Try SpotterConfigure MMS profiles.
| "added in version" 2.0.0 of fortinet.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections:
- name: fortinet.fortimanager
version: 2.4.0This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Configure MMS profiles.
fortinet.fortimanager.fmgr_firewall_mmsprofile:
bypass_validation: false
adom: FortiCarrier # FortiCarrier only object, need a FortiCarrier adom
state: present
firewall_mmsprofile:
comment: "ansible-comment"
# extended-utm-log: disable
mm1:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- chunkedbypass
- clientcomfort
- servercomfort
- strict-file
- mms-checksum
mm3:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- fragmail
- splice
- mms-checksum
mm4:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- fragmail
- splice
- mms-checksum
mm7:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- chunkedbypass
- clientcomfort
- servercomfort
- strict-file
- mms-checksum
name: "ansible-test"
- name: Gathering fortimanager facts
hosts: fortimanagers
gather_facts: false
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Retrieve all the MMS profiles
fortinet.fortimanager.fmgr_fact:
facts:
selector: "firewall_mmsprofile"
params:
adom: "FortiCarrier" # FortiCarrier only object, need a FortiCarrier adom
mms-profile: "your_value"
adom:
description: The parameter (adom) in requested url.
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
type: bool
access_token:
description: The token to access FortiManager without using username and password.
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
type: bool
firewall_mmsprofile:
description: The top level parameters set.
required: false
suboptions:
avnotificationtable:
description: AntiVirus notification table ID.
type: str
bwordtable:
description: MMS banned word table ID.
type: str
carrier-endpoint-prefix:
choices:
- disable
- enable
description: Deprecated, please rename it to carrier_endpoint_prefix. Enable/disable
prefixing of end point values.
type: str
carrier-endpoint-prefix-range-max:
description: Deprecated, please rename it to carrier_endpoint_prefix_range_max.
Maximum length of end point value that can be prefixed
type: int
carrier-endpoint-prefix-range-min:
description: Deprecated, please rename it to carrier_endpoint_prefix_range_min.
Minimum end point length to be prefixed
type: int
carrier-endpoint-prefix-string:
description: Deprecated, please rename it to carrier_endpoint_prefix_string. String
with which to prefix End point values.
type: str
carrierendpointbwltable:
description: Carrier end point filter table ID.
type: str
comment:
description: Comment.
type: str
dupe:
description: No description.
suboptions:
action1:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: No description.
elements: str
type: list
action2:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: No description.
elements: str
type: list
action3:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: No description.
elements: str
type: list
block-time1:
description: Deprecated, please rename it to block_time1. Duration for which
action takes effect
type: int
block-time2:
description: Deprecated, please rename it to block_time2. Duration for which
action takes effect
type: int
block-time3:
description: Deprecated, please rename it to block_time3. Duration action
takes effect
type: int
limit1:
description: Maximum number of messages allowed.
type: int
limit2:
description: Maximum number of messages allowed.
type: int
limit3:
description: Maximum number of messages allowed.
type: int
protocol:
description: Protocol.
type: str
status1:
choices:
- disable
- enable
description: Enable/disable status1 detection.
type: str
status2:
choices:
- disable
- enable
description: Enable/disable status2 detection.
type: str
status3:
choices:
- disable
- enable
description: Enable/disable status3 detection.
type: str
window1:
description: Window to count messages over
type: int
window2:
description: Window to count messages over
type: int
window3:
description: Window to count messages over
type: int
type: dict
flood:
description: No description.
suboptions:
action1:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: No description.
elements: str
type: list
action2:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: No description.
elements: str
type: list
action3:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: No description.
elements: str
type: list
block-time1:
description: Deprecated, please rename it to block_time1. Duration for which
action takes effect
type: int
block-time2:
description: Deprecated, please rename it to block_time2. Duration for which
action takes effect
type: int
block-time3:
description: Deprecated, please rename it to block_time3. Duration action
takes effect
type: int
limit1:
description: Maximum number of messages allowed.
