fortinet / fortinet.fortimanager / 2.4.0 / module / fmgr_system_global Global range attributes. | "added in version" 1.0.0 of fortinet.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communityfortinet.fortimanager.fmgr_system_global (2.4.0) — module
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections: - name: fortinet.fortimanager version: 2.4.0
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook hosts: fortimanagers connection: httpapi vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Enable workspace mode fortinet.fortimanager.fmgr_system_global: system_global: adom-status: enable workspace-mode: normal - name: Script table. fortinet.fortimanager.fmgr_dvmdb_script: bypass_validation: false adom: root state: present workspace_locking_adom: "root" dvmdb_script: content: "ansiblt-test" name: "fooscript000" target: device_database type: cli - name: Verify script table fortinet.fortimanager.fmgr_fact: facts: selector: "dvmdb_script" params: adom: "root" script: "fooscript000" register: info failed_when: info.meta.response_code != 0 - name: Restore workspace mode fortinet.fortimanager.fmgr_system_global: system_global: adom-status: enable workspace-mode: disabled
rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int type: list enable_log: default: false description: Enable/Disable logging for task. type: bool access_token: description: The token to access FortiManager without using username and password. type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int type: list system_global: description: The top level parameters set. required: false suboptions: admin-lockout-duration: description: Deprecated, please rename it to admin_lockout_duration. Lockout duration type: int admin-lockout-method: choices: - ip - user description: - Deprecated, please rename it to admin_lockout_method. - Lockout method for administration. - ip - Lockout by IP - user - Lockout by user type: str admin-lockout-threshold: description: Deprecated, please rename it to admin_lockout_threshold. Lockout threshold for administration. type: int adom-mode: choices: - normal - advanced description: - Deprecated, please rename it to adom_mode. - ADOM mode. - normal - Normal ADOM mode. - advanced - Advanced ADOM mode. type: str adom-rev-auto-delete: choices: - disable - by-revisions - by-days description: - Deprecated, please rename it to adom_rev_auto_delete. - Auto delete features for old ADOM revisions. - disable - Disable auto delete function for ADOM revision. - by-revisions - Auto delete ADOM revisions by maximum number of revisions. - by-days - Auto delete ADOM revisions by maximum days. type: str adom-rev-max-backup-revisions: description: Deprecated, please rename it to adom_rev_max_backup_revisions. Maximum number of ADOM revisions to backup. type: int adom-rev-max-days: description: Deprecated, please rename it to adom_rev_max_days. Number of days to keep old ADOM revisions. type: int adom-rev-max-revisions: description: Deprecated, please rename it to adom_rev_max_revisions. Maximum number of ADOM revisions to keep. type: int adom-select: choices: - disable - enable description: - Deprecated, please rename it to adom_select. - Enable/disable select ADOM after login. - disable - Disable select ADOM after login. - enable - Enable select ADOM after login. type: str adom-status: choices: - disable - enable description: - Deprecated, please rename it to adom_status. - ADOM status. - disable - Disable ADOM mode. - enable - Enable ADOM mode. type: str apache-mode: choices: - event - prefork description: - Deprecated, please rename it to apache_mode. - Set apache mode. - event - Apache event mode. - prefork - Apache prefork mode. type: str api-ip-binding: choices: - disable - enable description: - Deprecated, please rename it to api_ip_binding. - Enable/disable source IP check for JSON API request. - disable - Disable setting. - enable - Enable setting. type: str clone-name-option: choices: - default - keep description: - Deprecated, please rename it to clone_name_option. - set the clone object names option. - default - Add a prefix of Clone of to the clone name. - keep - Keep the original name for user to edit. type: str clt-cert-req: choices: - disable - enable - optional description: - Deprecated, please rename it to clt_cert_req. - Require client certificate for GUI login. - disable - Disable setting. - enable - Require client certificate for GUI login. - optional - Optional client certificate for GUI login. type: str console-output: choices: - standard - more description: - Deprecated, please rename it to console_output. - Console output mode. - standard - Standard output. - more - More page output. type: str contentpack-fgt-install: choices: - disable - enable description: - Deprecated, please rename it to