fortinet / fortinet.fortimanager / 2.4.0 / module / fmgr_firewall_vip Configure virtual IP for IPv4. | "added in version" 1.0.0 of fortinet.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communityfortinet.fortimanager.fmgr_firewall_vip (2.4.0) — module
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections: - name: fortinet.fortimanager version: 2.4.0
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Demo of cloning objects in FortiManager hosts: fortimanagers connection: httpapi vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 initial_vip_object: "vip_object0" cloned_vip_objects: - name: "vip_object1" comment: "vip_object1 is cloned!" - name: "vip_object2" comment: "vip_object2 is cloned!" tasks: - name: Create An VIP object fortinet.fortimanager.fmgr_firewall_vip: adom: "root" state: "present" firewall_vip: arp-reply: "disable" comment: "The VIP is created via Ansible" name: "{{ initial_vip_object }}" protocol: "tcp" type: "load-balance" - name: Clone an VIP object using fmgr_clone module. fortinet.fortimanager.fmgr_clone: rc_succeeded: [-2] clone: selector: "firewall_vip" self: adom: "root" vip: "{{ initial_vip_object }}" target: name: "{{ item.name }}" comment: "{{ item.comment }}" with_items: "{{ cloned_vip_objects }}"
- name: Example playbook hosts: fortimanagers connection: httpapi vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Configure virtual IP for IPv4. fortinet.fortimanager.fmgr_firewall_vip: bypass_validation: true adom: ansible state: present firewall_vip: arp-reply: disable # <value in [disable, enable]> color: 1 comment: "ansible-comment" id: 1 name: "ansible-test-vip" protocol: tcp # <value in [tcp, udp, sctp, ...]> type: load-balance # <value in [static-nat, load-balance, server-load-balance, ...]>
- name: Gathering fortimanager facts hosts: fortimanagers gather_facts: false connection: httpapi vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Retrieve all the virtual IPs for IPv4 fortinet.fortimanager.fmgr_fact: facts: selector: "firewall_vip" params: adom: "ansible" vip: "your_value"
adom: description: The parameter (adom) in requested url. required: true type: str state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int type: list enable_log: default: false description: Enable/Disable logging for task. type: bool access_token: description: The token to access FortiManager without using username and password. type: str firewall_vip: description: The top level parameters set. required: false suboptions: add-nat46-route: choices: - disable - enable description: Deprecated, please rename it to add_nat46_route. Enable/disable adding NAT46 route. type: str arp-reply: choices: - disable - enable description: Deprecated, please rename it to arp_reply. Enable to respond to ARP requests for this virtual IP address. type: str color: description: Color of icon on the GUI. type: int comment: description: Comment. type: str dns-mapping-ttl: description: Deprecated, please rename it to dns_mapping_ttl. DNS mapping TTL type: int dynamic_mapping: description: Dynamic_Mapping. elements: dict suboptions: _scope: description: _Scope. elements: dict suboptions: name: description: Name. type: str vdom: description: Vdom. type: str type: list add-nat46-route: choices: - disable - enable description: Deprecated, please rename it to add_nat46_route. Enable/disable adding NAT46 route. type: str arp-reply: choices: - disable - enable description: Deprecated, please rename it to arp_reply. Enable to respond to ARP requests for this virtual IP address. type: str color: description: Color of icon on the GUI. type: int comment: description: Comment. type: str dns-mapping-ttl: description: Deprecated, please rename it to dns_mapping_ttl. DNS mapping TTL type: int extaddr: description: (list or str) External FQDN address name. type: raw extintf: description: Interface connected to the source network that receives the packets that will be forwarded to the destination network. type: str extip: description: IP address or address range on the external interface that you want to map to an address or address range on the d... type: str extport: description: Incoming port number range that you want to map to a port number range on the destination network. type: str gratuitous-arp-interval: description: Deprecated, please rename it to gratuitous_arp_interval. Enable to have the VIP send gratuitous ARPs. type: int gslb-domain-name: description: Deprecated, please rename it to gslb_domain_name. Domain to use when integrating with FortiGSLB. type: str gslb-hostname: description: Deprecated, please rename it to gslb_hostname. Hostname to use within the configured FortiGSLB domain. type: str h2-support: choices: - disable - enable description: Deprecated, please rename it to h2_support. Enable/disable HTTP2 support type: str h3-support: choices: - disable - enable description: Deprecated, please rename it to h3_support. Enable/disable HTTP3/QUIC support type: str http-cookie-age: description: Deprecated, please rename it to http_cookie_age. Time in minutes that client web browsers should keep a cookie. type: int http-cookie-domain: description: Deprecated, please rename it to http_cookie_domain. Domain that HTTP cookie persistence should apply to. type: str http-cookie-domain-from-host: choices: - disable - enable description: Deprecated, please rename it to http_cookie_domain_from_host. Enable/disable use of HTTP