type: int
limit2:
description: Maximum number of messages allowed.
type: int
limit3:
description: Maximum number of messages allowed.
type: int
protocol:
description: Protocol.
type: str
status1:
choices:
- disable
- enable
description: Enable/disable status1 detection.
type: str
status2:
choices:
- disable
- enable
description: Enable/disable status2 detection.
type: str
status3:
choices:
- disable
- enable
description: Enable/disable status3 detection.
type: str
window1:
description: Window to count messages over
type: int
window2:
description: Window to count messages over
type: int
window3:
description: Window to count messages over
type: int
type: dict
mm1:
choices:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- chunkedbypass
- clientcomfort
- servercomfort
- strict-file
- mms-checksum
description: MM1 options.
elements: str
type: list
mm1-addr-hdr:
description: Deprecated, please rename it to mm1_addr_hdr. HTTP header field
type: str
mm1-addr-source:
choices:
- http-header
- cookie
description: Deprecated, please rename it to mm1_addr_source. Source for MM1 user
address.
type: str
mm1-convert-hex:
choices:
- disable
- enable
description: Deprecated, please rename it to mm1_convert_hex. Enable/disable converting
user address from HEX string for MM1.
type: str
mm1-outbreak-prevention:
choices:
- disabled
- files
- full-archive
description: Deprecated, please rename it to mm1_outbreak_prevention. Enable FortiGuard
Virus Outbreak Prevention service.
type: str
mm1-retr-dupe:
choices:
- disable
- enable
description: Deprecated, please rename it to mm1_retr_dupe. Enable/disable duplicate
scanning of MM1 retr.
type: str
mm1-retrieve-scan:
choices:
- disable
- enable
description: Deprecated, please rename it to mm1_retrieve_scan. Enable/disable
scanning on MM1 retrieve configuration messages.
type: str
mm1comfortamount:
description: MM1 comfort amount
type: int
mm1comfortinterval:
description: MM1 comfort interval
type: int
mm1oversizelimit:
description: Maximum file size to scan
type: int
mm3:
choices:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- fragmail
- splice
- mms-checksum
description: MM3 options.
elements: str
type: list
mm3-outbreak-prevention:
choices:
- disabled
- files
- full-archive
description: Deprecated, please rename it to mm3_outbreak_prevention. Enable FortiGuard
Virus Outbreak Prevention service.
type: str
mm3oversizelimit:
description: Maximum file size to scan
type: int
mm4:
choices:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- fragmail
- splice
- mms-checksum
description: MM4 options.
elements: str
type: list
mm4-outbreak-prevention:
choices:
- disabled
- files
- full-archive
description: Deprecated, please rename it to mm4_outbreak_prevention. Enable FortiGuard
Virus Outbreak Prevention service.
type: str
mm4oversizelimit:
description: Maximum file size to scan
type: int
mm7:
choices:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- chunkedbypass
- clientcomfort
- servercomfort
- strict-file
- mms-checksum
description: MM7 options.
elements: str
type: list
mm7-addr-hdr:
description: Deprecated, please rename it to mm7_addr_hdr. HTTP header field
type: str
mm7-addr-source:
choices:
- http-header
- cookie
description: Deprecated, please rename it to mm7_addr_source. Source for MM7 user
address.
type: str
mm7-convert-hex:
choices:
- disable
- enable
description: Deprecated, please rename it to mm7_convert_hex. Enable/disable conversion
of user address from HEX string for MM7.
type: str
mm7-outbreak-prevention:
choices:
- disabled
- files
- full-archive
description: Deprecated, please rename it to mm7_outbreak_prevention. Enable FortiGuard
Virus Outbreak Prevention service.
type: str
mm7comfortamount:
description: MM7 comfort amount
type: int
mm7comfortinterval:
description: MM7 comfort interval
type: int
mm7oversizelimit:
description: Maximum file size to scan
type: int
mms-antispam-mass-log:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_antispam_mass_log. Enable/disable
logging for MMS antispam mass.
type: str
mms-av-block-log:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_av_block_log. Enable/disable
logging for MMS antivirus file blocking.
type: str
mms-av-oversize-log:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_av_oversize_log. Enable/disable
logging for MMS antivirus oversize file blocking.
type: str
mms-av-virus-log:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_av_virus_log. Enable/disable
logging for MMS antivirus scanning.
type: str
mms-carrier-endpoint-filter-log:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_carrier_endpoint_filter_log.
