Try SpotterConfigure connection to SDN Connector.
| "added in version" 2.0.0 of drmofu.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections:
- name: drmofu.fortimanager
version: 2.2.2This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: gathering fortimanager facts
hosts: fortimanager00
gather_facts: no
connection: httpapi
collections:
- fortinet.fortimanager
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: retrieve all the connections to SDN Connector
fmgr_fact:
facts:
selector: 'system_sdnconnector'
params:
adom: 'ansible'
sdn-connector: 'your_value'
- hosts: fortimanager00
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure connection to SDN Connector.
fmgr_system_sdnconnector:
bypass_validation: False
adom: ansible
state: present
system_sdnconnector:
azure-region: global #<value in [global, china, germany, ...]>
#compartment-id: 1
name: ansible-test-sdn
password: fortinet
server: ALL
status: disable
type: aws #<value in [aci, aws, nsx, ...]>
adom:
description: the parameter (adom) in requested url
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
required: false
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
required: false
type: bool
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
required: false
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
required: false
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
required: false
type: bool
system_sdnconnector:
description: the top level parameters set
required: false
suboptions:
_local_cert:
description: _Local_Cert.
type: str
access-key:
description: AWS access key ID.
type: str
alt-resource-ip:
choices:
- disable
- enable
description: Enable/disable AWS alternative resource IP.
type: str
api-key:
description: IBM cloud API key or service ID API key.
type: str
azure-region:
choices:
- global
- china
- germany
- usgov
- local
description: Azure server region.
type: str
client-id:
description: Azure client ID
type: str
client-secret:
description: Azure client secret
type: str
compartment-id:
description: Compartment ID.
type: str
compartment-list:
description: description
elements: dict
suboptions:
compartment-id:
description: OCI compartment ID.
type: str
type: list
compute-generation:
description: Compute generation for IBM cloud infrastructure.
type: int
domain:
description: Openstack domain.
type: str
external-account-list:
description: description
elements: dict
suboptions:
external-id:
description: AWS external ID.
type: str
region-list:
description: description
type: str
role-arn:
description: AWS role ARN to assume.
type: str
type: list
external-ip:
description: External-Ip.
elements: dict
suboptions:
name:
description: External IP name.
type: str
type: list
forwarding-rule:
description: description
elements: dict
suboptions:
rule-name:
description: Forwarding rule name.
type: str
target:
description: Target instance name.
type: str
type: list
gcp-project:
description: GCP project name.
type: str
gcp-project-list:
description: description
elements: dict
suboptions:
gcp-zone-list:
description: description
type: str
id:
description: GCP project ID.
type: str
type: list
group-name:
description: Group name of computers.
type: str
ha-status:
choices:
- disable
- enable
description: Enable/disable use for FortiGate HA service.
type: str
ibm-region:
choices:
- us-south
- us-east
- germany
- great-britain
- japan
- australia
- dallas
- washington-dc
- london
- frankfurt
- sydney
- tokyo
- osaka
- toronto
- sao-paulo
- dallas-private
- washington-dc-private
- london-private
- frankfurt-private
- sydney-private
- tokyo-private
- osaka-private
- toronto-private
- sao-paulo-private
description: IBM cloud region name.
type: str
ibm-region-gen1:
choices:
- us-south
- us-east
- germany
- great-britain
- japan
- australia
description: Ibm-Region-Gen1.
type: str
ibm-region-gen2:
choices:
- us-south
- us-east
- great-britain
description: Ibm-Region-Gen2.
type: str
key-passwd:
description: Private key password.
type: str
last-update:
description: Last-Update.
type: int
login-endpoint:
description: Azure Stack login enpoint.
type: str
name:
description: SDN connector name.
type: str
nic:
description: Nic.
elements: dict
suboptions:
ip:
description: Ip.
elements: dict
suboptions:
name:
description: IP configuration name.
type: str
public-ip:
description: Public IP name.
type: str
resource-group:
description: Resource group of Azure public IP.
type: str
type: list
name:
description: Network interface name.
type: str
type: list
nsx-cert-fingerprint:
description: NSX certificate fingerprint.
type: str
oci-cert:
description: OCI certificate.
type: str
oci-fingerprint:
description: Oci-Fingerprint.
type: str
oci-region:
choices:
- phoenix
- ashburn
- frankfurt
- london
- toronto
description: OCI server region.
type: str
oci-region-list:
description: description
elements: dict
suboptions:
region:
description: OCI region.
type: str
type: list
oci-region-type:
choices:
- commercial
- government
description: OCI region type.
type: str
password:
description: Password of the remote SDN connector as login credentials.
type: str
private-key:
description: Private key of GCP service account.
type: str
proxy:
description: SDN proxy.
type: str
region:
description: AWS region name.
type: str
resource-group:
description: Azure resource group.
type: str
resource-url:
description: Azure Stack resource URL.
type: str
rest-interface:
choices:
- mgmt
- sync
description: Interface name for REST service to listen on.
type: str
rest-password:
description: Password for REST service.
type: str
rest-sport:
description: REST service access port
type: int
rest-ssl:
choices:
- disable
- enable
description: Rest-Ssl.
type: str
route:
description: Route.
elements: dict
suboptions:
name:
description: Route name.
type: str
type: list
route-table:
description: Route-Table.
elements: dict
suboptions:
name:
description: Route table name.
type: str
resource-group:
description: Resource group of Azure route table.
type: str
route:
description: Route.
elements: dict
suboptions:
name:
description: Route name.
type: str
next-hop:
description: Next hop address.
type: str
type: list
subscription-id:
description: Subscription ID of Azure route table.
type: str
type: list
secret-key:
description: AWS / ACS secret access key.
type: str
secret-token:
description: Secret token of Kubernetes service account.
type: str
server:
description: Server address of the remote SDN connector.
type: str
server-ca-cert:
description: Trust only those servers whose certificate is directly/indirectly
signed by this certificate.
type: str
server-cert:
description: Trust servers that contain this certificate only.
type: str
server-ip:
description: IP address of the remote SDN connector.
type: str
server-list:
description: Server address list of the remote SDN connector.
type: str
server-port:
description: Port number of the remote SDN connector.
type: int
service-account:
description: GCP service account email.
type: str
status:
choices:
- disable
- enable
description: Enable/disable connection to the remote SDN connector.
type: str
subscription-id:
description: Azure subscription ID.
type: str
tenant-id:
description: Tenant ID
type: str
type:
choices:
- aci
- aws
- nsx
- nuage
- azure
- gcp
- oci
- openstack
- kubernetes
- vmware
- acs
- alicloud
- sepm
- aci-direct
- ibm
- nutanix
- sap
description: Type of SDN connector.
type: str
update-interval:
description: Dynamic object update interval
type: int
updating:
description: Updating.
type: int
use-metadata-iam:
choices:
- disable
- enable
description: Enable/disable using IAM role from metadata to call API.
type: str
user-id:
description: User ID.
type: str
username:
description: Username of the remote SDN connector as login credentials.
type: str
vcenter-password:
description: vCenter server password for NSX quarantine.
type: str
vcenter-server:
description: vCenter server address for NSX quarantine.
type: str
vcenter-username:
description: vCenter server username for NSX quarantine.
type: str
verify-certificate:
choices:
- disable
- enable
description: Enable/disable server certificate verification.
type: str
vmx-image-url:
description: URL of web-hosted VMX image.
type: str
vmx-service-name:
description: VMX Service name.
type: str
vpc-id:
description: AWS VPC ID.
type: str
type: dict
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
required: false
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
required: false
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list