fortinet / fortinet.fortios / 2.3.6 / module / fortios_casb_user_activity Configure CASB user activity in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communityfortinet.fortios.fortios_casb_user_activity (2.3.6) — module
Install with ansible-galaxy collection install fortinet.fortios:==2.3.6
collections: - name: fortinet.fortios version: 2.3.6
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify casb feature and user_activity category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- name: Configure CASB user activity. fortinet.fortios.fortios_casb_user_activity: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" casb_user_activity: application: "<your_own_value> (source casb.saas-application.name)" casb_name: "<your_own_value>" category: "activity-control" control_options: - name: "default_name_7" operations: - action: "append" case_sensitive: "enable" direction: "request" header_name: "<your_own_value>" name: "default_name_13" search_key: "<your_own_value>" search_pattern: "simple" target: "header" value_from_input: "enable" values: - value: "<your_own_value>" status: "enable" description: "<your_own_value>" match: - id: "23" rules: - case_sensitive: "enable" domains: - domain: "<your_own_value>" header_name: "<your_own_value>" id: "29" match_pattern: "simple" match_value: "<your_own_value>" methods: - method: "<your_own_value>" negate: "enable" type: "domains" strategy: "and" match_strategy: "and" name: "default_name_38" status: "enable" type: "built-in" uuid: "<your_own_value>"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str state: choices: - present - absent description: - Indicates whether to create or remove the object. required: true type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str casb_user_activity: default: null description: - Configure CASB user activity. suboptions: application: description: - CASB SaaS application name. Source casb.saas-application.name. type: str casb_name: description: - CASB user activity signature name. type: str category: choices: - activity-control - tenant-control - domain-control - safe-search-control - other description: - CASB user activity category. type: str control_options: description: - CASB control options. elements: dict suboptions: name: description: - CASB control option name. required: true type: str operations: description: - CASB control option operations. elements: dict suboptions: action: choices: - append - prepend - replace - new - new-on-not-found - delete description: - CASB operation action. type: str case_sensitive: choices: - enable - disable description: - CASB operation search case sensitive. type: str direction: choices: - request description: - CASB operation direction. type: str header_name: description: - CASB operation header name to search. type: str name: description: - CASB control option operation name. required: true type: str search_key: description: - CASB operation key to search. type: str search_pattern: choices: - simple - substr - regexp description: - CASB operation search pattern. type: str target: choices: - header - path description: - CASB operation target. type: str value_from_input: choices: - enable - disable description: - Enable/disable value from user input. type: str values: description: - CASB operation new values. elements: dict suboptions: value: description: - Operation value. required: true type: str type: list type: list status: choices: - enable - disable description: - CASB control option status. type: str type: list description: description: - CASB user activity description. type: str match: description: - CASB user activity match rules. elements: dict suboptions: id: description: - CASB user activity match rules ID. see <a href='#notes'>Notes</a>. required: true type: int rules: description: - CASB user activity rules. elements: dict suboptions: case_sensitive: choices: - enable - disable description: - CASB user activity match case sensitive. type: str domains: description: - CASB user activity domain list. elements: dict suboptions: domain: description: - Domain list separated by space. required: true type: str type: list header_name: description: - CASB user activity rule header name. type: str id: description: - CASB user activity rule ID. see <a href='#notes'>Notes</a>. required: true type: int match_pattern: choices: - simple - substr - regexp description: - CASB user activity rule match pattern. type: str match_value: description: - CASB user activity rule match value. type: str methods: description: - CASB user activity method list. elements: dict suboptions: method: description: - User activity method. required: true type: str type: list negate: choices: - enable - disable description: - Enable/disable what the matching strategy must not be. type: str type: choices: - domains - host - path - header - header-value - method description: - CASB user activity rule type. type: str type: list strategy: choices: - and - or description: - CASB user activity rules strategy. type: str type: list match_strategy: choices: - and - or description: - CASB user activity match strategy. type: str name: description: - CASB user activity name. required: true type: str status: choices: - enable - disable description: - CASB user activity status. type: str type: choices: - built-in - customized description: - CASB user activity type. type: str uuid: description: - Universally Unique Identifier (UUID; automatically assigned but can be manually reset). type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str