Try SpotterConfigure FortiGuard settings.
| "added in version" 2.0.0 of fortinet.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections:
- name: fortinet.fortimanager
version: 2.4.0This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Configure FortiGuard settings.
fortinet.fortimanager.fmgr_fmupdate_fdssetting:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
fmupdate_fdssetting:
User_Agent: <string>
fds_clt_ssl_protocol: <value in [sslv3, tlsv1.0, tlsv1.1, ...]>
fds_ssl_protocol: <value in [sslv3, tlsv1.0, tlsv1.1, ...]>
fmtr_log: <value in [emergency, alert, critical, ...]>
linkd_log: <value in [emergency, alert, critical, ...]>
max_av_ips_version: <integer>
max_work: <integer>
push_override:
ip: <string>
port: <integer>
status: <value in [disable, enable]>
push_override_to_client:
announce_ip:
-
id: <integer>
ip: <string>
port: <integer>
status: <value in [disable, enable]>
send_report: <value in [disable, enable]>
send_setup: <value in [disable, enable]>
server_override:
servlist:
-
id: <integer>
ip: <string>
ip6: <string>
port: <integer>
service_type: # <list or string>
- fds
- fct
status: <value in [disable, enable]>
system_support_fct:
- 4.x
- 5.0
- 5.2
- 5.4
- 5.6
- 6.0
- 6.2
- 6.4
- 7.0
- 7.2
system_support_fgt:
- 5.4
- 5.6
- 6.0
- 6.2
- 6.4
- 7.0
- 7.2
- 7.4
system_support_fml:
- 4.x
- 5.x
- 6.x
- 6.0
- 6.2
- 6.4
- 7.0
- 7.2
- 7.x
system_support_fsa:
- 1.x
- 2.x
- 3.x
- 4.x
- 3.0
- 3.1
- 3.2
system_support_fsw:
- 5.4
- 5.6
- 6.0
- 6.2
- 4.x
- 5.0
- 5.2
- 6.4
umsvc_log: <value in [emergency, alert, critical, ...]>
unreg_dev_option: <value in [ignore, svc-only, add-service]>
update_schedule:
day: <value in [Sunday, Monday, Tuesday, ...]>
frequency: <value in [every, daily, weekly]>
status: <value in [disable, enable]>
time: <list or string>
wanip_query_mode: <value in [disable, ipify]>
fortiguard_anycast: <value in [disable, enable]>
fortiguard_anycast_source: <value in [fortinet, aws]>
system_support_fdc:
- 3.x
- 4.x
system_support_fts:
- 3.x
- 4.x
- 7.x
system_support_faz:
- 6.x
- 7.x
system_support_fis:
- 1.x
- 2.x
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
type: bool
access_token:
description: The token to access FortiManager without using username and password.
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
type: bool
fmupdate_fdssetting:
description: The top level parameters set.
required: false
suboptions:
User-Agent:
description: Deprecated, please rename it to User_Agent. Configure the user agent
string.
type: str
fds-clt-ssl-protocol:
choices:
- sslv3
- tlsv1.0
- tlsv1.1
- tlsv1.2
- tlsv1.3
description:
- Deprecated, please rename it to fds_clt_ssl_protocol.
- The SSL protocols version for connecting fds server
- sslv3 - set SSLv3 as the client version.
- tlsv1.
- tlsv1.
- tlsv1.
type: str
fds-ssl-protocol:
choices:
- sslv3
- tlsv1.0
- tlsv1.1
- tlsv1.2
- tlsv1.3
description:
- Deprecated, please rename it to fds_ssl_protocol.
- The SSL protocols version for receiving fgt connection
- sslv3 - set SSLv3 as the lowest version.
- tlsv1.
- tlsv1.
- tlsv1.
type: str
fmtr-log:
choices:
- emergency
- alert
- critical
- error
- warn
- notice
- info
- debug
- disable
description:
- Deprecated, please rename it to fmtr_log.