cookie domain from host f... type: str http-cookie-generation: description: Deprecated, please rename it to http_cookie_generation. Generation of HTTP cookie to be accepted. type: int http-cookie-path: description: Deprecated, please rename it to http_cookie_path. Limit HTTP cookie persistence to the specified path. type: str http-cookie-share: choices: - disable - same-ip description: Deprecated, please rename it to http_cookie_share. Control sharing of cookies across virtual servers. type: str http-ip-header: choices: - disable - enable description: Deprecated, please rename it to http_ip_header. For HTTP multiplexing, enable to add the original client IP addres... type: str http-ip-header-name: description: Deprecated, please rename it to http_ip_header_name. For HTTP multiplexing, enter a custom HTTPS header name. type: str http-multiplex: choices: - disable - enable description: Deprecated, please rename it to http_multiplex. Enable/disable HTTP multiplexing. type: str http-multiplex-max-concurrent-request: description: Deprecated, please rename it to http_multiplex_max_concurrent_request. Maximum number of concurrent requests that ... type: int http-multiplex-max-request: description: Deprecated, please rename it to http_multiplex_max_request. Maximum number of requests that a multiplex server can... type: int http-multiplex-ttl: description: Deprecated, please rename it to http_multiplex_ttl. Time-to-live for idle connections to servers. type: int http-redirect: choices: - disable - enable description: Deprecated, please rename it to http_redirect. Enable/disable redirection of HTTP to HTTPS type: str http-supported-max-version: choices: - http1 - http2 description: Deprecated, please rename it to http_supported_max_version. Maximum supported HTTP versions. type: str https-cookie-secure: choices: - disable - enable description: Deprecated, please rename it to https_cookie_secure. Enable/disable verification that inserted HTTPS cookies are s... type: str id: description: Custom defined ID. type: int ipv6-mappedip: description: Deprecated, please rename it to ipv6_mappedip. Range of mapped IPv6 addresses. type: str ipv6-mappedport: description: Deprecated, please rename it to ipv6_mappedport. IPv6 port number range on the destination network to which the ex... type: str ldb-method: choices: - static - round-robin - weighted - least-session - least-rtt - first-alive - http-host description: Deprecated, please rename it to ldb_method. Method used to distribute sessions to real servers. type: str mapped-addr: description: Deprecated, please rename it to mapped_addr. Mapped FQDN address name. type: str mappedip: description: (list) IP address or address range on the destination network to which the external IP address is mapped. type: raw mappedport: description: Port number range on the destination network to which the external port number range is mapped. type: str max-embryonic-connections: description: Deprecated, please rename it to max_embryonic_connections. Maximum number of incomplete connections. type: int monitor: description: (list or str) Name of the health check monitor to use when polling to determine a virtual servers connectivity status. type: raw nat-source-vip: choices: - disable - enable description: Deprecated, please rename it to nat_source_vip. Enable/disable forcing the source NAT mapped IP to the external IP... type: str nat44: choices: - disable - enable description: Enable/disable NAT44. type: str nat46: choices: - disable - enable description: Enable/disable NAT46. type: str one-click-gslb-server: choices: - disable - enable description: Deprecated, please rename it to one_click_gslb_server. Enable/disable one click GSLB server integration with Forti... type: str outlook-web-access: choices: - disable - enable description: Deprecated, please rename it to outlook_web_access. Enable to add the Front-End-Https header for Microsoft Outlook... type: str persistence: choices: - none - http-cookie - ssl-session-id description: Configure how to make sure that clients connect to the same server every time they make a request that is part of ... type: str portforward: choices: - disable - enable description: Enable/disable port forwarding. type: str portmapping-type: choices: - 1-to-1 - m-to-n description: Deprecated, please rename it to portmapping_type. Port mapping type. type: str protocol: choices: - tcp - udp - sctp - icmp description: Protocol to use when forwarding packets. type: str realservers: description: Realservers. elements: dict suboptions: address: description: Address. type: str client-ip: description: (list) Deprecated, please rename it to client_ip. Only clients in this IP range can connect to this real s... type: raw health-check-proto: choices: - ping - http description: Deprecated, please rename it to health_check_proto. type: str healthcheck: choices: - disable - enable - vip description: Enable to check the responsiveness of the real server before forwarding traffic. type: str holddown-interval: description: Deprecated, please rename it to holddown_interval. Time in seconds that the health check monitor continues... type: int http-host: description: Deprecated, please rename it to http_host. HTTP server domain name in HTTP header. type: str id: description: Real server ID. type: int ip: description: IP address of the real server. type: str max-connections: description: Deprecated, please