Try Spotterno description
| "added in version" 2.0.0 of drmofu.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections:
- name: drmofu.fortimanager
version: 2.2.2This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: no description
fmgr_vpnmgr_vpntable:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
vpnmgr_vpntable:
authmethod: <value in [psk, rsa-signature, signature]>
auto-zone-policy: <value in [disable, enable]>
certificate: <value of string>
description: <value of string>
dpd: <value in [disable, enable, on-idle, ...]>
dpd-retrycount: <value of integer>
dpd-retryinterval: <value of integer>
fcc-enforcement: <value in [disable, enable]>
hub2spoke-zone: <value of string>
ike-version: <value in [1, 2]>
ike1dhgroup:
- 1
- 2
- 5
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 27
- 28
- 29
- 30
- 31
- 32
ike1dpd: <value in [disable, enable]>
ike1keylifesec: <value of integer>
ike1localid: <value of string>
ike1mode: <value in [main, aggressive]>
ike1natkeepalive: <value of integer>
ike1nattraversal: <value in [disable, enable, forced]>
ike1proposal: <value in [des-md5, des-sha1, 3des-md5, ...]>
ike2autonego: <value in [disable, enable]>
ike2dhgroup:
- 1
- 2
- 5
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 27
- 28
- 29
- 30
- 31
- 32
ike2keepalive: <value in [disable, enable]>
ike2keylifekbs: <value of integer>
ike2keylifesec: <value of integer>
ike2keylifetype: <value in [seconds, kbs, both]>
ike2proposal: <value in [null-md5, null-sha1, des-null, ...]>
inter-vdom: <value in [disable, enable]>
intf-mode: <value in [off, on]>
localid-type: <value in [auto, fqdn, user-fqdn, ...]>
name: <value of string>
negotiate-timeout: <value of integer>
npu-offload: <value in [disable, enable]>
pfs: <value in [disable, enable]>
psk-auto-generate: <value in [disable, enable]>
psksecret: <value of string>
replay: <value in [disable, enable]>
rsa-certificate: <value of string>
spoke2hub-zone: <value of string>
topology: <value in [meshed, star, dialup]>
vpn-zone: <value of string>
network-id: <value of integer>
network-overlay: <value in [disable, enable]>
adom:
description: the parameter (adom) in requested url
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
required: false
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
required: false
type: bool
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
required: false
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
required: false
type: str
vpnmgr_vpntable:
description: the top level parameters set
required: false
suboptions:
authmethod:
choices:
- psk
- rsa-signature
- signature
description: Authmethod.
type: str
auto-zone-policy:
choices:
- disable
- enable
description: Auto-Zone-Policy.
type: str
certificate:
description: Certificate.
type: str
description:
description: Description.
type: str
dpd:
choices:
- disable
- enable
- on-idle
- on-demand
description: Dpd.
type: str
dpd-retrycount:
description: Dpd-Retrycount.
type: int
dpd-retryinterval:
description: Dpd-Retryinterval.
type: int
fcc-enforcement:
choices:
- disable
- enable
description: Fcc-Enforcement.
type: str
hub2spoke-zone:
description: Hub2Spoke-Zone.
type: str
ike-version:
choices:
- '1'
- '2'
description: Ike-Version.
type: str
ike1dhgroup:
choices:
- '1'
- '2'
- '5'
- '14'
- '15'
- '16'
- '17'
- '18'
- '19'
- '20'
- '21'
- '27'
- '28'
- '29'
- '30'
- '31'
- '32'
description: Ike1Dhgroup.
elements: str
type: list
ike1dpd:
choices:
- disable
- enable
description: Ike1Dpd.
type: str
ike1keylifesec:
description: Ike1Keylifesec.
type: int
ike1localid:
description: Ike1Localid.
type: str
ike1mode:
choices:
- main
- aggressive
description: Ike1Mode.
type: str
ike1natkeepalive:
description: Ike1Natkeepalive.
type: int
ike1nattraversal:
choices:
- disable
- enable
- forced
description: Ike1Nattraversal.