- fmtr log level
- emergency - Log level - emergency
- alert - Log level - alert
- critical - Log level - critical
- error - Log level - error
- warn - Log level - warn
- notice - Log level - notice
- info - Log level - info
- debug - Log level - debug
- disable - Disable linkd log
type: str
fortiguard-anycast:
choices:
- disable
- enable
description:
- Deprecated, please rename it to fortiguard_anycast.
- Enable/disable use of FortiGuards anycast network
- disable - Disable setting.
- enable - Enable setting.
type: str
fortiguard-anycast-source:
choices:
- fortinet
- aws
description:
- Deprecated, please rename it to fortiguard_anycast_source.
- Configure which of Fortinets servers to provide FortiGuard services in FortiGuards
anycast network.
- fortinet - Use Fortinets servers to provide FortiGuard services in FortiGuards
anycast network.
- aws - Use Fortinets AWS servers to provide FortiGuard services in FortiGuards
anycast network.
type: str
linkd-log:
choices:
- emergency
- alert
- critical
- error
- warn
- notice
- info
- debug
- disable
description:
- Deprecated, please rename it to linkd_log.
- The linkd log level
- emergency - Log level - emergency
- alert - Log level - alert
- critical - Log level - critical
- error - Log level - error
- warn - Log level - warn
- notice - Log level - notice
- info - Log level - info
- debug - Log level - debug
- disable - Disable linkd log
type: str
max-av-ips-version:
description: Deprecated, please rename it to max_av_ips_version. The maximum number
of downloadable, full version AV/IPS packages
type: int
max-work:
description: Deprecated, please rename it to max_work. The maximum number of worker
processing download requests
type: int
push-override:
description: Deprecated, please rename it to push_override.
suboptions:
ip:
description: External or virtual IP address of the NAT device that will forward
push messages to the FortiManager unit.
type: str
port:
description: Receiving port number on the NAT device
type: int
status:
choices:
- disable
- enable
description:
- Enable/disable push updates for clients
- disable - Disable setting.
- enable - Enable setting.
type: str
type: dict
push-override-to-client:
description: Deprecated, please rename it to push_override_to_client.
suboptions:
announce-ip:
description: Deprecated, please rename it to announce_ip. Announce-Ip.
elements: dict
suboptions:
id:
description: ID of the announce IP address
type: int
ip:
description: Announce IPv4 address.
type: str
port:
description: Announce IP port
type: int
type: list
status:
choices:
- disable
- enable
description:
- Enable/disable push updates
- disable - Disable setting.
- enable - Enable setting.
type: str
type: dict
send_report:
choices:
- disable
- enable
description:
- send report/fssi to fds server.
- disable - Disable setting.
- enable - Enable setting.
type: str
send_setup:
choices:
- disable
- enable
description:
- forward setup to fds server.
- disable - Disable setting.
- enable - Enable setting.
type: str
server-override:
description: Deprecated, please rename it to server_override.
suboptions:
servlist:
description: Servlist.
elements: dict
suboptions:
id:
description: Override server ID
type: int
ip:
description: IPv4 address of the override server.
type: str
ip6:
description: IPv6 address of the override server.
type: str
port:
description: Port number to use when contacting FortiGuard
type: int
service-type:
choices:
- fds
- fct
description:
- (list or str)
- Deprecated, please rename it to service_type.
- Override service type.
- fct - Server override config for fct
- fds - Server override config for fds
type: raw
type: list
status:
choices:
- disable
- enable
description:
- Override status.
- disable - Disable setting.
- enable - Enable setting.
type: str
type: dict
system-support-faz:
choices:
- 6.x
- 7.x
description: Deprecated, please rename it to system_support_faz.
elements: str
type: list
system-support-fct:
choices:
- 4.x
- '5.0'
- '5.2'
- '5.4'
- '5.6'
- '6.0'
- '6.2'
- '6.4'
- '7.0'
- '7.2'
description:
- Deprecated, please rename it to system_support_fct.
- Supported FortiClient versions.