rename it to max_connections. Max number of active connections that can be directed to ... type: int monitor: description: (list or str) Name of the health check monitor to use when polling to determine a virtual servers connecti... type: raw port: description: Port for communicating with the real server. type: int seq: description: Seq. type: int status: choices: - active - standby - disable description: Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no... type: str translate-host: choices: - disable - enable description: Deprecated, please rename it to translate_host. Enable/disable translation of hostname/IP from virtual ser... type: str type: choices: - ip - address description: Type. type: str weight: description: Weight of the real server. type: int type: list server-type: choices: - http - https - ssl - tcp - udp - ip - imaps - pop3s - smtps - ssh description: Deprecated, please rename it to server_type. Protocol to be load balanced by the virtual server type: str service: description: (list or str) Service name. type: raw src-filter: description: (list) Deprecated, please rename it to src_filter. Source address filter. type: raw srcintf-filter: description: (list) Deprecated, please rename it to srcintf_filter. Interfaces to which the VIP applies. type: raw ssl-accept-ffdhe-groups: choices: - disable - enable description: Deprecated, please rename it to ssl_accept_ffdhe_groups. Enable/disable FFDHE cipher suite for SSL key exchange. type: str ssl-algorithm: choices: - high - medium - low - custom description: Deprecated, please rename it to ssl_algorithm. Permitted encryption algorithms for SSL sessions according to encry... type: str ssl-certificate: description: Deprecated, please rename it to ssl_certificate. The name of the SSL certificate to use for SSL acceleration. type: str ssl-cipher-suites: description: Deprecated, please rename it to ssl_cipher_suites. Ssl-Cipher-Suites. elements: dict suboptions: cipher: choices: - TLS-RSA-WITH-RC4-128-MD5 - TLS-RSA-WITH-RC4-128-SHA - TLS-RSA-WITH-DES-CBC-SHA - TLS-RSA-WITH-3DES-EDE-CBC-SHA - TLS-RSA-WITH-AES-128-CBC-SHA - TLS-RSA-WITH-AES-256-CBC-SHA - TLS-RSA-WITH-AES-128-CBC-SHA256 - TLS-RSA-WITH-AES-256-CBC-SHA256 - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 - TLS-RSA-WITH-SEED-CBC-SHA - TLS-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-DHE-RSA-WITH-DES-CBC-SHA - TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA - TLS-DHE-RSA-WITH-AES-128-CBC-SHA - TLS-DHE-RSA-WITH-AES-256-CBC-SHA - TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 - TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 - TLS-DHE-RSA-WITH-SEED-CBC-SHA - TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-RC4-128-SHA - TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA - TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 - TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 - TLS-DHE-DSS-WITH-AES-128-CBC-SHA - TLS-DHE-DSS-WITH-AES-256-CBC-SHA - TLS-DHE-DSS-WITH-AES-128-CBC-SHA256 - TLS-DHE-DSS-WITH-AES-128-GCM-SHA256 - TLS-DHE-DSS-WITH-AES-256-CBC-SHA256 - TLS-DHE-DSS-WITH-AES-256-GCM-SHA384 - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 - TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 - TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 - TLS-RSA-WITH-AES-128-GCM-SHA256 - TLS-RSA-WITH-AES-256-GCM-SHA384 - TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA - TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA - TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256 - TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256 - TLS-DHE-DSS-WITH-SEED-CBC-SHA - TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256 - TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 - TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 - TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA - TLS-DHE-DSS-WITH-DES-CBC-SHA - TLS-AES-128-GCM-SHA256 - TLS-AES-256-GCM-SHA384 - TLS-CHACHA20-POLY1305-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA description: Cipher suite name. type: str id: description: Id. type: int priority: description: SSL/TLS cipher suites priority. type: int versions: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: SSL/TLS versions that the cipher suite can be used with. elements: str type: list type: list ssl-client-fallback: choices: - disable - enable description: Deprecated, please rename it to ssl_client_fallback. Enable/disable support for preventing Downgrade Attacks on cl... type: str ssl-client-rekey-count: description: Deprecated, please rename it to ssl_client_rekey_count. Maximum length of data in MB before triggering a client rekey type: int ssl-client-renegotiation: choices: - deny - allow - secure description: Deprecated, please rename it to ssl_client_renegotiation. Allow, deny, or require secure renegotiation of client s... type: str ssl-client-session-state-max: description: Deprecated, please rename it to ssl_client_session_state_max. Maximum number of client to FortiGate SSL session st... type: int ssl-client-session-state-timeout: description: Deprecated, please rename it to ssl_client_session_state_timeout. Number of minutes to keep client to FortiGate SS... type: int ssl-client-session-state-type: choices: - disable - time - count - both description: Deprecated, please rename it to ssl_client_session_state_type. How to expire SSL sessions for the segment of the S... type: str