Enable/disable logging for MMS end point filter blocking.
type: str
mms-checksum-log:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_checksum_log. Enable/disable
MMS content checksum logging.
type: str
mms-checksum-table:
description: Deprecated, please rename it to mms_checksum_table. MMS content checksum
table ID.
type: str
mms-notification-log:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_notification_log. Enable/disable
logging for MMS notification messages.
type: str
mms-web-content-log:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_web_content_log. Enable/disable
logging for MMS web content blocking.
type: str
mmsbwordthreshold:
description: MMS banned word threshold.
type: int
name:
description: Profile name.
required: true
type: str
notif-msisdn:
description: Deprecated, please rename it to notif_msisdn. Notif-Msisdn.
elements: dict
suboptions:
msisdn:
description: Recipient MSISDN.
type: str
threshold:
choices:
- flood-thresh-1
- flood-thresh-2
- flood-thresh-3
- dupe-thresh-1
- dupe-thresh-2
- dupe-thresh-3
description: Thresholds on which this MSISDN will receive an alert.
elements: str
type: list
type: list
notification:
description: No description.
suboptions:
alert-int:
description: Deprecated, please rename it to alert_int. Alert notification
send interval.
type: int
alert-int-mode:
choices:
- hours
- minutes
description: Deprecated, please rename it to alert_int_mode. Alert notification
interval mode.
type: str
alert-src-msisdn:
description: Deprecated, please rename it to alert_src_msisdn. Specify from
address for alert messages.
type: str
alert-status:
choices:
- disable
- enable
description: Deprecated, please rename it to alert_status. Alert notification
status.
type: str
bword-int:
description: Deprecated, please rename it to bword_int. Banned word notification
send interval.
type: int
bword-int-mode:
choices:
- hours
- minutes
description: Deprecated, please rename it to bword_int_mode. Banned word notification
interval mode.
type: str
bword-status:
choices:
- disable
- enable
description: Deprecated, please rename it to bword_status. Banned word notification
status.
type: str
carrier-endpoint-bwl-int:
description: Deprecated, please rename it to carrier_endpoint_bwl_int. Carrier
end point black/white list notification send int...
type: int
carrier-endpoint-bwl-int-mode:
choices:
- hours
- minutes
description: Deprecated, please rename it to carrier_endpoint_bwl_int_mode.
Carrier end point black/white list notification int...
type: str
carrier-endpoint-bwl-status:
choices:
- disable
- enable
description: Deprecated, please rename it to carrier_endpoint_bwl_status.
Carrier end point black/white list notification status.
type: str
days-allowed:
choices:
- sunday
- monday
- tuesday
- wednesday
- thursday
- friday
- saturday
description: Deprecated, please rename it to days_allowed.
elements: str
type: list
detect-server:
choices:
- disable
- enable
description: Deprecated, please rename it to detect_server. Enable/disable
automatic server address determination.
type: str
dupe-int:
description: Deprecated, please rename it to dupe_int. Duplicate notification
send interval.
type: int
dupe-int-mode:
choices:
- hours
- minutes
description: Deprecated, please rename it to dupe_int_mode. Duplicate notification
interval mode.
type: str
dupe-status:
choices:
- disable
- enable
description: Deprecated, please rename it to dupe_status. Duplicate notification
status.
type: str
file-block-int:
description: Deprecated, please rename it to file_block_int. File block notification
send interval.
type: int
file-block-int-mode:
choices:
- hours
- minutes
description: Deprecated, please rename it to file_block_int_mode. File block
notification interval mode.
