drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_system_admin_profile Admin profile. | "added in version" 2.0.0 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_system_admin_profile (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: gathering fortimanager facts hosts: fortimanager00 gather_facts: no connection: httpapi collections: - fortinet.fortimanager vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: retrieve all the admin profiles fmgr_fact: facts: selector: 'system_admin_profile' params: profile: 'your_value'
- hosts: fortimanager00 collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: Admin profile. fmgr_system_admin_profile: bypass_validation: False state: present system_admin_profile: description: ansible-test-description profileid: ansible-test-profile scope: adom #<value in [global, adom]> type: system #<value in [system, restricted]>
state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool system_admin_profile: description: the top level parameters set required: false suboptions: adom-lock: choices: - none - read - read-write description: - ADOM locking - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str adom-policy-packages: choices: - none - read - read-write description: - ADOM policy packages. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str adom-switch: choices: - none - read - read-write description: - Administrator domain. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str allow-to-install: choices: - disable - enable description: - Enable/disable the restricted user to install objects to the devices. - disable - Disable setting. - enable - Enable setting. type: str app-filter: choices: - disable - enable description: - App filter. - disable - Disable setting. - enable - Enable setting. type: str assignment: choices: - none - read - read-write description: - Assignment permission. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str change-password: choices: - disable - enable description: - Enable/disable restricted user to change self password. - disable - Disable setting. - enable - Enable setting. type: str config-retrieve: choices: - none - read - read-write description: - Configuration retrieve. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str config-revert: choices: - none - read - read-write description: - Revert Configuration from Revision History - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str consistency-check: choices: - none - read - read-write description: - Consistency check. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str datamask: choices: - disable - enable description: - Enable/disable data masking. - disable - Disable data masking. - enable - Enable data masking. type: str datamask-custom-fields: description: Datamask-Custom-Fields. elements: dict suboptions: field-category: choices: - log - fortiview - alert - ueba - all description: Field categories. elements: str type: list field-name: description: Field name. type: str field-status: choices: - disable - enable description: - Field status. - disable - Disable field. - enable - Enable field. type: str field-type: choices: - string - ip - mac - email - unknown description: - Field type. - string - String. - ip - IP. - mac - MAC address. - email - Email address. - unknown - Unknown. type: str type: list datamask-custom-priority: choices: - disable - enable description: - Prioritize custom fields. - disable - Disable custom field search priority. - enable - Enable custom field search priority. type: str datamask-fields: choices: - user - srcip - srcname - srcmac - dstip - dstname - email - message - domain description: Data masking fields. elements: str type: list datamask-key: description: Data masking encryption key. type: str datamask-unmasked-time: description: Time in days without data masking. type: int deploy-management: choices: - none - read - read-write description: - Install to devices. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str description: description: Description. type: str device-ap: choices: - none - read - read-write description: - Manage AP. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-config: choices: - none - read - read-write description: - Manage device configurations. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-forticlient: choices: - none - read - read-write description: - Manage FortiClient. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-fortiextender: choices: - none - read - read-write description: - Manage FortiExtender. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-fortiswitch: choices: - none - read - read-write description: - Manage FortiSwitch. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-manager: choices: - none - read - read-write description: - Device manager. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-op: choices: - none - read - read-write description: - Device add/delete/edit. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-policy-package-lock: choices: - none - read - read-write description: - Device/Policy Package locking - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-profile: choices: - none - read - read-write description: - Device profile permission. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-revision-deletion: choices: - none - read - read-write description: - Delete device revision. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-wan-link-load-balance: choices: - none - read - read-write description: - Manage WAN link load balance. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str event-management: choices: - none - read - read-write description: - Event management. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str extension-access: choices: - none - read - read-write description: - Manage extension access. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str fabric-viewer: choices: - none - read - read-write description: - Fabric viewer. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str fgd-center-advanced: choices: - none - read - read-write description: - FortiGuard Center Advanced. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str fgd-center-fmw-mgmt: choices: - none - read - read-write description: - FortiGuard Center Firmware Management. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str fgd-center-licensing: choices: - none - read - read-write description: - FortiGuard Center Licensing. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str fgd_center: choices: - none - read - read-write description: - FortiGuard Center. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str global-policy-packages: choices: - none - read - read-write description: - Global policy packages. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str import-policy-packages: choices: - none - read - read-write description: - Import Policy Package. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str intf-mapping: choices: - none - read - read-write description: - Interface Mapping - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str ips-baseline-cfg: choices: - none - read - read-write description: - Ips baseline sensor configration. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str ips-baseline-ovrd: choices: - disable - enable description: - Enable/disable override baseline ips sensor. - disable - Disable setting. - enable - Enable setting. type: str ips-filter: choices: - disable - enable description: - IPS filter. - disable - Disable setting. - enable - Enable setting. type: str ips-lock: choices: - none - read - read-write description: - IPS locking - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str ips-objects: choices: - none - read - read-write description: - Ips objects configuration. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str ipv6_trusthost1: description: Admin user trusted host IPv6, default type: str ipv6_trusthost10: description: Admin user trusted host IPv6, default ffff type: str ipv6_trusthost2: description: Admin user trusted host IPv6, default ffff type: str ipv6_trusthost3: description: Admin user trusted host IPv6, default ffff type: str ipv6_trusthost4: description: Admin user trusted host IPv6, default ffff type: str ipv6_trusthost5: description: Admin user trusted host IPv6, default ffff type: str ipv6_trusthost6: description: Admin user trusted host IPv6, default ffff type: str ipv6_trusthost7: description: Admin user trusted host IPv6, default ffff type: str ipv6_trusthost8: description: Admin user trusted host IPv6, default ffff type: str ipv6_trusthost9: description: Admin user trusted host IPv6, default ffff type: str log-viewer: choices: - none - read - read-write description: - Log viewer. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str policy-objects: choices: - none - read - read-write description: - Policy objects permission. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str profileid: description: Profile ID. type: str read-passwd: choices: - none - read - read-write description: - View password in clear text. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str realtime-monitor: choices: - none - read - read-write description: - Realtime monitor. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str report-viewer: choices: - none - read - read-write description: - Report viewer. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str rpc-permit: choices: - read-write - none - read description: - Set none/read/read-write rpc-permission - read-write - Read-write permission. - none - No permission. - read - Read-only permission. type: str run-report: choices: - none - read - read-write description: - Run reports. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str scope: choices: - global - adom description: - Scope. - global - Global scope. - adom - ADOM scope. type: str script-access: choices: - none - read - read-write description: - Script access. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str set-install-targets: choices: - none - read - read-write description: - Edit installation targets. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str super-user-profile: choices: - disable - enable description: - Enable/disable super user profile - disable - Disable super user profile - enable - Enable super user profile type: str system-setting: choices: - none - read - read-write description: - System setting. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str term-access: choices: - none - read - read-write description: - Terminal access. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str triage-events: choices: - none - read - read-write description: - Triage events. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str trusthost1: description: Admin user trusted host IP, default 0. type: str trusthost10: description: Admin user trusted host IP, default 255. type: str trusthost2: description: Admin user trusted host IP, default 255. type: str trusthost3: description: Admin user trusted host IP, default 255. type: str trusthost4: description: Admin user trusted host IP, default 255. type: str trusthost5: description: Admin user trusted host IP, default 255. type: str trusthost6: description: Admin user trusted host IP, default 255. type: str trusthost7: description: Admin user trusted host IP, default 255. type: str trusthost8: description: Admin user trusted host IP, default 255. type: str trusthost9: description: Admin user trusted host IP, default 255. type: str type: choices: - system - restricted description: - profile type. - system - System admin. - restricted - Restricted admin. type: str update-incidents: choices: - none - read - read-write description: - Create/update incidents. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str vpn-manager: choices: - none - read - read-write description: - VPN manager. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str web-filter: choices: - disable - enable description: - Web filter. - disable - Disable setting. - enable - Enable setting. type: str type: dict workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list