ssl-dh-bits: choices: - '768' - '1024' - '1536' - '2048' - '3072' - '4096' description: Deprecated, please rename it to ssl_dh_bits. Number of bits to use in the Diffie-Hellman exchange for RSA encrypti... type: str ssl-hpkp: choices: - disable - enable - report-only description: Deprecated, please rename it to ssl_hpkp. Enable/disable including HPKP header in response. type: str ssl-hpkp-age: description: Deprecated, please rename it to ssl_hpkp_age. Number of seconds the client should honour the HPKP setting. type: int ssl-hpkp-backup: description: Deprecated, please rename it to ssl_hpkp_backup. Certificate to generate backup HPKP pin from. type: str ssl-hpkp-include-subdomains: choices: - disable - enable description: Deprecated, please rename it to ssl_hpkp_include_subdomains. Indicate that HPKP header applies to all subdomains. type: str ssl-hpkp-primary: description: Deprecated, please rename it to ssl_hpkp_primary. Certificate to generate primary HPKP pin from. type: str ssl-hpkp-report-uri: description: Deprecated, please rename it to ssl_hpkp_report_uri. URL to report HPKP violations to. type: str ssl-hsts: choices: - disable - enable description: Deprecated, please rename it to ssl_hsts. Enable/disable including HSTS header in response. type: str ssl-hsts-age: description: Deprecated, please rename it to ssl_hsts_age. Number of seconds the client should honour the HSTS setting. type: int ssl-hsts-include-subdomains: choices: - disable - enable description: Deprecated, please rename it to ssl_hsts_include_subdomains. Indicate that HSTS header applies to all subdomains. type: str ssl-http-location-conversion: choices: - disable - enable description: Deprecated, please rename it to ssl_http_location_conversion. Enable to replace HTTP with HTTPS in the replys Loca... type: str ssl-http-match-host: choices: - disable - enable description: Deprecated, please rename it to ssl_http_match_host. Enable/disable HTTP host matching for location conversion. type: str ssl-max-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: Deprecated, please rename it to ssl_max_version. Highest SSL/TLS version acceptable from a client. type: str ssl-min-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: Deprecated, please rename it to ssl_min_version. Lowest SSL/TLS version acceptable from a client. type: str ssl-mode: choices: - half - full description: Deprecated, please rename it to ssl_mode. Apply SSL offloading between the client and the FortiGate type: str ssl-pfs: choices: - require - deny - allow description: Deprecated, please rename it to ssl_pfs. Select the cipher suites that can be used for SSL perfect forward secrecy type: str ssl-send-empty-frags: choices: - disable - enable description: Deprecated, please rename it to ssl_send_empty_frags. Enable/disable sending empty fragments to avoid CBC IV attacks type: str ssl-server-algorithm: choices: - high - low - medium - custom - client description: Deprecated, please rename it to ssl_server_algorithm. Permitted encryption algorithms for the server side of SSL f... type: str ssl-server-max-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - client - tls-1.3 description: Deprecated, please rename it to ssl_server_max_version. Highest SSL/TLS version acceptable from a server. type: str ssl-server-min-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - client - tls-1.3 description: Deprecated, please rename it to ssl_server_min_version. Lowest SSL/TLS version acceptable from a server. type: str ssl-server-renegotiation: choices: - disable - enable description: Deprecated, please rename it to ssl_server_renegotiation. Enable/disable secure renegotiation to comply with RFC 5746. type: str ssl-server-session-state-max: description: Deprecated, please rename it to ssl_server_session_state_max. Maximum number of FortiGate to Server SSL session st... type: int ssl-server-session-state-timeout: description: Deprecated, please rename it to ssl_server_session_state_timeout. Number of minutes to keep FortiGate to Server SS... type: int ssl-server-session-state-type: choices: - disable - time - count - both description: Deprecated, please rename it to ssl_server_session_state_type. How to expire SSL sessions for the segment of the S... type: str status: choices: - disable - enable description: Enable/disable VIP. type: str type: choices: - static-nat - load-balance - server-load-balance - dns-translation - fqdn - access-proxy description: Configure a static NAT, load balance, server load balance, DNS translation, or FQDN VIP. type: str uuid: description: Universally Unique Identifier type: str weblogic-server: choices: - disable - enable description: Deprecated, please rename it to weblogic_server. Enable to add an HTTP header to indicate SSL offloading for a Web... type: str websphere-server: choices: - disable - enable description: Deprecated, please rename it to websphere_server. Enable to add an HTTP header to indicate SSL offloading for a We... type: str type: list extaddr: description: (list or str) External FQDN address name. type: raw extintf: description: Interface connected to the source network that receives the packets that will be forwarded to the destination network. type: str extip: description: IP address or address range on the external interface that you want to map to an address or address range on the destinati... type: str extport: description: Incoming port number range