type: str
file-block-status:
choices:
- disable
- enable
description: Deprecated, please rename it to file_block_status. File block
notification status.
type: str
flood-int:
description: Deprecated, please rename it to flood_int. Flood notification
send interval.
type: int
flood-int-mode:
choices:
- hours
- minutes
description: Deprecated, please rename it to flood_int_mode. Flood notification
interval mode.
type: str
flood-status:
choices:
- disable
- enable
description: Deprecated, please rename it to flood_status. Flood notification
status.
type: str
from-in-header:
choices:
- disable
- enable
description: Deprecated, please rename it to from_in_header. Enable/disable
insertion of from address in HTTP header.
type: str
mms-checksum-int:
description: Deprecated, please rename it to mms_checksum_int. MMS checksum
notification send interval.
type: int
mms-checksum-int-mode:
choices:
- hours
- minutes
description: Deprecated, please rename it to mms_checksum_int_mode. MMS checksum
notification interval mode.
type: str
mms-checksum-status:
choices:
- disable
- enable
description: Deprecated, please rename it to mms_checksum_status. MMS checksum
notification status.
type: str
mmsc-hostname:
description: Deprecated, please rename it to mmsc_hostname. Host name or IP
address of the MMSC.
type: str
mmsc-password:
description: (list) Deprecated, please rename it to mmsc_password.
type: raw
mmsc-port:
description: Deprecated, please rename it to mmsc_port. Port used on the MMSC
for sending MMS messages
type: int
mmsc-url:
description: Deprecated, please rename it to mmsc_url. URL used on the MMSC
for sending MMS messages.
type: str
mmsc-username:
description: Deprecated, please rename it to mmsc_username. User name required
for authentication with the MMSC.
type: str
msg-protocol:
choices:
- mm1
- mm3
- mm4
- mm7
description: Deprecated, please rename it to msg_protocol. Protocol to use
for sending notification messages.
type: str
msg-type:
choices:
- submit-req
- deliver-req
description: Deprecated, please rename it to msg_type. MM7 message type.
type: str
protocol:
description: Protocol.
type: str
rate-limit:
description: Deprecated, please rename it to rate_limit. Rate limit for sending
notification messages
type: int
tod-window-duration:
description: Deprecated, please rename it to tod_window_duration. Time of
day window duration.
type: str
tod-window-end:
description: Deprecated, please rename it to tod_window_end. Obsolete.
type: str
tod-window-start:
description: Deprecated, please rename it to tod_window_start. Time of day
window start.
type: str
user-domain:
description: Deprecated, please rename it to user_domain. Domain name to which
the user addresses belong.
type: str
vas-id:
description: Deprecated, please rename it to vas_id. VAS identifier.
type: str
vasp-id:
description: Deprecated, please rename it to vasp_id. VASP identifier.
type: str
virus-int:
description: Deprecated, please rename it to virus_int. Virus notification
send interval.
type: int
virus-int-mode:
choices:
- hours
- minutes
description: Deprecated, please rename it to virus_int_mode. Virus notification
interval mode.
type: str
virus-status:
choices:
- disable
- enable
description: Deprecated, please rename it to virus_status. Virus notification
status.
type: str
type: dict
outbreak-prevention:
description: Deprecated, please rename it to outbreak_prevention.
suboptions:
external-blocklist:
choices:
- disable
- enable
description: Deprecated, please rename it to external_blocklist. Enable/disable
external malware blocklist.
type: str
ftgd-service:
choices:
- disable
- enable
description: Deprecated, please rename it to ftgd_service. Enable/disable
FortiGuard Virus outbreak prevention service.
type: str
type: dict
remove-blocked-const-length:
choices:
- disable
- enable
description: Deprecated, please rename it to remove_blocked_const_length. Enable/disable
MMS replacement of blocked file constant length.
type: str
replacemsg-group:
description: Deprecated, please rename it to replacemsg_group. Replacement message
group.
type: str
type: dict
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list