- '4.'
- '5.'
- '5.'
- '5.'
- '5.'
- '6.'
- '6.'
- '6.'
elements: str
type: list
system-support-fdc:
choices:
- 3.x
- 4.x
description: Deprecated, please rename it to system_support_fdc.
elements: str
type: list
system-support-fgt:
choices:
- '5.4'
- '5.6'
- '6.0'
- '6.2'
- '6.4'
- '7.0'
- '7.2'
- '7.4'
description:
- Deprecated, please rename it to system_support_fgt.
- Supported FortiOS versions.
- '5.'
- '5.'
- '6.'
- '6.'
- '6.'
elements: str
type: list
system-support-fis:
choices:
- 1.x
- 2.x
description: Deprecated, please rename it to system_support_fis.
elements: str
type: list
system-support-fml:
choices:
- 4.x
- 5.x
- 6.x
- '6.0'
- '6.2'
- '6.4'
- '7.0'
- '7.2'
- 7.x
description:
- Deprecated, please rename it to system_support_fml.
- Supported FortiMail versions.
- '4.'
- '5.'
- '6.'
elements: str
type: list
system-support-fsa:
choices:
- 1.x
- 2.x
- 3.x
- 4.x
- '3.0'
- '3.1'
- '3.2'
description:
- Deprecated, please rename it to system_support_fsa.
- Supported FortiSandbox versions.
- '1.'
- '2.'
- '3.'
elements: str
type: list
system-support-fsw:
choices:
- '5.4'
- '5.6'
- '6.0'
- '6.2'
- 4.x
- '5.0'
- '5.2'
- '6.4'
description:
- Deprecated, please rename it to system_support_fsw.
- Supported FortiSwitch versions.
- '4.'
- '5.'
- '5.'
- '5.'
- '5.'
- '6.'
- '6.'
- '6.'
elements: str
type: list
system-support-fts:
choices:
- 3.x
- 4.x
- 7.x
description: Deprecated, please rename it to system_support_fts.
elements: str
type: list
umsvc-log:
choices:
- emergency
- alert
- critical
- error
- warn
- notice
- info
- debug
- disable
description:
- Deprecated, please rename it to umsvc_log.
- The um_service log level
- emergency - Log level - emergency
- alert - Log level - alert
- critical - Log level - critical
- error - Log level - error
- warn - Log level - warn
- notice - Log level - notice
- info - Log level - info
- debug - Log level - debug
- disable - Disable linkd log
type: str
unreg-dev-option:
choices:
- ignore
- svc-only
- add-service
description:
- Deprecated, please rename it to unreg_dev_option.
- set the option for unregister devices
- ignore - Ignore all unregistered devices.
- svc-only - Allow update requests without adding the device.
- add-service - Add unregistered devices and allow update request.
type: str
update-schedule:
description: Deprecated, please rename it to update_schedule.
suboptions:
day:
choices:
- Sunday
- Monday
- Tuesday
- Wednesday
- Thursday
- Friday
- Saturday
description:
- Configure the day the update will occur, if the freqnecy is weekly
- Sunday - Update every Sunday.
- Monday - Update every Monday.
- Tuesday - Update every Tuesday.
- Wednesday - Update every Wednesday.
- Thursday - Update every Thursday.
- Friday - Update every Friday.
- Saturday - Update every Saturday.
type: str
frequency:
choices:
- every
- daily
- weekly
description:
- Configure update frequency
- every - Time interval.
- daily - Every day.
- weekly - Every week.
type: str
status:
choices:
- disable
- enable
description:
- Enable/disable scheduled updates.
- disable - Disable setting.
- enable - Enable setting.
type: str
time:
description: (list) Time interval between updates, or the hour and minute
when the update occurs
type: raw
type: dict
wanip-query-mode:
choices:
- disable
- ipify
description:
- Deprecated, please rename it to wanip_query_mode.
- public ip query mode
- disable - Do not query public ip
- ipify - Get public IP through https
type: str
type: dict
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list