that you want to map to a port number range on the destination network. type: str gratuitous-arp-interval: description: Deprecated, please rename it to gratuitous_arp_interval. Enable to have the VIP send gratuitous ARPs. type: int gslb-domain-name: description: Deprecated, please rename it to gslb_domain_name. Domain to use when integrating with FortiGSLB. type: str gslb-hostname: description: Deprecated, please rename it to gslb_hostname. Hostname to use within the configured FortiGSLB domain. type: str gslb-public-ips: description: Deprecated, please rename it to gslb_public_ips. elements: dict suboptions: index: description: Index of this public IP setting. type: int ip: description: The publicly accessible IP address. type: str type: list h2-support: choices: - disable - enable description: Deprecated, please rename it to h2_support. Enable/disable HTTP2 support type: str h3-support: choices: - disable - enable description: Deprecated, please rename it to h3_support. Enable/disable HTTP3/QUIC support type: str http-cookie-age: description: Deprecated, please rename it to http_cookie_age. Time in minutes that client web browsers should keep a cookie. type: int http-cookie-domain: description: Deprecated, please rename it to http_cookie_domain. Domain that HTTP cookie persistence should apply to. type: str http-cookie-domain-from-host: choices: - disable - enable description: Deprecated, please rename it to http_cookie_domain_from_host. Enable/disable use of HTTP cookie domain from host field in ... type: str http-cookie-generation: description: Deprecated, please rename it to http_cookie_generation. Generation of HTTP cookie to be accepted. type: int http-cookie-path: description: Deprecated, please rename it to http_cookie_path. Limit HTTP cookie persistence to the specified path. type: str http-cookie-share: choices: - disable - same-ip description: Deprecated, please rename it to http_cookie_share. Control sharing of cookies across virtual servers. type: str http-ip-header: choices: - disable - enable description: Deprecated, please rename it to http_ip_header. For HTTP multiplexing, enable to add the original client IP address in the... type: str http-ip-header-name: description: Deprecated, please rename it to http_ip_header_name. For HTTP multiplexing, enter a custom HTTPS header name. type: str http-multiplex: choices: - disable - enable description: Deprecated, please rename it to http_multiplex. Enable/disable HTTP multiplexing. type: str http-multiplex-max-concurrent-request: description: Deprecated, please rename it to http_multiplex_max_concurrent_request. Maximum number of concurrent requests that a multip... type: int http-multiplex-max-request: description: Deprecated, please rename it to http_multiplex_max_request. Maximum number of requests that a multiplex server can handle ... type: int http-multiplex-ttl: description: Deprecated, please rename it to http_multiplex_ttl. Time-to-live for idle connections to servers. type: int http-redirect: choices: - disable - enable description: Deprecated, please rename it to http_redirect. Enable/disable redirection of HTTP to HTTPS type: str http-supported-max-version: choices: - http1 - http2 description: Deprecated, please rename it to http_supported_max_version. Maximum supported HTTP versions. type: str https-cookie-secure: choices: - disable - enable description: Deprecated, please rename it to https_cookie_secure. Enable/disable verification that inserted HTTPS cookies are secure. type: str id: description: Custom defined ID. type: int ipv6-mappedip: description: Deprecated, please rename it to ipv6_mappedip. Range of mapped IPv6 addresses. type: str ipv6-mappedport: description: Deprecated, please rename it to ipv6_mappedport. IPv6 port number range on the destination network to which the external p... type: str ldb-method: choices: - static - round-robin - weighted - least-session - least-rtt - first-alive - http-host description: Deprecated, please rename it to ldb_method. Method used to distribute sessions to real servers. type: str mapped-addr: description: Deprecated, please rename it to mapped_addr. Mapped FQDN address name. type: str mappedip: description: (list) IP address or address range on the destination network to which the external IP address is mapped. type: raw mappedport: description: Port number range on the destination network to which the external port number range is mapped. type: str max-embryonic-connections: description: Deprecated, please rename it to max_embryonic_connections. Maximum number of incomplete connections. type: int monitor: description: (list or str) Name of the health check monitor to use when polling to determine a virtual servers connectivity status. type: raw name: description: Virtual IP name. required: true type: str nat-source-vip: choices: - disable - enable description: Deprecated, please rename it to nat_source_vip. Enable/disable forcing the source NAT mapped IP to the external IP for all... type: str nat44: choices: - disable - enable description: Enable/disable NAT44. type: str nat46: choices: - disable - enable description: Enable/disable NAT46. type: str one-click-gslb-server: choices: - disable - enable description: Deprecated, please rename it to one_click_gslb_server. Enable/disable one click GSLB server integration with FortiGSLB. type: str outlook-web-access: choices: - disable - enable description: Deprecated, please rename it to outlook_web_access. Enable to add the Front-End-Https header for Microsoft Outlook Web Access. type: str persistence: choices: - none - http-cookie - ssl-session-id description: Configure how to make sure that clients connect to the same server every time they make a request that is part of the same... type: str portforward: choices: - disable - enable description: Enable/disable port forwarding. type: str portmapping-type: choices: - 1-to-1 - m-to-n description: Deprecated, please rename it to portmapping_type. Port mapping type. type: str protocol: choices: - tcp - udp - sctp - icmp description: Protocol to use when forwarding packets. type: str quic: description: No description. suboptions: ack-delay-exponent: description: Deprecated, please rename it to ack_delay_exponent. ACK delay exponent type: int active-connection-id-limit: description: Deprecated, please rename it to active_connection_id_limit. Active connection ID limit type: int active-migration: choices: - disable - enable description: Deprecated, please rename it to active_migration. Enable/disable active migration type: str grease-quic-bit: choices: - disable - enable description: Deprecated, please rename it to grease_quic_bit. Enable/disable grease QUIC bit type: str max-ack-delay: description: Deprecated, please rename it to max_ack_delay. Maximum ACK delay in milliseconds type: int max-datagram-frame-size: description: Deprecated, please rename it to max_datagram_frame_size. Maximum datagram frame size in bytes type: int max-idle-timeout: description: Deprecated, please rename it to max_idle_timeout. Maximum idle timeout milliseconds type: int max-udp-payload-size: description: Deprecated, please rename it to max_udp_payload_size. Maximum UDP payload size in bytes type: int type: dict realservers: description: Realservers. elements: dict suboptions: address: description: Dynamic address of the real server. type: str client-ip: description: (list) Deprecated, please rename it to client_ip. Only clients in this IP range can connect to this real server. type: raw healthcheck: choices: - disable - enable - vip description: Enable to check the responsiveness of the real server before forwarding traffic. type: str holddown-interval: description: Deprecated, please rename it to holddown_interval. Time in seconds that the health check monitor continues to moni... type: int http-host: description: Deprecated, please rename it to http_host. HTTP server domain name in HTTP header. type: str id: description: Real server ID. type: int ip: description: IP address of the real server. type: str max-connections: description: Deprecated, please rename it to max_connections. Max number of active connections that can be directed to the real... type: int monitor: description: (list or str) Name of the health check monitor to use when polling to determine a virtual servers connectivity status. type: raw port: description: Port for communicating with the real server. type: int seq: description: Seq. type: int status: choices: - active - standby - disable description: Set the status of the real server to active so that it can accept traffic, or on standby or disabled so no traffic... type: str translate-host: choices: - disable - enable description: Deprecated, please rename it to translate_host. Enable/disable translation of hostname/IP from virtual server to r... type: str type: choices: - ip - address description: Type of address. type: str weight: description: Weight of the real server. type: int type: list server-type: choices: - http - https - ssl - tcp - udp - ip - imaps - pop3s - smtps - ssh description: Deprecated, please rename it to server_type. Protocol to be load balanced by the virtual server type: str service: description: (list or str) Service name. type: raw src-filter: description: (list) Deprecated, please rename it to src_filter. Source address filter. type: raw srcintf-filter: description: (list or str) Deprecated, please rename it to srcintf_filter. Interfaces to which the VIP applies. type: raw ssl-accept-ffdhe-groups: choices: - disable - enable description: Deprecated, please rename it to ssl_accept_ffdhe_groups. Enable/disable FFDHE cipher suite for SSL key exchange. type: str ssl-algorithm: choices: - high - medium - low - custom description: Deprecated, please rename it to ssl_algorithm. Permitted encryption algorithms for SSL sessions according to encryption st... type: str ssl-certificate: description: Deprecated, please rename it to ssl_certificate. The name of the SSL certificate to use for SSL acceleration. type: str ssl-cipher-suites: description: Deprecated, please rename it to ssl_cipher_suites. Ssl-Cipher-Suites. elements: dict suboptions: cipher: choices: - TLS-RSA-WITH-RC4-128-MD5 - TLS-RSA-WITH-RC4-128-SHA - TLS-RSA-WITH-DES-CBC-SHA - TLS-RSA-WITH-3DES-EDE-CBC-SHA - TLS-RSA-WITH-AES-128-CBC-SHA - TLS-RSA-WITH-AES-256-CBC-SHA - TLS-RSA-WITH-AES-128-CBC-SHA256 - TLS-RSA-WITH-AES-256-CBC-SHA256 - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 - TLS-RSA-WITH-SEED-CBC-SHA - TLS-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-DHE-RSA-WITH-DES-CBC-SHA - TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA - TLS-DHE-RSA-WITH-AES-128-CBC-SHA - TLS-DHE-RSA-WITH-AES-256-CBC-SHA - TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 - TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 - TLS-DHE-RSA-WITH-SEED-CBC-SHA - TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-RC4-128-SHA - TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA - TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 - TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 - TLS-DHE-DSS-WITH-AES-128-CBC-SHA - TLS-DHE-DSS-WITH-AES-256-CBC-SHA - TLS-DHE-DSS-WITH-AES-128-CBC-SHA256 - TLS-DHE-DSS-WITH-AES-128-GCM-SHA256 - TLS-DHE-DSS-WITH-AES-256-CBC-SHA256 - TLS-DHE-DSS-WITH-AES-256-GCM-SHA384 - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 - TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 - TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 - TLS-RSA-WITH-AES-128-GCM-SHA256 - TLS-RSA-WITH-AES-256-GCM-SHA384 - TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA - TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA - TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256 - TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256 - TLS-DHE-DSS-WITH-SEED-CBC-SHA - TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256 - TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 - TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 - TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA - TLS-DHE-DSS-WITH-DES-CBC-SHA - TLS-AES-128-GCM-SHA256 - TLS-AES-256-GCM-SHA384 - TLS-CHACHA20-POLY1305-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA description: Cipher suite name. type: str id: description: Id. type: int priority: description: SSL/TLS cipher suites priority. type: int versions: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: SSL/TLS versions that the cipher suite can be used with. elements: str type: list type: list ssl-client-fallback: choices: - disable - enable description: Deprecated, please rename it to ssl_client_fallback. Enable/disable support for preventing Downgrade Attacks on client con... type: str ssl-client-rekey-count: description: Deprecated, please rename it to ssl_client_rekey_count. Maximum length of data in MB before triggering a client rekey type: int ssl-client-renegotiation: choices: - deny - allow - secure description: Deprecated, please rename it to ssl_client_renegotiation. Allow, deny, or require secure renegotiation of client sessions ... type: str ssl-client-session-state-max: description: Deprecated, please rename it to ssl_client_session_state_max. Maximum number of client to FortiGate SSL session states to ... type: int ssl-client-session-state-timeout: description: Deprecated, please rename it to ssl_client_session_state_timeout. Number of minutes to keep client to FortiGate SSL sessio... type: int ssl-client-session-state-type: choices: - disable - time - count - both description: Deprecated, please rename it to ssl_client_session_state_type. How to expire SSL sessions for the segment of the SSL conne... type: str ssl-dh-bits: choices: - '768' - '1024' - '1536' - '2048' - '3072' - '4096' description: Deprecated, please rename it to ssl_dh_bits. Number of bits to use in the Diffie-Hellman exchange for RSA encryption of SS... type: str ssl-hpkp: choices: - disable - enable - report-only description: Deprecated, please rename it to ssl_hpkp. Enable/disable including HPKP header in response. type: str ssl-hpkp-age: description: Deprecated, please rename it to ssl_hpkp_age. Number of seconds the client should honour the HPKP setting. type: int ssl-hpkp-backup: description: Deprecated, please rename it to ssl_hpkp_backup. Certificate to generate backup HPKP pin from. type: str ssl-hpkp-include-subdomains: choices: - disable - enable description: Deprecated, please rename it to ssl_hpkp_include_subdomains. Indicate that HPKP header applies to all subdomains. type: str ssl-hpkp-primary: description: Deprecated, please rename it to ssl_hpkp_primary. Certificate to generate primary HPKP pin from. type: str ssl-hpkp-report-uri: description: Deprecated, please rename it to ssl_hpkp_report_uri. URL to report HPKP violations to. type: str ssl-hsts: choices: - disable - enable description: Deprecated, please rename it to ssl_hsts. Enable/disable including HSTS header in response. type: str ssl-hsts-age: description: Deprecated, please rename it to ssl_hsts_age. Number of seconds the client should honour the HSTS setting. type: int ssl-hsts-include-subdomains: choices: - disable - enable description: Deprecated, please rename it to ssl_hsts_include_subdomains. Indicate that HSTS header applies to all subdomains. type: str ssl-http-location-conversion: choices: - disable - enable description: Deprecated, please rename it to ssl_http_location_conversion. Enable to replace HTTP with HTTPS in the replys Location HTT... type: str ssl-http-match-host: choices: - disable - enable description: Deprecated, please rename it to ssl_http_match_host. Enable/disable HTTP host matching for location conversion. type: str ssl-max-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: Deprecated, please rename it to ssl_max_version. Highest SSL/TLS version acceptable from a client. type: str ssl-min-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: Deprecated, please rename it to ssl_min_version. Lowest SSL/TLS version acceptable from a client. type: str ssl-mode: choices: - half - full description: Deprecated, please rename it to ssl_mode. Apply SSL offloading between the client and the FortiGate type: str ssl-pfs: choices: - require - deny - allow description: Deprecated, please rename it to ssl_pfs. Select