fortinet / fortinet.fortimanager / 2.4.0 / module / fmgr_firewall_sslsshprofile_smtps Configure SMTPS options. | "added in version" 2.0.0 of fortinet.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communityfortinet.fortimanager.fmgr_firewall_sslsshprofile_smtps (2.4.0) — module
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections: - name: fortinet.fortimanager version: 2.4.0
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Configure SMTPS options. fortinet.fortimanager.fmgr_firewall_sslsshprofile_smtps: # bypass_validation: false workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 # rc_succeeded: [0, -2, -3, ...] # rc_failed: [-2, -3, ...] adom: <your own value> ssl_ssh_profile: <your own value> firewall_sslsshprofile_smtps: allow_invalid_server_cert: <value in [disable, enable]> client_cert_request: <value in [bypass, inspect, block]> ports: <list or integer> status: <value in [disable, deep-inspection]> unsupported_ssl: <value in [bypass, inspect, block]> untrusted_cert: <value in [allow, block, ignore]> invalid_server_cert: <value in [allow, block]> sni_server_cert_check: <value in [disable, enable, strict]> untrusted_server_cert: <value in [allow, block, ignore]> cert_validation_failure: <value in [allow, block, ignore]> cert_validation_timeout: <value in [allow, block, ignore]> client_certificate: <value in [bypass, inspect, block]> expired_server_cert: <value in [allow, block, ignore]> proxy_after_tcp_handshake: <value in [disable, enable]> revoked_server_cert: <value in [allow, block, ignore]> unsupported_ssl_cipher: <value in [allow, block]> unsupported_ssl_negotiation: <value in [allow, block]> unsupported_ssl_version: <value in [block, allow, inspect]> min_allowed_ssl_version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]>
adom: description: The parameter (adom) in requested url. required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int type: list enable_log: default: false description: Enable/Disable logging for task. type: bool access_token: description: The token to access FortiManager without using username and password. type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. type: str ssl-ssh-profile: description: Deprecated, please use "ssl_ssh_profile" type: str ssl_ssh_profile: description: The parameter (ssl-ssh-profile) in requested url. type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. type: int firewall_sslsshprofile_smtps: description: The top level parameters set. required: false suboptions: allow-invalid-server-cert: choices: - disable - enable description: Deprecated, please rename it to allow_invalid_server_cert. When enabled, allows SSL sessions whose server certificate vali... type: str cert-validation-failure: choices: - allow - block - ignore description: Deprecated, please rename it to cert_validation_failure. Action based on certificate validation failure. type: str cert-validation-timeout: choices: - allow - block - ignore description: Deprecated, please rename it to cert_validation_timeout. Action based on certificate validation timeout. type: str client-cert-request: choices: - bypass - inspect - block description: Deprecated, please rename it to client_cert_request. Action based on client certificate request. type: str client-certificate: choices: - bypass - inspect - block description: Deprecated, please rename it to client_certificate. Action based on received client certificate. type: str expired-server-cert: choices: - allow - block - ignore description: Deprecated, please rename it to expired_server_cert. Action based on server certificate is expired. type: str invalid-server-cert: choices: - allow - block description: Deprecated, please rename it to invalid_server_cert. Allow or block the invalid SSL session server certificate. type: str min-allowed-ssl-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: Deprecated, please rename it to min_allowed_ssl_version. type: str ports: description: (list) No description. type: raw proxy-after-tcp-handshake: choices: - disable - enable description: Deprecated, please rename it to proxy_after_tcp_handshake. Proxy traffic after the TCP 3-way handshake has been established type: str revoked-server-cert: choices: - allow - block - ignore description: Deprecated, please rename it to revoked_server_cert. Action based on server certificate is revoked. type: str sni-server-cert-check: choices: - disable - enable - strict description: Deprecated, please rename it to sni_server_cert_check. Check the SNI in the client hello message with the CN or SAN fields... type: str status: choices: - disable - deep-inspection description: Configure protocol inspection status. type: str unsupported-ssl: choices: - bypass - inspect - block description: Deprecated, please rename it to unsupported_ssl. Action based on the SSL encryption used being unsupported. type: str unsupported-ssl-cipher: choices: - allow - block description: Deprecated, please rename it to unsupported_ssl_cipher. Action based on the SSL cipher used being unsupported. type: str unsupported-ssl-negotiation: choices: - allow - block description: Deprecated, please rename it to unsupported_ssl_negotiation. Action based on the SSL negotiation used being unsupported. type: str unsupported-ssl-version: choices: - block - allow - inspect description: Deprecated, please rename it to unsupported_ssl_version. Action based on the SSL version used being unsupported. type: str untrusted-cert: choices: - allow - block - ignore description: Deprecated, please rename it to untrusted_cert. Allow, ignore, or block the untrusted SSL session server certificate. type: str untrusted-server-cert: choices: - allow - block - ignore description: Deprecated, please rename it to untrusted_server_cert. Allow, ignore, or block the untrusted SSL session server certificate. type: str type: dict
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list