fortinet / fortinet.fortios / 2.3.6 / module / fortios_system_sdn_connector Configure connection to SDN Connector in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communityfortinet.fortios.fortios_system_sdn_connector (2.3.6) — module
Install with ansible-galaxy collection install fortinet.fortios:==2.3.6
collections: - name: fortinet.fortios version: 2.3.6
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and sdn_connector category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- name: Configure connection to SDN Connector. fortinet.fortios.fortios_system_sdn_connector: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" system_sdn_connector: access_key: "<your_own_value>" alt_resource_ip: "disable" api_key: "<your_own_value>" azure_region: "global" client_id: "<your_own_value>" client_secret: "<your_own_value>" compartment_id: "<your_own_value>" compartment_list: - compartment_id: "<your_own_value>" compute_generation: "2" domain: "<your_own_value>" external_account_list: - external_id: "<your_own_value>" region_list: - region: "<your_own_value>" role_arn: "<your_own_value>" external_ip: - name: "default_name_20" forwarding_rule: - rule_name: "<your_own_value>" target: "<your_own_value>" gcp_project: "<your_own_value>" gcp_project_list: - gcp_zone_list: - name: "default_name_27" id: "28" group_name: "<your_own_value>" ha_status: "disable" ibm_region: "dallas" ibm_region_gen1: "us-south" ibm_region_gen2: "us-south" key_passwd: "<your_own_value>" login_endpoint: "<your_own_value>" name: "default_name_36" nic: - ip: - name: "default_name_39" public_ip: "<your_own_value>" resource_group: "<your_own_value>" name: "default_name_42" oci_cert: "<your_own_value> (source certificate.local.name)" oci_fingerprint: "<your_own_value>" oci_region: "phoenix" oci_region_list: - region: "<your_own_value>" oci_region_type: "commercial" password: "<your_own_value>" private_key: "<your_own_value>" proxy: "<your_own_value> (source system.sdn-proxy.name)" region: "<your_own_value>" resource_group: "<your_own_value>" resource_url: "<your_own_value>" route: - name: "default_name_56" route_table: - name: "default_name_58" resource_group: "<your_own_value>" route: - name: "default_name_61" next_hop: "<your_own_value>" subscription_id: "<your_own_value>" secret_key: "<your_own_value>" secret_token: "<your_own_value>" server: "192.168.100.40" server_ca_cert: "<your_own_value> (source certificate.remote.name certificate.ca.name)" server_cert: "<your_own_value> (source certificate.remote.name)" server_list: - ip: "<your_own_value>" server_port: "0" service_account: "<your_own_value>" status: "disable" subscription_id: "<your_own_value>" tenant_id: "<your_own_value>" type: "aci" update_interval: "60" use_metadata_iam: "disable" user_id: "<your_own_value>" username: "<your_own_value>" vcenter_password: "<your_own_value>" vcenter_server: "<your_own_value>" vcenter_username: "<your_own_value>" verify_certificate: "disable" vpc_id: "<your_own_value>"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str state: choices: - present - absent description: - Indicates whether to create or remove the object. required: true type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str system_sdn_connector: default: null description: - Configure connection to SDN Connector. suboptions: access_key: description: - AWS / ACS access key ID. type: str alt_resource_ip: choices: - disable - enable description: - Enable/disable AWS alternative resource IP. type: str api_key: description: - IBM cloud API key or service ID API key. type: str azure_region: choices: - global - china - germany - usgov - local description: - Azure server region. type: str client_id: description: - Azure client ID (application ID). type: str client_secret: description: - Azure client secret (application key). type: str compartment_id: description: - Compartment ID. type: str compartment_list: description: - Configure OCI compartment list. elements: dict suboptions: compartment_id: description: - OCI compartment ID. required: true type: str type: list compute_generation: description: - Compute generation for IBM cloud infrastructure. type: int domain: description: - Domain name. type: str external_account_list: description: - Configure AWS external account list. elements: dict suboptions: external_id: description: - AWS external ID. type: str region_list: description: - AWS region name list. elements: dict suboptions: region: description: - AWS region name. required: true type: str type: list role_arn: description: - AWS role ARN to assume. required: true type: str type: list external_ip: description: - Configure GCP external IP. elements: dict suboptions: name: description: - External IP name. required: true type: str type: list forwarding_rule: description: - Configure GCP forwarding rule. elements: dict suboptions: rule_name: description: - Forwarding rule name. required: true type: str target: description: - Target instance name. type: str type: list gcp_project: description: - GCP project name. type: str gcp_project_list: description: - Configure GCP project list. elements: dict suboptions: gcp_zone_list: description: - Configure GCP zone list. elements: dict