the cipher suites that can be used for SSL perfect forward secrecy type: str ssl-send-empty-frags: choices: - disable - enable description: Deprecated, please rename it to ssl_send_empty_frags. Enable/disable sending empty fragments to avoid CBC IV attacks type: str ssl-server-algorithm: choices: - high - low - medium - custom - client description: Deprecated, please rename it to ssl_server_algorithm. Permitted encryption algorithms for the server side of SSL full mode... type: str ssl-server-cipher-suites: description: Deprecated, please rename it to ssl_server_cipher_suites. Ssl-Server-Cipher-Suites. elements: dict suboptions: cipher: choices: - TLS-RSA-WITH-RC4-128-MD5 - TLS-RSA-WITH-RC4-128-SHA - TLS-RSA-WITH-DES-CBC-SHA - TLS-RSA-WITH-3DES-EDE-CBC-SHA - TLS-RSA-WITH-AES-128-CBC-SHA - TLS-RSA-WITH-AES-256-CBC-SHA - TLS-RSA-WITH-AES-128-CBC-SHA256 - TLS-RSA-WITH-AES-256-CBC-SHA256 - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA - TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 - TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 - TLS-RSA-WITH-SEED-CBC-SHA - TLS-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-DHE-RSA-WITH-DES-CBC-SHA - TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA - TLS-DHE-RSA-WITH-AES-128-CBC-SHA - TLS-DHE-RSA-WITH-AES-256-CBC-SHA - TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 - TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA - TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 - TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 - TLS-DHE-RSA-WITH-SEED-CBC-SHA - TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-RC4-128-SHA - TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA - TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 - TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 - TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 - TLS-DHE-DSS-WITH-AES-128-CBC-SHA - TLS-DHE-DSS-WITH-AES-256-CBC-SHA - TLS-DHE-DSS-WITH-AES-128-CBC-SHA256 - TLS-DHE-DSS-WITH-AES-128-GCM-SHA256 - TLS-DHE-DSS-WITH-AES-256-CBC-SHA256 - TLS-DHE-DSS-WITH-AES-256-GCM-SHA384 - TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 - TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 - TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA - TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 - TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 - TLS-RSA-WITH-AES-128-GCM-SHA256 - TLS-RSA-WITH-AES-256-GCM-SHA384 - TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA - TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA - TLS-DHE-DSS-WITH-CAMELLIA-128-CBC-SHA256 - TLS-DHE-DSS-WITH-CAMELLIA-256-CBC-SHA256 - TLS-DHE-DSS-WITH-SEED-CBC-SHA - TLS-DHE-DSS-WITH-ARIA-128-CBC-SHA256 - TLS-DHE-DSS-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 - TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 - TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 - TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 - TLS-DHE-DSS-WITH-3DES-EDE-CBC-SHA - TLS-DHE-DSS-WITH-DES-CBC-SHA - TLS-AES-128-GCM-SHA256 - TLS-AES-256-GCM-SHA384 - TLS-CHACHA20-POLY1305-SHA256 - TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA description: Cipher suite name. type: str priority: description: SSL/TLS cipher suites priority. type: int versions: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: SSL/TLS versions that the cipher suite can be used with. elements: str type: list type: list ssl-server-max-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - client - tls-1.3 description: Deprecated, please rename it to ssl_server_max_version. Highest SSL/TLS version acceptable from a server. type: str ssl-server-min-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - client - tls-1.3 description: Deprecated, please rename it to ssl_server_min_version. Lowest SSL/TLS version acceptable from a server. type: str ssl-server-renegotiation: choices: - disable - enable description: Deprecated, please rename it to ssl_server_renegotiation. Enable/disable secure renegotiation to comply with RFC 5746. type: str ssl-server-session-state-max: description: Deprecated, please rename it to ssl_server_session_state_max. Maximum number of FortiGate to Server SSL session states to ... type: int ssl-server-session-state-timeout: description: Deprecated, please rename it to ssl_server_session_state_timeout. Number of minutes to keep FortiGate to Server SSL sessio... type: int ssl-server-session-state-type: choices: - disable - time - count - both description: Deprecated, please rename it to ssl_server_session_state_type. How to expire SSL sessions for the segment of the SSL conne... type: str status: choices: - disable - enable description: Enable/disable VIP. type: str type: choices: - static-nat - load-balance - server-load-balance - dns-translation - fqdn - access-proxy description: Configure a static NAT, load balance, DNS translation, or FQDN VIP. type: str uuid: description: Universally Unique Identifier type: str weblogic-server: choices: - disable - enable description: Deprecated, please rename it to weblogic_server. Enable to add an HTTP header to indicate SSL offloading for a WebLogic se... type: str websphere-server: choices: - disable - enable description: Deprecated, please rename it to websphere_server. Enable to add an HTTP header to indicate SSL offloading for a WebSphere ... type: str type: dict rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list