drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_pm_config_pblock_firewall_policy Configure IPv4/IPv6 policies. | "added in version" 2.1.6 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_pm_config_pblock_firewall_policy (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: Configure IPv4/IPv6 policies. fmgr_pm_config_pblock_firewall_policy: bypass_validation: False workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 rc_succeeded: [0, -2, -3, ...] rc_failed: [-2, -3, ...] adom: <your own value> pblock: <your own value> state: <value in [present, absent]> pm_config_pblock_firewall_policy: _policy_block: <value of integer> action: <value in [deny, accept, ipsec, ...]> anti-replay: <value in [disable, enable]> application-list: <value of string> auth-cert: <value of string> auth-path: <value in [disable, enable]> auth-redirect-addr: <value of string> auto-asic-offload: <value in [disable, enable]> av-profile: <value of string> block-notification: <value in [disable, enable]> captive-portal-exempt: <value in [disable, enable]> capture-packet: <value in [disable, enable]> cifs-profile: <value of string> comments: <value of string> custom-log-fields: <value of string> decrypted-traffic-mirror: <value of string> delay-tcp-npu-session: <value in [disable, enable]> diffserv-forward: <value in [disable, enable]> diffserv-reverse: <value in [disable, enable]> diffservcode-forward: <value of string> diffservcode-rev: <value of string> disclaimer: <value in [disable, enable, user, ...]> dlp-profile: <value of string> dnsfilter-profile: <value of string> dsri: <value in [disable, enable]> dstaddr: <value of string> dstaddr-negate: <value in [disable, enable]> dstaddr6: <value of string> dstintf: <value of string> dynamic-shaping: <value in [disable, enable]> email-collect: <value in [disable, enable]> emailfilter-profile: <value of string> fec: <value in [disable, enable]> file-filter-profile: <value of string> firewall-session-dirty: <value in [check-all, check-new]> fixedport: <value in [disable, enable]> fsso-agent-for-ntlm: <value of string> fsso-groups: <value of string> geoip-anycast: <value in [disable, enable]> geoip-match: <value in [physical-location, registered-location]> global-label: <value of string> groups: <value of string> gtp-profile: <value of string> http-policy-redirect: <value in [disable, enable]> icap-profile: <value of string> identity-based-route: <value of string> inbound: <value in [disable, enable]> inspection-mode: <value in [proxy, flow]> internet-service: <value in [disable, enable]> internet-service-custom: <value of string> internet-service-custom-group: <value of string> internet-service-group: <value of string> internet-service-name: <value of string> internet-service-negate: <value in [disable, enable]> internet-service-src: <value in [disable, enable]> internet-service-src-custom: <value of string> internet-service-src-custom-group: <value of string> internet-service-src-group: <value of string> internet-service-src-name: <value of string> internet-service-src-negate: <value in [disable, enable]> ippool: <value in [disable, enable]> ips-sensor: <value of string> label: <value of string> logtraffic: <value in [disable, enable, all, ...]> logtraffic-start: <value in [disable, enable]> match-vip: <value in [disable, enable]> match-vip-only: <value in [disable, enable]> name: <value of string> nat: <value in [disable, enable]> nat46: <value in [disable, enable]> nat64: <value in [disable, enable]> natinbound: <value in [disable, enable]> natip: <value of string> natoutbound: <value in [disable, enable]> np-acceleration: <value in [disable, enable]> ntlm: <value in [disable, enable]> ntlm-enabled-browsers: <value of string> ntlm-guest: <value in [disable, enable]> outbound: <value in [disable, enable]> passive-wan-health-measurement: <value in [disable, enable]> per-ip-shaper: <value of string> permit-any-host: <value in [disable, enable]> permit-stun-host: <value in [disable, enable]> pfcp-profile: <value of string> policy-expiry: <value in [disable, enable]> policy-expiry-date: <value of string> policyid: <value of integer> poolname: <value of string> poolname6: <value of string> profile-group: <value of string> profile-protocol-options: <value of string> profile-type: <value in [single, group]> radius-mac-auth-bypass: <value in [disable, enable]> redirect-url: <value of string> replacemsg-override-group: <value of string> reputation-direction: <value in [source, destination]> reputation-minimum: <value of integer> rtp-addr: <value of string> rtp-nat: <value in [disable, enable]> schedule: <value of string> schedule-timeout: <value in [disable, enable]> sctp-filter-profile: <value of string> send-deny-packet: <value in [disable, enable]> service: <value of string> service-negate: <value in [disable, enable]> session-ttl: <value of integer> sgt: <value of integer> sgt-check: <value in [disable, enable]> src-vendor-mac: <value of string> srcaddr: <value of string> srcaddr-negate: <value in [disable, enable]> srcaddr6: <value of string> srcintf: <value of string> ssh-filter-profile: <value of string> ssh-policy-redirect: <value in [disable, enable]> ssl-ssh-profile: <value of string> status: <value in [disable, enable]> tcp-mss-receiver: <value of integer> tcp-mss-sender: <value of integer> tcp-session-without-syn: <value in [all, data-only, disable]> timeout-send-rst: <value in [disable, enable]> tos: <value of string> tos-mask: <value of string> tos-negate: <value in [disable, enable]> traffic-shaper: <value of string> traffic-shaper-reverse: <value of string> users: <value of string> utm-status: <value in [disable, enable]> uuid: <value of string> videofilter-profile: <value of string> vlan-cos-fwd: <value of integer> vlan-cos-rev: <value of integer> vlan-filter: <value of string> voip-profile: <value of string> vpntunnel: <value of string> waf-profile: <value of string> wanopt: <value in [disable, enable]> wanopt-detection: <value in [active, passive, off]> wanopt-passive-opt: <value in [default, transparent, non-transparent]> wanopt-peer: <value of string> wanopt-profile: <value of string> wccp: <value in [disable, enable]> webcache: <value in [disable, enable]> webcache-https: <value in [disable, ssl-server, any, ...]> webfilter-profile: <value of string> webproxy-forward-server: <value of string> webproxy-profile: <value of string> ztna-ems-tag: <value of string> ztna-geo-tag: <value of string> ztna-status: <value in [disable, enable]> policy-offload: <value in [disable, enable]> cgn-session-quota: <value of integer> tcp-timeout-pid: <value of string> udp-timeout-pid: <value of string> dlp-sensor: <value of string> cgn-eif: <value in [disable, enable]> cgn-log-server-grp: <value of string> cgn-resource-quota: <value of integer> cgn-eim: <value in [disable, enable]> mms-profile: <value of string> app-category: <value of string> internet-service-src-id: <value of string> rsso: <value in [disable, enable]> internet-service-id: <value of string> best-route: <value in [disable, enable]> fsso: <value in [disable, enable]> url-category: <value of string> app-group: <value of string> ssl-mirror-intf: <value of string> wsso: <value in [disable, enable]> ssl-mirror: <value in [disable, enable]> application: <value of integer> dscp-negate: <value in [disable, enable]> learning-mode: <value in [disable, enable]> devices: <value of string> dscp-value: <value of string> spamfilter-profile: <value of string> scan-botnet-connections: <value in [disable, block, monitor]> dscp-match: <value in [disable, enable]> diffserv-copy: <value in [disable, enable]> dstaddr6-negate: <value in [disable, enable]> internet-service6: <value in [disable, enable]> internet-service6-custom: <value of string> internet-service6-custom-group: <value of string> internet-service6-group: <value of string> internet-service6-name: <value of string> internet-service6-negate: <value in [disable, enable]> internet-service6-src: <value in [disable, enable]> internet-service6-src-custom: <value of string> internet-service6-src-custom-group: <value of string> internet-service6-src-group: <value of string> internet-service6-src-name: <value of string> internet-service6-src-negate: <value in [disable, enable]> network-service-dynamic: <value of string> network-service-src-dynamic: <value of string> reputation-direction6: <value in [source, destination]> reputation-minimum6: <value of integer> srcaddr6-negate: <value in [disable, enable]> ip-version-type: <value of string> ips-voip-filter: <value of string> pcp-inbound: <value in [disable, enable]> pcp-outbound: <value in [disable, enable]> pcp-poolname: <value of string> policy-behaviour-type: <value of string> policy-expiry-date-utc: <value of string> ztna-device-ownership: <value in [disable, enable]> ztna-ems-tag-secondary: <value of string> ztna-policy-redirect: <value in [disable, enable]> ztna-tags-match-logic: <value in [or, and]>