contentpack_fgt_install. - Enable/disable outbreak alert auto install for FGT ADOMS . - disable - Disable the sql report auto outbreak auto install. - enable - Enable the sql report auto outbreak auto install. type: str country-flag: choices: - disable - enable description: - Deprecated, please rename it to country_flag. - Country flag Status. - disable - Disable country flag icon beside ip address. - enable - Enable country flag icon beside ip address. type: str create-revision: choices: - disable - enable description: - Deprecated, please rename it to create_revision. - Enable/disable create revision by default. - disable - Disable create revision by default. - enable - Enable create revision by default. type: str daylightsavetime: choices: - disable - enable description: - Enable/disable daylight saving time. - disable - Disable setting. - enable - Enable setting. type: str default-disk-quota: description: Deprecated, please rename it to default_disk_quota. Default disk quota for registered device type: int detect-unregistered-log-device: choices: - disable - enable description: - Deprecated, please rename it to detect_unregistered_log_device. - Detect unregistered logging device from log message. - disable - Disable attribute function. - enable - Enable attribute function. type: str device-view-mode: choices: - regular - tree description: - Deprecated, please rename it to device_view_mode. - Set devices/groups view mode. - regular - Regular view mode. - tree - Tree view mode. type: str dh-params: choices: - '1024' - '1536' - '2048' - '3072' - '4096' - '6144' - '8192' description: - Deprecated, please rename it to dh_params. - Minimum size of Diffie-Hellman prime for SSH/HTTPS - 1024 - 1024 bits. - 1536 - 1536 bits. - 2048 - 2048 bits. - 3072 - 3072 bits. - 4096 - 4096 bits. - 6144 - 6144 bits. - 8192 - 8192 bits. type: str disable-module: choices: - fortiview-noc - none - fortirecorder - siem - soc - ai description: - Deprecated, please rename it to disable_module. - Disable module list. - fortiview-noc - FortiView/NOC-SOC module. - fortirecorder - FortiRecorder module. - siem - SIEM module. - soc - SOC module. - ai - AI module. elements: str type: list enc-algorithm: choices: - low - medium - high - custom description: - Deprecated, please rename it to enc_algorithm. - SSL communication encryption algorithms. - low - SSL communication using all available encryption algorithms. - medium - SSL communication using high and medium encryption algorithms. - high - SSL communication using high encryption algorithms. type: str faz-status: choices: - disable - enable description: - Deprecated, please rename it to faz_status. - FAZ status. - disable - Disable FAZ feature. - enable - Enable FAZ feature. type: str fgfm-ca-cert: description: Deprecated, please rename it to fgfm_ca_cert. Set the extra fgfm CA certificates. type: str fgfm-cert-exclusive: choices: - disable - enable description: - Deprecated, please rename it to fgfm_cert_exclusive. - set if the local or CA certificates should be used exclusively. - disable - Used certificate best-effort. - enable - Used certificate exclusive. type: str fgfm-local-cert: description: Deprecated, please rename it to fgfm_local_cert. Set the fgfm local certificate. type: str fgfm-ssl-protocol: choices: - sslv3 - tlsv1.0 - tlsv1.1 - tlsv1.2 - tlsv1.3 description: - Deprecated, please rename it to fgfm_ssl_protocol. - set the lowest SSL protocols for fgfmsd. - sslv3 - set SSLv3 as the lowest version. - tlsv1. - tlsv1. - tlsv1. type: str fortiservice-port: description: Deprecated, please rename it to fortiservice_port. FortiService port type: int gui-curl-timeout: description: Deprecated, please rename it to gui_curl_timeout. GUI curl timeout in seconds type: int gui-polling-interval: description: Deprecated, please rename it to gui_polling_interval. GUI polling interval in seconds type: int ha-member-auto-grouping: choices: - disable - enable description: - Deprecated, please rename it to ha_member_auto_grouping. - Enable/disable automatically group HA members feature - disable - Disable automatically grouping HA members feature. - enable - Enable automatically grouping HA members only when group name is unique in your network. type: str hitcount_concurrent: description: The number of FortiGates that FortiManager polls at one time type: int hitcount_interval: description: The interval for getting hit count from managed FortiGate devices, in seconds type: int hostname: description: System hostname. type: str import-ignore-addr-cmt: choices: - disable - enable description: - Deprecated, please rename it to import_ignore_addr_cmt. - Enable/Disable import ignore of address comments. - disable - Disable import ignore of address comments. - enable - Enable import ignore of address comments. type: str language: choices: - english - simch - japanese - korean - spanish - trach description: - System global language. - english - English - simch - Simplified Chinese - japanese - Japanese - korean - Korean - spanish - Spanish - trach - Traditional Chinese type: str latitude: description: Fmg location latitude type: str ldap-cache-timeout: description: Deprecated, please rename it to ldap_cache_timeout. LDAP browser cache timeout type: int ldapconntimeout: description: LDAP connection timeout type: int lock-preempt: choices: - disable - enable description: - Deprecated, please rename it to lock_preempt. - Enable/disable ADOM lock override. - disable - Disable lock preempt. - enable - Enable lock preempt. type: str log-checksum: choices: - none - md5 - md5-auth description: - Deprecated, please rename it to log_checksum. - Record log file hash value, timestamp, and authentication code at transmission or rolling. - none - No record log file checksum. - md5 - Record log files MD5 hash value only. - md5-auth - Record log files MD5 hash value and authentication code. type: str log-checksum-upload: choices: - disable - enable description: - Deprecated, please rename it to log_checksum_upload. - Enable/disable upload log checksum with log files. - disable - Disable attribute function. - enable - Enable attribute function. type: str log-forward-cache-size: description: Deprecated, please rename it to log_forward_cache_size. Log forwarding disk cache size type: int longitude: description: Fmg location longitude type: str management-ip: description: Deprecated, please rename it to management_ip. Management IP address of this FortiGate. type: str management-port: description: Deprecated, please rename it to management_port. Overriding port for management connection type: int max-log-forward: description: Deprecated, please rename it to max_log_forward. Maximum number of log-forward and aggregation settings. type: int max-running-reports: description: Deprecated, please rename it to max_running_reports. Maximum number of reports generating at one time. type: int mc-policy-disabled-adoms: description: Deprecated, please rename it to mc_policy_disabled_adoms. Mc-Policy-Disabled-Adoms. elements: dict suboptions: adom-name: description: Deprecated, please rename it to adom_name. Adom names. type: str type: list multiple-steps-upgrade-in-autolink: choices: - disable - enable description: - Deprecated, please rename it to multiple_steps_upgrade_in_autolink. - Enable/disable multiple steps upgade in autolink process - disable - Disable setting. - enable - Enable setting. type: str no-copy-permission-check: choices: - disable - enable description: - Deprecated, please rename it to no_copy_permission_check. - Do not perform permission check to block object changes in different adom during copy and install. - disable - Disable setting. - enable - Enable setting. type: str no-vip-value-check: choices: - disable - enable description: - Deprecated, please rename it to no_vip_value_check. - Enable/disable skipping policy instead of throwing error when vip has no default or dynamic mapping during policy copy - disable - Disable setting. - enable - Enable setting. type: str normalized-intf-zone-only: choices: - disable - enable description: - Deprecated, please rename it to normalized_intf_zone_only. - allow normalized interface to be zone only. - disable - Disable SSL low-grade encryption. - enable - Enable SSL low-grade encryption. type: str object-revision-db-max: description: Deprecated, please rename it to object_revision_db_max. Maximum revisions for a single database type: int object-revision-mandatory-note: choices: - disable - enable description: - Deprecated, please rename it to object_revision_mandatory_note. - Enable/disable mandatory note when create revision. - disable - Disable object revision. - enable - Enable object revision. type: str object-revision-object-max: description: Deprecated, please rename it to object_revision_object_max. Maximum revisions for a single object type: int object-revision-status: choices: - disable - enable description: - Deprecated, please rename it to object_revision_status. - Enable/disable create revision when modify objects. - disable - Disable object revision. - enable - Enable object revision. type: str oftp-ssl-protocol: choices: - sslv3 - tlsv1.0 - tlsv1.1 - tlsv1.2 - tlsv1.3 description: - Deprecated, please rename it to oftp_ssl_protocol. - set the lowest SSL protocols for oftpd. - sslv3 - set SSLv3 as the lowest version. - tlsv1. - tlsv1. - tlsv1. type: str partial-install: choices: - disable - enable description: - Deprecated, please rename it to partial_install. - Enable/Disable partial install - disable - Disable partial install function. - enable - Enable partial install