fortinet / fortinet.fortianalyzer / 1.4.0 / module / faz_cli_system_admin_profile Admin profile. | "added in version" 1.0.0 of fortinet.fortianalyzer" Authors: Xinwei Du (@dux-fortinet), Link Zheng (@chillancezen), Jie Xue (@JieX19), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communityfortinet.fortianalyzer.faz_cli_system_admin_profile (1.4.0) — module
Install with ansible-galaxy collection install fortinet.fortianalyzer:==1.4.0
collections: - name: fortinet.fortianalyzer version: 1.4.0
This module is able to configure a FortiAnalyzer device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook connection: httpapi hosts: fortianalyzers tasks: - name: Admin profile. fortinet.fortianalyzer.faz_cli_system_admin_profile: cli_system_admin_profile: allow_to_install: disable change_password: disable datamask: disable profileid: 1 state: present vars: ansible_httpapi_port: 443 ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false
state: choices: - present - absent description: The directive to create, update or delete an object required: true type: str log_path: default: /tmp/fortianalyzer.ansible.log description: - The path to save log. Used if enable_log is true. - Please use absolute path instead of relative path. - If the log_path setting is incorrect, the log will be saved in /tmp/fortianalyzer.ansible.log required: false type: str rc_failed: description: the rc codes list with which the conditions to fail will be overriden elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: the rc codes list with which the conditions to succeed will be overriden elements: int required: false type: list proposed_method: choices: - set - update - add description: The overridden method for the underlying Json RPC request required: false type: str bypass_validation: default: false description: only set to True when module schema diffs with FortiAnalyzer API structure, module continues to execute without validating parameters required: false type: bool forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str cli_system_admin_profile: description: The top level parameters set. required: false suboptions: adom-lock: choices: - none - read - read-write description: - ADOM locking - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str adom-switch: choices: - none - read - read-write description: - Administrator domain. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str allow-to-install: choices: - disable - enable description: - Enable/disable the restricted user to install objects to the devices. - disable - Disable setting. - enable - Enable setting. type: str change-password: choices: - disable - enable description: - Enable/disable the user to change self password. - disable - Disable setting. - enable - Enable setting. type: str datamask: choices: - disable - enable description: - Enable/disable data masking. - disable - Disable data masking. - enable - Enable data masking. type: str datamask-custom-fields: description: no description elements: dict suboptions: field-category: choices: - log - fortiview - alert - ueba - all description: no description elements: str type: list field-name: description: Field name. type: str field-status: choices: - disable - enable description: - Field status. - disable - Disable field. - enable - Enable field. type: str field-type: choices: - string - ip - mac - email - unknown description: - Field type. - string - String. - ip - IP. - mac - MAC address. - email - Email address. - unknown - Unknown. type: str type: list datamask-custom-priority: choices: - disable - enable description: - Prioritize custom fields. - disable - Disable custom field search priority. - enable - Enable custom field search priority. type: str datamask-fields: choices: - user - srcip - srcname - srcmac - dstip - dstname - email - message - domain description: no description elements: str type: list datamask-key: description: no description type: str datamask-unmasked-time: description: Time in days without data masking. type: int description: description: Description. type: str device-ap: choices: - none - read - read-write description: - Manage AP. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-forticlient: choices: - none - read - read-write description: - Manage FortiClient. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-fortiextender: choices: - none - read - read-write description: - Manage FortiExtender. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-fortiswitch: choices: - none - read - read-write description: - Manage FortiSwitch. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-manager: choices: - none - read - read-write description: - Device manager. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-op: choices: - none - read - read-write description: - Device add/delete/edit. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-policy-package-lock: choices: - none - read - read-write description: - Device/Policy Package locking - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str device-wan-link-load-balance: choices: - none - read - read-write description: - Manage WAN link load balance. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str event-management: choices: - none - read - read-write description: - Event management. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str execute-playbook: choices: - none - read - read-write description: - Execute playbook. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str extension-access: choices: - none - read - read-write description: - Manage extension access. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str fabric-viewer: choices: - none - read - read-write description: - Fabric viewer. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str fgt-gui-proxy: choices: - disable - enable description: - FortiGate GUI proxy. - disable - No permission. - enable - With permission. type: str fortirecorder-setting: choices: - none - read - read-write description: - FortiRecorder settings. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str ips-baseline-ovrd: choices: - disable - enable description: - Enable/disable override baseline ips sensor. - disable - Disable setting. - enable - Enable setting. type: str ips-lock: choices: - none - read - read-write description: - IPS locking - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str ipv6_trusthost1: description: Admin user trusted host IPv6, default ::/0 for all. type: str ipv6_trusthost10: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost2: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost3: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost4: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost5: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost6: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost7: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost8: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str ipv6_trusthost9: description: Admin user trusted host IPv6, default ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/128 for none. type: str log-viewer: choices: - none - read - read-write description: - Log viewer. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str profileid: description: Profile ID. type: str realtime-monitor: choices: - none - read - read-write description: - Realtime monitor. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str report-viewer: choices: - none - read - read-write description: - Report viewer. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str rpc-permit: choices: - read-write - none - read description: - Set none/read/read-write rpc-permission - read-write - Read-write permission. - none - No permission. - read - Read-only permission. type: str run-report: choices: - none - read - read-write description: - Run reports. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str scope: choices: - global - adom description: - Scope. - global - Global scope. - adom - ADOM scope. type: str script-access: choices: - none - read - read-write description: - Script access. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str super-user-profile: choices: - disable - enable description: - Enable/disable super user profile - disable - Disable super user profile - enable - Enable super user profile type: str system-setting: choices: - none - read - read-write description: - System setting. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str triage-events: choices: - none - read - read-write description: - Triage events. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str trusthost1: description: Admin user trusted host IP, default 0.0.0.0 0.0.0.0 for all. type: str trusthost10: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost2: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost3: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost4: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost5: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost6: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost7: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost8: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str trusthost9: description: Admin user trusted host IP, default 255.255.255.255 255.255.255.255 for none. type: str update-incidents: choices: - none - read - read-write description: - Create/update incidents. - none - No permission. - read - Read permission. - read-write - Read-write permission. type: str write-passwd-access: choices: - all - specify-by-user - specify-by-profile description: - set all/specify-by-user/specify-by-profile write password access mode. - all - All except super users. - specify-by-user - Specify by user. - specify-by-profile - Specify by profile. type: str write-passwd-profiles: description: no description elements: dict suboptions: profileid: description: Profile ID. type: str type: list write-passwd-user-list: description: no description elements: dict suboptions: userid: description: User ID. type: str type: list type: dict
meta: contains: request_url: description: The full url requested returned: always sample: /sys/login/user type: str response_code: description: The status of api request returned: always sample: 0 type: int response_data: description: The api response returned: always type: list response_message: description: The descriptive message of the api response returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current fortianalyzer version. returned: complex type: list