fortinet / fortinet.fortios / 2.3.6 / module / fortios_endpoint_control_fctems Configure FortiClient Enterprise Management Server (EMS) entries in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communityfortinet.fortios.fortios_endpoint_control_fctems (2.3.6) — module
Install with ansible-galaxy collection install fortinet.fortios:==2.3.6
collections: - name: fortinet.fortios version: 2.3.6
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify endpoint_control feature and fctems category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- name: Configure FortiClient Enterprise Management Server (EMS) entries. fortinet.fortios.fortios_endpoint_control_fctems: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" endpoint_control_fctems: admin_password: "<your_own_value>" admin_username: "<your_own_value>" call_timeout: "30" capabilities: "fabric-auth" certificate: "<your_own_value> (source certificate.remote.name)" cloud_server_type: "production" dirty_reason: "none" ems_id: "<you_own_value>" fortinetone_cloud_authentication: "enable" https_port: "443" interface: "<your_own_value> (source system.interface.name)" interface_select_method: "auto" name: "default_name_15" out_of_sync_threshold: "180" preserve_ssl_session: "enable" pull_avatars: "enable" pull_malware_hash: "enable" pull_sysinfo: "enable" pull_tags: "enable" pull_vulnerabilities: "enable" send_tags_to_all_vdoms: "enable" serial_number: "<your_own_value>" server: "192.168.100.40" source_ip: "84.230.14.43" status: "enable" status_check_interval: "90" tenant_id: "<your_own_value>" trust_ca_cn: "enable" verifying_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" websocket_override: "enable"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str state: choices: - present - absent description: - Indicates whether to create or remove the object. required: true type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str endpoint_control_fctems: default: null description: - Configure FortiClient Enterprise Management Server (EMS) entries. suboptions: admin_password: description: - FortiClient EMS admin password. type: str admin_username: description: - FortiClient EMS admin username. type: str call_timeout: description: - FortiClient EMS call timeout in seconds (1 - 180 seconds). type: int capabilities: choices: - fabric-auth - silent-approval - websocket - websocket-malware - push-ca-certs - common-tags-api - tenant-id - client-avatars - single-vdom-connector description: - List of EMS capabilities. elements: str type: list certificate: description: - FortiClient EMS certificate. Source certificate.remote.name. type: str cloud_server_type: choices: - production - alpha - beta description: - Cloud server type. type: str dirty_reason: choices: - none - mismatched-ems-sn description: - Dirty Reason for FortiClient EMS. type: str ems_id: description: - EMS ID in order (1 - 7). see <a href='#notes'>Notes</a>. required: true type: int fortinetone_cloud_authentication: choices: - enable - disable description: - Enable/disable authentication of FortiClient EMS Cloud through FortiCloud account. type: str https_port: description: - FortiClient EMS HTTPS access port number. (1 - 65535). type: int interface: description: - Specify outgoing interface to reach server. Source system.interface.name. type: str interface_select_method: choices: - auto - sdwan - specify description: - Specify how to select outgoing interface to reach server. type: str name: description: - FortiClient Enterprise Management Server (EMS) name. type: str out_of_sync_threshold: description: - Outdated resource threshold in seconds (10 - 3600). type: int preserve_ssl_session: choices: - enable - disable description: - Enable/disable preservation of EMS SSL session connection. Warning, most users should not touch this setting. type: str pull_avatars: choices: - enable - disable description: - Enable/disable pulling avatars from EMS. type: str pull_malware_hash: choices: - enable - disable description: - Enable/disable pulling FortiClient malware hash from EMS. type: str pull_sysinfo: choices: - enable - disable description: - Enable/disable pulling SysInfo from EMS. type: str pull_tags: choices: - enable - disable description: - Enable/disable pulling FortiClient user tags from EMS. type: str pull_vulnerabilities: choices: - enable - disable description: - Enable/disable pulling vulnerabilities from EMS. type: str send_tags_to_all_vdoms: choices: - enable - disable description: - Relax restrictions on tags to send all EMS tags to all VDOMs type: str serial_number: description: - EMS Serial Number. type: str server: description: - FortiClient EMS FQDN or IPv4 address. type: str source_ip: description: - REST API call source IP. type: str status: choices: - enable - disable description: - Enable or disable this EMS configuration. type: str status_check_interval: description: - FortiClient EMS call timeout in seconds (1 - 120 seconds). type: int tenant_id: description: - EMS Tenant ID. type: str trust_ca_cn: choices: - enable - disable description: - Enable/disable trust of the EMS certificate issuer(CA) and common name(CN) for certificate auto-renewal. type: str verifying_ca: description: - Lowest CA cert on Fortigate in verified EMS cert chain. Source certificate.ca.name vpn.certificate.ca.name. type: str websocket_override: choices: - enable - disable description: - Enable/disable override behavior for how this FortiGate unit connects to EMS using a WebSocket connection. type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str