - Top 1. - 2 - Top 2. - 3 - Top 3. - 4 - Top 4. - 5 - Top 5. type: str log-rate-type: choices: - log - device description: - Log receive monitor widgets statistics breakdown options. - log - Show log rates for each log type. - device - Show log rates for each device. type: str moduleid: description: Widget ID. type: int name: description: Widget name. type: str num-entries: description: Number of entries. type: int refresh-interval: description: Widgets refresh interval. type: int res-cpu-display: choices: - 'average ' - each description: - Widgets CPU display type. - average - Average usage of CPU. - each - Each usage of CPU. type: str res-period: choices: - '10min ' - hour - day description: - Widgets data period. - 10min - Last 10 minutes. - hour - Last hour. - day - Last day. type: str res-view-type: choices: - 'real-time ' - history description: - Widgets data view type. - real-time - Real-time view. - history - History view. type: str status: choices: - close - open description: - Widgets opened/closed state. - close - Widget closed. - open - Widget opened. type: str tabid: description: ID of tab where widget is displayed. type: int time-period: choices: - 1hour - 8hour - 24hour description: - Log Database Monitor widgets data period. - 1hour - 1 hour. - 8hour - 8 hour. - 24hour - 24 hour. type: str widget-type: choices: - top-lograte - sysres - sysinfo - licinfo - jsconsole - sysop - alert - statistics - rpteng - raid - logrecv - devsummary - logdb-perf - logdb-lag - disk-io - log-rcvd-fwd description: - Widget type. - top-lograte - Log Receive Monitor. - sysres - System resources. - sysinfo - System Information. - licinfo - License Information. - jsconsole - CLI Console. - sysop - Unit Operation. - alert - Alert Message Console. - statistics - Statistics. - rpteng - Report Engine. - raid - Disk Monitor. - logrecv - Logs/Data Received. - devsummary - Device Summary. - logdb-perf - Log Database Performance Monitor. - logdb-lag - Log Database Lag Time. - disk-io - Disk I/O. - log-rcvd-fwd - Log receive and forwarding Monitor. type: str type: list dashboard-tabs: description: no description elements: dict suboptions: name: description: Tab name. type: str tabid: description: Tab ID. type: int type: list description: description: Description. type: str dev-group: description: device group. type: str email-address: description: Email address. type: str ext-auth-accprofile-override: choices: - disable - enable description: - Allow to use the access profile provided by the remote authentication server. - disable - Disable access profile override. - enable - Enable access profile override. type: str ext-auth-adom-override: choices: - disable - enable description: - Allow to use the ADOM provided by the remote authentication server. - disable - Disable ADOM override. - enable - Enable ADOM override. type: str ext-auth-group-match: description: Only administrators belonging to this group can login. type: str fingerprint: description: PKI user certificate fingerprint (MD5, SHA1, SHA256) constraints. type: str first-name: description: First name. type: str force-password-change: choices: - disable - enable description: - Enable/disable force password change on next login. - disable - Disable setting. - enable - Enable setting. type: str group: description: Group name. type: str hidden: description: Hidden administrator. type: int ipv6_trusthost1: description: Admin user trusted host IPv6, default ::/0 for all. type: str ipv6_trusthost10: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost2: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost3: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost4: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost5: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost6: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost7: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost8: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost9: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str last-name: description: Last name. type: str ldap-server: description: LDAP server name. type: str login-max: description: Max login session for this user. type: int meta-data: description: no description elements: dict suboptions: fieldlength: description: Field length. type: int fieldname: description: Field name. type: str fieldvalue: description: Field value. type: str importance: choices: - optional - required description: - Importance. - optional - This field is optional. - required - This field is required. type: str status: choices: - disabled - enabled description: - Status. - disabled - This field is disabled. - enabled - This field is enabled. type: str type: list mobile-number: description: Mobile number. type: str pager-number: description: Pager number. type: str password: description: no description type: str password-expire: description: Password expire time in GMT. type: str phone-number: description: Phone number. type: str policy-package: description: no description elements: dict suboptions: policy-package-name: description: Policy package names. type: str type: list profileid: description: Profile ID. type: str radius_server: description: RADIUS server name. type: str restrict-access: choices: - disable - enable description: - Enable/disable restricted access to development VDOM. - disable - Disable setting. - enable - Enable setting. type: str restrict-dev-vdom: description: no description elements: dict suboptions: dev-vdom: description: Device or device VDOM. type: str type: list rpc-permit: choices: - read-write - none - read - from-profile description: - set none/read/read-write rpc-permission. - read-write - Read-write permission. - none - No permission. - read - Read-only permission. type: str ssh-public-key1: description: no description type: str ssh-public-key2: description: no description type: str ssh-public-key3: description: no description type: str subject: description: PKI user certificate name constraints. type: str tacacs-plus-server: description: TACACS+ server name. type: str th-from-profile: description: 'Internal use only: trusthostX from-profile flag' type: int th6-from-profile: description: 'Internal use only: ipv6_trusthostX from-profile flag' type: int trusthost1: description: Admin user trusted host IP, default 0.0.0.0 0.0.0.0 for all. type: str trusthost10: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost2: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost3: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost4: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost5: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost6: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost7: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost8: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost9: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str two-factor-auth: choices: - disable - enable - password - ftc-ftm - ftc-email - ftc-sms description: - Enable 2-factor authentication (certificate + password). - disable - Disable 2-factor authentication. - enable - Enable 2-factor authentication. type: str use-global-theme: choices: - disable - enable description: - Enable/disble global theme for administration GUI. - disable - Disable setting. - enable - Enable setting. type: str user-theme: choices: - blue - green - red - melongene - spring - summer - autumn - winter - circuit-board - calla-lily - binary-tunnel - mars - blue-sea - technology - landscape - twilight - canyon - northern-light - astronomy - fish - penguin - mountain - panda - parrot - cave - zebra - contrast-dark - mariner - jade - neutrino - dark-matter - forest - cat - graphite description: - Color scheme to use for the admin user GUI. - blue - Blueberry - green - Kiwi - red - Cherry - melongene - Plum - spring - Spring - summer - Summer - autumn - Autumn - winter - Winter - circuit-board - Circuit Board - calla-lily - Calla Lily - binary-tunnel - Binary Tunnel - mars - Mars - blue-sea - Blue Sea - technology - Technology - landscape - Landscape - twilight - Twilight - canyon - Canyon - northern-light - Northern Light - astronomy - Astronomy - fish - Fish - penguin - Penguin - mountain - Mountain - panda - Panda - parrot - Parrot - cave - Cave - zebra - Zebra - contrast-dark - High Contrast Dark type: str user_type: choices: - local - radius - ldap - tacacs-plus - pki-auth - group - sso - api description: - User type. - local - Local user. - radius - RADIUS user. - ldap - LDAP user. - tacacs-plus - TACACS+ user. - pki-auth - PKI user. - group - Group user. - sso - SSO user. type: str userid: description: User name. type: str wildcard: choices: - disable - enable description: - Enable/disable wildcard remote authentication. - disable - Disable username wildcard. - enable - Enable username wildcard. type: str type: dict forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str
meta: contains: request_url: description: The full url requested returned: always sample: /sys/login/user type: str response_code: description: The status of api request returned: always sample: 0 type: int response_data: description: The api response returned: always type: list response_message: description: The descriptive message of the api response returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current fortianalyzer version. returned: complex type: list