function. type: str partial-install-force: choices: - disable - enable description: - Deprecated, please rename it to partial_install_force. - Enable/Disable partial install when devdb is modified. - disable - Disable partial install when devdb is modified. - enable - Enable partial install when devdb is modified. type: str partial-install-rev: choices: - disable - enable description: - Deprecated, please rename it to partial_install_rev. - Enable/Disable auto creating adom revision for partial install. - disable - Disable partial install revision. - enable - Enable partial install revision. type: str per-policy-lock: choices: - disable - enable description: - Deprecated, please rename it to per_policy_lock. - Enable/Disable per policy lock. - disable - Disable per policy lock. - enable - Enable per policy lock. type: str perform-improve-by-ha: choices: - disable - enable description: - Deprecated, please rename it to perform_improve_by_ha. - Enable/Disable performance improvement by distributing tasks to HA slaves. - disable - Disable performance improvement by HA. - enable - Enable performance improvement by HA. type: str policy-hit-count: choices: - disable - enable description: - Deprecated, please rename it to policy_hit_count. - show policy hit count. - disable - Disable policy hit count. - enable - Enable policy hit count. type: str policy-object-icon: choices: - disable - enable description: - Deprecated, please rename it to policy_object_icon. - show icons of policy objects. - disable - Disable icon of policy objects. - enable - Enable icon of policy objects. type: str policy-object-in-dual-pane: choices: - disable - enable description: - Deprecated, please rename it to policy_object_in_dual_pane. - show policies and objects in dual pane. - disable - Disable polices and objects in dual pane. - enable - Enable polices and objects in dual pane. type: str pre-login-banner: choices: - disable - enable description: - Deprecated, please rename it to pre_login_banner. - Enable/disable pre-login banner. - disable - Disable pre-login banner. - enable - Enable pre-login banner. type: str pre-login-banner-message: description: Deprecated, please rename it to pre_login_banner_message. Pre-login banner message. type: str private-data-encryption: choices: - disable - enable description: - Deprecated, please rename it to private_data_encryption. - Enable/disable private data encryption using an AES 128-bit key. - disable - Disable private data encryption using an AES 128-bit key. - enable - Enable private data encryption using an AES 128-bit key. type: str remoteauthtimeout: description: Remote authentication type: int save-last-hit-in-adomdb: choices: - disable - enable description: - Deprecated, please rename it to save_last_hit_in_adomdb. - Enable/Disable save last-hit value in adomdb. - disable - Disable save last-hit value in adomdb. - enable - Enable save last-hit value in adomdb. type: str search-all-adoms: choices: - disable - enable description: - Deprecated, please rename it to search_all_adoms. - Enable/Disable Search all ADOMs for where-used query. - disable - Disable search all ADOMs for where-used queries. - enable - Enable search all ADOMs for where-used queries. type: str ssh-enc-algo: choices: - chacha20-poly1305@openssh.com - aes128-ctr - aes192-ctr - aes256-ctr - arcfour256 - arcfour128 - aes128-cbc - 3des-cbc - blowfish-cbc - cast128-cbc - aes192-cbc - aes256-cbc - arcfour - rijndael-cbc@lysator.liu.se - aes128-gcm@openssh.com - aes256-gcm@openssh.com description: Deprecated, please rename it to ssh_enc_algo. elements: str type: list ssh-hostkey-algo: choices: - ssh-rsa - ecdsa-sha2-nistp521 - rsa-sha2-256 - rsa-sha2-512 - ssh-ed25519 description: Deprecated, please rename it to ssh_hostkey_algo. elements: str type: list ssh-kex-algo: choices: - diffie-hellman-group1-sha1 - diffie-hellman-group14-sha1 - diffie-hellman-group14-sha256 - diffie-hellman-group16-sha512 - diffie-hellman-group18-sha512 - diffie-hellman-group-exchange-sha1 - diffie-hellman-group-exchange-sha256 - curve25519-sha256@libssh.org - ecdh-sha2-nistp256 - ecdh-sha2-nistp384 - ecdh-sha2-nistp521 description: Deprecated, please rename it to ssh_kex_algo. elements: str type: list ssh-mac-algo: choices: - hmac-md5 - hmac-md5-etm@openssh.com - hmac-md5-96 - hmac-md5-96-etm@openssh.com - hmac-sha1 - hmac-sha1-etm@openssh.com - hmac-sha2-256 - hmac-sha2-256-etm@openssh.com - hmac-sha2-512 - hmac-sha2-512-etm@openssh.com - hmac-ripemd160 - hmac-ripemd160@openssh.com - hmac-ripemd160-etm@openssh.com - umac-64@openssh.com - umac-128@openssh.com - umac-64-etm@openssh.com - umac-128-etm@openssh.com description: Deprecated, please rename it to ssh_mac_algo. elements: str type: list ssh-strong-crypto: choices: - disable - enable description: - Deprecated, please