suboptions: name: description: - GCP zone name. required: true type: str type: list id: description: - GCP project ID. required: true type: str type: list group_name: description: - Full path group name of computers. type: str ha_status: choices: - disable - enable description: - Enable/disable use for FortiGate HA service. type: str ibm_region: choices: - dallas - washington-dc - london - frankfurt - sydney - tokyo - osaka - toronto - sao-paulo - us-south - us-east - germany - great-britain - japan - australia description: - IBM cloud region name. type: str ibm_region_gen1: choices: - us-south - us-east - germany - great-britain - japan - australia description: - IBM cloud compute generation 1 region name. type: str ibm_region_gen2: choices: - us-south - us-east - great-britain description: - IBM cloud compute generation 2 region name. type: str key_passwd: description: - Private key password. type: str login_endpoint: description: - Azure Stack login endpoint. type: str name: description: - SDN connector name. required: true type: str nic: description: - Configure Azure network interface. elements: dict suboptions: ip: description: - Configure IP configuration. elements: dict suboptions: name: description: - IP configuration name. required: true type: str public_ip: description: - Public IP name. type: str resource_group: description: - Resource group of Azure public IP. type: str type: list name: description: - Network interface name. required: true type: str type: list oci_cert: description: - OCI certificate. Source certificate.local.name. type: str oci_fingerprint: description: - OCI pubkey fingerprint. type: str oci_region: choices: - phoenix - ashburn - frankfurt - london description: - OCI server region. type: str oci_region_list: description: - Configure OCI region list. elements: dict suboptions: region: description: - OCI region. required: true type: str type: list oci_region_type: choices: - commercial - government description: - OCI region type. type: str password: description: - Password of the remote SDN connector as login credentials. type: str private_key: description: - Private key of GCP service account. type: str proxy: description: - SDN proxy. Source system.sdn-proxy.name. type: str region: description: - AWS / ACS region name. type: str resource_group: description: - Azure resource group. type: str resource_url: description: - Azure Stack resource URL. type: str route: description: - Configure GCP route. elements: dict suboptions: name: description: - Route name. required: true type: str type: list route_table: description: - Configure Azure route table. elements: dict suboptions: name: description: - Route table name. required: true type: str resource_group: description: - Resource group of Azure route table. type: str route: description: - Configure Azure route. elements: dict suboptions: name: description: - Route name. required: true type: str next_hop: description: - Next hop address. type: str type: list subscription_id: description: - Subscription ID of Azure route table. type: str type: list secret_key: description: - AWS / ACS secret access key. type: str secret_token: description: - Secret token of Kubernetes service account. type: str server: description: - Server address of the remote SDN connector. type: str server_ca_cert: description: - Trust only those servers whose certificate is directly/indirectly signed by this certificate. Source certificate.remote.name certificate .ca.name. type: str server_cert: description: - Trust servers that contain this certificate only. Source certificate.remote.name. type: str server_list: description: - Server address list of the remote SDN connector. elements: dict suboptions: ip: description: - IPv4 address. required: true type: str type: list server_port: description: - Port number of the remote SDN connector. type: int service_account: description: - GCP service account email. type: str status: choices: - disable - enable description: - Enable/disable connection to the remote SDN connector. type: str subscription_id: description: - Azure subscription ID. type: str tenant_id: description: - Tenant ID (directory ID). type: str type: choices: - aci - alicloud - aws - azure - gcp - nsx - nuage - oci - openstack - kubernetes - vmware - sepm - aci-direct - ibm - nutanix - sap description: - Type of SDN connector. type: str update_interval: description: - Dynamic object update interval (30 - 3600 sec). type: int use_metadata_iam: choices: - disable - enable description: - Enable/disable use of IAM role from metadata to call API. type: str user_id: description: - User ID. type: str username: description: - Username of the remote SDN connector as login credentials. type: str vcenter_password: description: - vCenter server password for NSX quarantine. type: str vcenter_server: description: - vCenter server address for NSX quarantine. type: str vcenter_username: description: - vCenter server username for NSX quarantine. type: str verify_certificate: choices: - disable - enable description: - Enable/disable server certificate verification. type: str vpc_id: description: - AWS VPC ID. type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str