type: str
ike1proposal:
choices:
- des-md5
- des-sha1
- 3des-md5
- 3des-sha1
- aes128-md5
- aes128-sha1
- aes192-md5
- aes192-sha1
- aes256-md5
- aes256-sha1
- des-sha256
- 3des-sha256
- aes128-sha256
- aes192-sha256
- aes256-sha256
- des-sha384
- des-sha512
- 3des-sha384
- 3des-sha512
- aes128-sha384
- aes128-sha512
- aes192-sha384
- aes192-sha512
- aes256-sha384
- aes256-sha512
- aria128-md5
- aria128-sha1
- aria128-sha256
- aria128-sha384
- aria128-sha512
- aria192-md5
- aria192-sha1
- aria192-sha256
- aria192-sha384
- aria192-sha512
- aria256-md5
- aria256-sha1
- aria256-sha256
- aria256-sha384
- aria256-sha512
- seed-md5
- seed-sha1
- seed-sha256
- seed-sha384
- seed-sha512
- aes128gcm-prfsha1
- aes128gcm-prfsha256
- aes128gcm-prfsha384
- aes128gcm-prfsha512
- aes256gcm-prfsha1
- aes256gcm-prfsha256
- aes256gcm-prfsha384
- aes256gcm-prfsha512
- chacha20poly1305-prfsha1
- chacha20poly1305-prfsha256
- chacha20poly1305-prfsha384
- chacha20poly1305-prfsha512
description: Ike1Proposal.
type: str
ike2autonego:
choices:
- disable
- enable
description: Ike2Autonego.
type: str
ike2dhgroup:
choices:
- '1'
- '2'
- '5'
- '14'
- '15'
- '16'
- '17'
- '18'
- '19'
- '20'
- '21'
- '27'
- '28'
- '29'
- '30'
- '31'
- '32'
description: Ike2Dhgroup.
elements: str
type: list
ike2keepalive:
choices:
- disable
- enable
description: Ike2Keepalive.
type: str
ike2keylifekbs:
description: Ike2Keylifekbs.
type: int
ike2keylifesec:
description: Ike2Keylifesec.
type: int
ike2keylifetype:
choices:
- seconds
- kbs
- both
description: Ike2Keylifetype.
type: str
ike2proposal:
choices:
- null-md5
- null-sha1
- des-null
- 3des-null
- des-md5
- des-sha1
- 3des-md5
- 3des-sha1
- aes128-md5
- aes128-sha1
- aes192-md5
- aes192-sha1
- aes256-md5
- aes256-sha1
- aes128-null
- aes192-null
- aes256-null
- null-sha256
- des-sha256
- 3des-sha256
- aes128-sha256
- aes192-sha256
- aes256-sha256
- des-sha384
- des-sha512
- 3des-sha384
- 3des-sha512
- aes128-sha384
- aes128-sha512
- aes192-sha384
- aes192-sha512
- aes256-sha384
- aes256-sha512
- null-sha384
- null-sha512
- aria128-null
- aria128-md5
- aria128-sha1
- aria128-sha256
- aria128-sha384
- aria128-sha512
- aria192-null
- aria192-md5
- aria192-sha1
- aria192-sha256
- aria192-sha384
- aria192-sha512
- aria256-null
- aria256-md5
- aria256-sha1
- aria256-sha256
- aria256-sha384
- aria256-sha512
- seed-null
- seed-md5
- seed-sha1
- seed-sha256
- seed-sha384
- seed-sha512
- aes128gcm
- aes256gcm
- chacha20poly1305
description: Ike2Proposal.
type: str
inter-vdom:
choices:
- disable
- enable
description: Inter-Vdom.
type: str
intf-mode:
choices:
- 'off'
- 'on'
description: Intf-Mode.
type: str
localid-type:
choices:
- auto
- fqdn
- user-fqdn
- keyid
- address
- asn1dn
description: Localid-Type.
type: str
name:
description: Name.
type: str
negotiate-timeout:
description: Negotiate-Timeout.
type: int
network-id:
description: Network-Id.
type: int
network-overlay:
choices:
- disable
- enable
description: Network-Overlay.
type: str
npu-offload:
choices:
- disable
- enable
description: Npu-Offload.
type: str
pfs:
choices:
- disable
- enable
description: Pfs.
type: str
psk-auto-generate:
choices:
- disable
- enable
description: Psk-Auto-Generate.
type: str
psksecret:
description: Psksecret.
type: str
replay:
choices:
- disable
- enable
description: Replay.
type: str
rsa-certificate:
description: Rsa-Certificate.
type: str
spoke2hub-zone:
description: Spoke2Hub-Zone.
type: str
topology:
choices:
- meshed
- star
- dialup
description: Topology.
type: str
vpn-zone:
description: Vpn-Zone.
type: str
type: dict
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
required: false
type: bool
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
required: false
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
required: false
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list