rename it to ssh_strong_crypto. - Only allow strong ciphers for SSH when enabled. - disable - Disable strong crypto for SSH. - enable - Enable strong crypto for SSH. type: str ssl-cipher-suites: description: Deprecated, please rename it to ssl_cipher_suites. elements: dict suboptions: cipher: description: Cipher name type: str priority: description: SSL/TLS cipher suites priority. type: int version: choices: - tls1.2-or-below - tls1.3 description: - SSL/TLS version the cipher suite can be used with. - tls1. - tls1. type: str type: list ssl-low-encryption: choices: - disable - enable description: - Deprecated, please rename it to ssl_low_encryption. - SSL low-grade encryption. - disable - Disable SSL low-grade encryption. - enable - Enable SSL low-grade encryption. type: str ssl-protocol: choices: - tlsv1.2 - tlsv1.1 - tlsv1.0 - sslv3 - tlsv1.3 description: - Deprecated, please rename it to ssl_protocol. - SSL protocols. - tlsv1. - tlsv1. - tlsv1. - tlsv1. - sslv3 - Enable SSLv3. elements: str type: list ssl-static-key-ciphers: choices: - disable - enable description: - Deprecated, please rename it to ssl_static_key_ciphers. - Enable/disable SSL static key ciphers. - disable - Disable setting. - enable - Enable setting. type: str table-entry-blink: choices: - disable - enable description: - Deprecated, please rename it to table_entry_blink. - Enable/disable table entry blink in GUI - disable - Disable setting. - enable - Enable setting. type: str task-list-size: description: Deprecated, please rename it to task_list_size. Maximum number of completed tasks to keep. type: int tftp: choices: - disable - enable description: - Enable/disable TFTP in `exec restore image` command - disable - Disable TFTP - enable - Enable TFTP type: str timezone: choices: - '00' - '01' - '02' - '03' - '04' - '05' - '06' - '07' - 08 - 09 - '10' - '11' - '12' - '13' - '14' - '15' - '16' - '17' - '18' - '19' - '20' - '21' - '22' - '23' - '24' - '25' - '26' - '27' - '28' - '29' - '30' - '31' - '32' - '33' - '34' - '35' - '36' - '37' - '38' - '39' - '40' - '41' - '42' - '43' - '44' - '45' - '46' - '47' - '48' - '49' - '50' - '51' - '52' - '53' - '54' - '55' - '56' - '57' - '58' - '59' - '60' - '61' - '62' - '63' - '64' - '65' - '66' - '67' - '68' - '69' - '70' - '71' - '72' - '73' - '74' - '75' - '76' - '77' - '78' - '79' - '80' - '81' - '82' - '83' - '84' - '85' - '86' - '87' - '88' - '89' - '90' - '91' description: - Time zone. - 00 - - 01 - - 02 - - 03 - - 04 - - 05 - - 06 - - 07 - - 08 - - 09 - - 10 - - 11 - - 12 - - 13 - - 14 - - 15 - - 16 - - 17 - - 18 - - 19 - - 20 - - 21 - - 22 - - 23 - - 24 - - 25 - - 26 - - 27 - - 28 - - 29 - - 30 - - 31 - - 32 - - 33 - - 34 - - 35 - - 36 - - 37 - - 38 - - 39 - - 40 - - 41 - - 42 - - 43 - - 44 - - 45 - - 46 - - 47 - - 48 - - 49 - - 50 - - 51 - - 52 - - 53 - - 54 - - 55 - - 56 - - 57 - - 58 - - 59 - - 60 - - 61 - - 62 - - 63 - - 64 - - 65 - - 66 - - 67 - - 68 - - 69 - - 70 - - 71 - - 72 - - 73 - - 74 - - 75 - - 76 - - 77 - - 78 - - 79 - - 80 - - 81 - - 82 - - 83 - - 84 - - 85 - - 86 - - 87 - - 88 - - 89 - type: str tunnel-mtu: description: Deprecated, please rename it to tunnel_mtu. Maximum transportation unit type: int usg: choices: - disable - enable description: - Enable/disable Fortiguard server restriction. - disable - Contact any Fortiguard server - enable - Contact Fortiguard server in USA only type: str vdom-mirror: choices: - disable - enable description: - Deprecated, please rename it to vdom_mirror. - VDOM mirror. - disable - Disable VDOM mirror function. - enable - Enable VDOM mirror function. type: str webservice-proto: choices: - tlsv1.2 - tlsv1.1 - tlsv1.0 - sslv3 - sslv2 - tlsv1.3 description: - Deprecated, please rename it to webservice_proto. - Web Service connection support SSL protocols. - tlsv1. - tlsv1. - tlsv1. - tlsv1. - sslv3 - Web Service connection using SSLv3 protocol. - sslv2 - Web Service connection using SSLv2 protocol. elements: str type: list workflow-max-sessions: description: Deprecated, please rename it to workflow_max_sessions. Maximum number of workflow sessions per ADOM type: int workspace-mode: choices: - disabled - normal - workflow - per-adom description: - Deprecated, please rename it to workspace_mode. - Set workspace mode - disabled - Workspace disabled. - normal - Workspace lock mode. - workflow - Workspace workflow mode. type: str workspace-unlock-after-install: choices: - disable - enable description: - Deprecated, please rename it to workspace_unlock_after_install. - Enable/disable ADOM auto-unlock after device installation. - disable - Disable automatically unlock adom after device installation. - enable - Enable automatically unlock adom after device installation. type: str type: dict proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list