adom: description: the parameter (adom) in requested url required: true type: str state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str pblock: description: the parameter (pblock) in requested url required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int pm_config_pblock_firewall_policy: description: the top level parameters set required: false suboptions: _policy_block: description: Assigned policy block. type: int action: choices: - deny - accept - ipsec - ssl-vpn - redirect - isolate description: Policy action type: str anti-replay: choices: - disable - enable description: Enable/disable anti-replay check. type: str app-category: description: description type: str app-group: description: description type: str application: description: description type: int application-list: description: Name of an existing Application list. type: str auth-cert: description: HTTPS server certificate for policy authentication. type: str auth-path: choices: - disable - enable description: Enable/disable authentication-based routing. type: str auth-redirect-addr: description: HTTP-to-HTTPS redirect address for firewall authentication. type: str auto-asic-offload: choices: - disable - enable description: Enable/disable policy traffic ASIC offloading. type: str av-profile: description: Name of an existing Antivirus profile. type: str best-route: choices: - disable - enable description: no description type: str block-notification: choices: - disable - enable description: Enable/disable block notification. type: str captive-portal-exempt: choices: - disable - enable description: Enable to exempt some users from the captive portal. type: str capture-packet: choices: - disable - enable description: Enable/disable capture packets. type: str cgn-eif: choices: - disable - enable description: Enable/Disable CGN endpoint independent filtering. type: str cgn-eim: choices: - disable - enable description: Enable/Disable CGN endpoint independent mapping type: str cgn-log-server-grp: description: NP log server group name type: str cgn-resource-quota: description: resource quota type: int cgn-session-quota: description: session quota type: int cifs-profile: description: Name of an existing CIFS profile. type: str comments: description: Comment. type: str custom-log-fields: description: description type: str decrypted-traffic-mirror: description: Decrypted traffic mirror. type: str delay-tcp-npu-session: choices: - disable - enable description: Enable TCP NPU session delay to guarantee packet order of 3-way handshake. type: str devices: description: description type: str diffserv-copy: choices: - disable - enable description: Enable to copy packets DiffServ values from sessions original direction to its reply direction. type: str diffserv-forward: choices: - disable - enable description: Enable to change packets DiffServ values to the specified diffservcode-forward value. type: str diffserv-reverse: choices: - disable - enable description: Enable to change packets reverse type: str diffservcode-forward: description: Change packets DiffServ to this value. type: str diffservcode-rev: description: Change packets reverse type: str disclaimer: choices: - disable - enable - user - domain - policy description: Enable/disable user authentication disclaimer. type: str dlp-profile: description: Name of an existing DLP profile. type: str dlp-sensor: description: Name of an existing DLP sensor. type: str dnsfilter-profile: description: Name of an existing DNS filter profile. type: str dscp-match: choices: - disable - enable description: Enable DSCP check. type: str dscp-negate: choices: - disable - enable description: Enable negated DSCP match. type: str dscp-value: description: DSCP value. type: str dsri: choices: - disable - enable description: Enable DSRI to ignore HTTP server responses. type: str dstaddr: description: description type: str dstaddr-negate: choices: - disable - enable description: When enabled dstaddr/dstaddr6 specifies what the destination address must NOT be. type: str dstaddr6: description: description type: str dstaddr6-negate: choices: - disable - enable description: When enabled dstaddr6 specifies what the destination address must NOT be. type: str dstintf: description: description type: str dynamic-shaping: choices: - disable - enable description: Enable/disable dynamic RADIUS defined traffic shaping. type: str email-collect: choices: - disable - enable description: Enable/disable email collection. type: str emailfilter-profile: description: Name of an existing email filter profile. type: str fec: choices: - disable - enable description: Enable/disable Forward Error Correction on traffic matching this policy on a FEC device. type: str file-filter-profile: description: Name of an existing file-filter profile. type: str firewall-session-dirty: choices: - check-all - check-new description: How to handle sessions if the configuration of this firewall policy changes. type: str fixedport: choices: - disable - enable description: Enable to prevent source NAT from changing a sessions source port. type: str fsso: choices: - disable - enable description: Enable/disable Fortinet Single Sign-On. type: str fsso-agent-for-ntlm: description: FSSO agent to use for NTLM authentication. type: str fsso-groups: description: description type: str geoip-anycast: choices: - disable - enable description: Enable/disable recognition of anycast IP addresses using the geography IP database. type: str geoip-match: choices: - physical-location - registered-location description: Match geography address based either on its physical location or registered location. type: str global-label: description: Label for the policy that appears when the GUI is in Global View mode. type: str groups: description: description type: str gtp-profile: description: GTP profile. type: str http-policy-redirect: choices: - disable - enable description: Redirect HTTP type: str icap-profile: description: Name of an existing ICAP profile. type: str identity-based-route: description: Name of identity-based routing rule. type: str inbound: choices: - disable - enable description: Policy-based IPsec VPN type: str inspection-mode: choices: - proxy - flow description: Policy inspection mode type: str internet-service: choices: - disable - enable description: Enable/disable use of Internet Services for this policy. type: str internet-service-custom: description: description type: str internet-service-custom-group: description: description type: str internet-service-group: description: description type: str internet-service-id: description: description type: str internet-service-name: description: description type: str internet-service-negate: choices: - disable - enable description: When enabled internet-service specifies what the service must NOT be. type: str internet-service-src: choices: - disable - enable description: Enable/disable use of Internet Services in source for this policy. type: str internet-service-src-custom: description: description type: str internet-service-src-custom-group: description: description type: str internet-service-src-group: description: description type: str internet-service-src-id: description: description type: str internet-service-src-name: description: description type: str internet-service-src-negate: choices: - disable - enable description: When enabled internet-service-src specifies what the service must NOT be. type: str internet-service6: choices: - disable - enable description: Enable/disable use of IPv6 Internet Services for this policy. type: str internet-service6-custom: description: description type: str internet-service6-custom-group: description: description type: str internet-service6-group: description: description type: str internet-service6-name: description: description type: str internet-service6-negate: choices: - disable - enable description: When enabled internet-service6 specifies what the service must NOT be. type: str internet-service6-src: choices: - disable - enable description: Enable/disable use of IPv6 Internet Services in source for this policy. type: str internet-service6-src-custom: description: description type: str internet-service6-src-custom-group: description: description type: str internet-service6-src-group: description: description type: str internet-service6-src-name: description: description type: str internet-service6-src-negate: choices: - disable - enable description: When enabled internet-service6-src specifies what the service must NOT be. type: str ip-version-type: description: IP version of the policy. type: str ippool: choices: - disable - enable description: Enable to use IP Pools for source NAT. type: str ips-sensor: description: Name of an existing IPS sensor. type: str ips-voip-filter: description: Name of an existing VoIP type: str label: description: Label for the policy that appears when the GUI is in Section View mode. type: str learning-mode: choices: - disable - enable description: Enable to allow everything, but log all of the meaningful data for security information gathering. type: str logtraffic: choices: - disable - enable - all - utm description: Enable or disable logging. type: str logtraffic-start: choices: - disable - enable description: Record logs when a session starts. type: str match-vip: choices: - disable - enable description: Enable to match packets that have had their destination addresses changed by a VIP. type: str match-vip-only: choices: - disable - enable description: Enable/disable matching of only those packets that have had their destination addresses changed by a VIP. type: str mms-profile: description: Name of an existing MMS profile. type: str name: description: Policy name. type: str nat: choices: - disable - enable description: Enable/disable source NAT. type: str nat46: choices: - disable - enable description: Enable/disable NAT46. type: str nat64: choices: - disable - enable description: Enable/disable NAT64. type: str natinbound: choices: - disable - enable description: Policy-based IPsec VPN type: str natip: description: Policy-based IPsec VPN type: str natoutbound: choices: - disable - enable description: Policy-based IPsec VPN type: str network-service-dynamic: description: description type: str network-service-src-dynamic: description: description type: str np-acceleration: choices: - disable - enable description: Enable/disable UTM Network Processor acceleration. type: str ntlm: choices: - disable - enable description: Enable/disable NTLM authentication. type: str ntlm-enabled-browsers: description: description type: str ntlm-guest: choices: - disable - enable description: Enable/disable NTLM guest user access. type: str outbound: choices: - disable - enable description: Policy-based IPsec VPN type: str passive-wan-health-measurement: choices: - disable - enable description: Enable/disable passive WAN health measurement. type: str pcp-inbound: choices: - disable - enable description: Enable/disable PCP inbound DNAT. type: str pcp-outbound: choices: - disable - enable description: Enable/disable PCP outbound SNAT. type: str pcp-poolname: description: description type: str per-ip-shaper: description: Per-IP traffic shaper. type: str permit-any-host: choices: - disable - enable description: Accept UDP packets from any host. type: str permit-stun-host: choices: - disable - enable description: Accept UDP packets from any Session Traversal Utilities for NAT type: str pfcp-profile: description: PFCP profile. type: str policy-behaviour-type: description: Behaviour of the policy. type: str policy-expiry: choices: - disable - enable description: Enable/disable policy expiry. type: str policy-expiry-date: description: Policy expiry date type: str policy-expiry-date-utc: description: Policy expiry date and time, in epoch format. type: str policy-offload: choices: - disable - enable description: Enable/Disable hardware session setup for CGNAT. type: str policyid: description: Policy ID type: int poolname: description: description type: str poolname6: description: description type: str profile-group: description: Name of profile group. type: str profile-protocol-options: description: Name of an existing Protocol options profile. type: str profile-type: choices: - single - group description: Determine whether the firewall policy allows security profile groups or single profiles only. type: str radius-mac-auth-bypass: choices: - disable - enable description: Enable MAC authentication bypass. type: str redirect-url: description: URL users are directed to after seeing and accepting the disclaimer or authenticating. type: str replacemsg-override-group: description: Override the default replacement message group for this policy. type: str reputation-direction: choices: - source - destination description: Direction of the initial traffic for reputation to take effect. type: str reputation-direction6: choices: - source - destination description: Direction of the initial traffic for IPv6 reputation to take effect. type: str reputation-minimum: description: Minimum Reputation to take action. type: int reputation-minimum6: description: IPv6 Minimum Reputation to take action. type: int rsso: choices: - disable - enable description: Enable/disable RADIUS single sign-on type: str rtp-addr: description: description type: str rtp-nat: choices: - disable - enable description: Enable Real Time Protocol type: str scan-botnet-connections: choices: - disable - block - monitor description: Block or monitor connections to Botnet servers or disable Botnet scanning. type: str schedule: description: Schedule name. type: str schedule-timeout: choices: - disable - enable description: Enable to force current sessions to end when the schedule object times out. type: str sctp-filter-profile: description: Name of an existing SCTP filter profile. type: str send-deny-packet: choices: - disable - enable description: Enable to send a reply when a session is denied or blocked by a firewall policy. type: str service: description: description type: str service-negate: choices: - disable - enable description: When enabled service specifies what the service must NOT be. type: str session-ttl: description: TTL in seconds for sessions accepted by this policy type: int sgt: description: description type: int sgt-check: choices: - disable - enable description: Enable/disable security group tags type: str spamfilter-profile: description: Name of an existing Spam filter profile. type: str src-vendor-mac: description: description type: str srcaddr: description: description type: str srcaddr-negate: choices: - disable - enable description: When enabled srcaddr/srcaddr6 specifies what the source address must NOT be. type: str srcaddr6: description: description type: str srcaddr6-negate: choices: - disable - enable description: When enabled srcaddr6 specifies what the source address must NOT be. type: str srcintf: description: description type: str ssh-filter-profile: description: Name of an existing SSH filter profile. type: str ssh-policy-redirect: choices: - disable - enable description: Redirect SSH traffic to matching transparent proxy policy. type: str ssl-mirror: choices: - disable - enable description: Enable to copy decrypted SSL traffic to a FortiGate interface type: str ssl-mirror-intf: description: description type: str ssl-ssh-profile: description: Name of an existing SSL SSH profile. type: str status: choices: - disable - enable description: Enable or disable this policy. type: str tcp-mss-receiver: description: Receiver TCP maximum segment size type: int tcp-mss-sender: description: Sender TCP maximum segment size type: int tcp-session-without-syn: choices: - all - data-only - disable description: Enable/disable creation of TCP session without SYN flag. type: str tcp-timeout-pid: description: TCP timeout profile ID type: str timeout-send-rst: choices: - disable - enable description: Enable/disable sending RST packets when TCP sessions expire. type: str tos: description: ToS type: str tos-mask: description: Non-zero bit positions are used for comparison while zero bit positions are ignored. type: str tos-negate: choices: - disable - enable description: Enable negated TOS match. type: str traffic-shaper: description: Traffic shaper. type: str traffic-shaper-reverse: description: Reverse traffic shaper. type: str udp-timeout-pid: description: UDP timeout profile ID type: str url-category: description: description type: str users: description: description type: str utm-status: choices: - disable - enable description: Enable to add one or more security profiles type: str uuid: description: Universally Unique Identifier type: str videofilter-profile: description: Name of an existing VideoFilter profile. type: str vlan-cos-fwd: description: VLAN forward direction user priority type: int vlan-cos-rev: description: VLAN reverse direction user priority type: int vlan-filter: description: Set VLAN filters. type: str voip-profile: description: Name of an existing VoIP profile. type: str vpntunnel: description: Policy-based IPsec VPN type: str waf-profile: description: Name of an existing Web application firewall profile. type: str wanopt: choices: - disable - enable description: Enable/disable WAN optimization. type: str wanopt-detection: choices: - active - passive - 'off' description: WAN optimization auto-detection mode. type: str wanopt-passive-opt: choices: - default - transparent - non-transparent description: WAN optimization passive mode options. type: str wanopt-peer: description: WAN optimization peer. type: str wanopt-profile: description: WAN optimization profile. type: str wccp: choices: - disable - enable description: Enable/disable forwarding traffic matching this policy to a configured WCCP server. type: str webcache: choices: - disable - enable description: Enable/disable web cache. type: str webcache-https: choices: - disable - ssl-server - any - enable description: Enable/disable web cache for HTTPS. type: str webfilter-profile: description: Name of an existing Web filter profile. type: str webproxy-forward-server: description: Webproxy forward server name. type: str webproxy-profile: description: Webproxy profile name. type: str wsso: choices: - disable - enable description: Enable/disable WiFi Single Sign On type: str ztna-device-ownership: choices: - disable - enable description: Enable/disable zero trust device ownership. type: str ztna-ems-tag: description: description type: str ztna-ems-tag-secondary: description: description type: str ztna-geo-tag: description: description type: str ztna-policy-redirect: choices: - disable - enable description: Redirect ZTNA traffic to matching Access-Proxy proxy-policy. type: str ztna-status: choices: - disable - enable description: Enable/disable zero trust access. type: str ztna-tags-match-logic: choices: - or - and description: ZTNA tag matching logic. type: str type: dict
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list