lix_fortinet / lix_fortinet.fortios / 102.2.120 / module / fortios_system_sdn_connector Configure connection to SDN Connector in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of lix_fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communitylix_fortinet.fortios.fortios_system_sdn_connector (102.2.120) — module
Install with ansible-galaxy collection install lix_fortinet.fortios:==102.2.120
collections: - name: lix_fortinet.fortios version: 102.2.120
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and sdn_connector category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Configure connection to SDN Connector. fortios_system_sdn_connector: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" system_sdn_connector: access_key: "<your_own_value>" api_key: "<your_own_value>" azure_region: "global" client_id: "<your_own_value>" client_secret: "<your_own_value>" compartment_id: "<your_own_value>" compute_generation: "2" domain: "<your_own_value>" external_account_list: - external_id: "<your_own_value>" region_list: - region: "<your_own_value>" role_arn: "<your_own_value>" external_ip: - name: "default_name_17" forwarding_rule: - rule_name: "<your_own_value>" target: "<your_own_value>" gcp_project: "<your_own_value>" gcp_project_list: - gcp_zone_list: - name: "default_name_24" id: "25" group_name: "<your_own_value>" ha_status: "disable" ibm_region: "dallas" ibm_region_gen1: "us-south" ibm_region_gen2: "us-south" key_passwd: "<your_own_value>" login_endpoint: "<your_own_value>" name: "default_name_33" nic: - ip: - name: "default_name_36" public_ip: "<your_own_value>" resource_group: "<your_own_value>" name: "default_name_39" oci_cert: "<your_own_value> (source certificate.local.name)" oci_fingerprint: "<your_own_value>" oci_region: "phoenix" oci_region_type: "commercial" password: "<your_own_value>" private_key: "<your_own_value>" region: "<your_own_value>" resource_group: "<your_own_value>" resource_url: "<your_own_value>" route: - name: "default_name_50" route_table: - name: "default_name_52" resource_group: "<your_own_value>" route: - name: "default_name_55" next_hop: "<your_own_value>" subscription_id: "<your_own_value>" secret_key: "<your_own_value>" secret_token: "<your_own_value>" server: "192.168.100.40" server_list: - ip: "<your_own_value>" server_port: "0" service_account: "<your_own_value>" status: "disable" subscription_id: "<your_own_value>" tenant_id: "<your_own_value>" type: "aci" update_interval: "60" use_metadata_iam: "disable" user_id: "<your_own_value>" username: "<your_own_value>" vcenter_password: "<your_own_value>" vcenter_server: "<your_own_value>" vcenter_username: "<your_own_value>" verify_certificate: "disable" vpc_id: "<your_own_value>"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str state: choices: - present - absent description: - Indicates whether to create or remove the object. required: true type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str system_sdn_connector: default: null description: - Configure connection to SDN Connector. suboptions: access_key: description: - AWS / ACS access key ID. type: str api_key: description: - IBM cloud API key or service ID API key. type: str azure_region: choices: - global - china - germany - usgov - local description: - Azure server region. type: str client_id: description: - Azure client ID (application ID). type: str client_secret: description: - Azure client secret (application key). type: str compartment_id: description: - Compartment ID. type: str compute_generation: description: - Compute generation for IBM cloud infrastructure. type: int domain: description: - Domain name. type: str external_account_list: description: - Configure AWS external account list. elements: dict suboptions: external_id: description: - AWS external ID. type: str region_list: description: - AWS region name list. elements: dict suboptions: region: description: - AWS region name. type: str type: list role_arn: description: - AWS role ARN to assume. type: str type: list external_ip: description: - Configure GCP external IP. elements: dict suboptions: name: description: - External IP name. type: str type: list forwarding_rule: description: - Configure GCP forwarding rule. elements: dict suboptions: rule_name: description: - Forwarding rule name. type: str target: description: - Target instance name. type: str type: list gcp_project: description: - GCP project name. type: str gcp_project_list: description: - Configure GCP project list. elements: dict suboptions: gcp_zone_list: description: - Configure GCP zone list. elements: dict suboptions: name: description: - GCP zone name. type: str type: list id: description: - GCP project ID. type: str type: list group_name: description: - Group name of computers. type: str ha_status: choices: - disable - enable description: - Enable/disable use for FortiGate HA service. type: str ibm_region: choices: - dallas - washington-dc - london - frankfurt - sydney - tokyo - osaka - toronto - sao-paulo - us-south - us-east - germany - great-britain - japan - australia description: - IBM cloud region name. type: str ibm_region_gen1: choices: - us-south - us-east - germany - great-britain - japan - australia description: - IBM cloud compute generation 1 region name. type: str ibm_region_gen2: choices: - us-south - us-east - great-britain description: - IBM cloud compute generation 2 region name. type: str key_passwd: description: - Private key password. type: str login_endpoint: description: - Azure Stack login endpoint. type: str name: description: - SDN connector name. required: true type: str nic: description: - Configure Azure network interface. elements: dict suboptions: ip: description: - Configure IP configuration. elements: dict suboptions: name: description: - IP configuration name. type: str public_ip: description: - Public IP name. type: str resource_group: description: - Resource group of Azure public IP. type: str type: list name: description: - Network interface name. type: str type: list oci_cert: description: - OCI certificate. Source certificate.local.name. type: str oci_fingerprint: description: - OCI pubkey fingerprint. type: str oci_region: choices: - phoenix - ashburn - frankfurt - london description: - OCI server region. type: str oci_region_type: choices: - commercial - government description: - OCI region type. type: str password: description: - Password of the remote SDN connector as login credentials. type: str private_key: description: - Private key of GCP service account. type: str region: description: - AWS / ACS region name. type: str resource_group: description: - Azure resource group. type: str resource_url: description: - Azure Stack resource URL. type: str route: description: - Configure GCP route. elements: dict suboptions: name: description: - Route name. type: str type: list route_table: description: - Configure Azure route table. elements: dict suboptions: name: description: - Route table name. type: str resource_group: description: - Resource group of Azure route table. type: str route: description: - Configure Azure route. elements: dict suboptions: name: description: - Route name. type: str next_hop: description: - Next hop address. type: str type: list subscription_id: description: - Subscription ID of Azure route table. type: str type: list secret_key: description: - AWS / ACS secret access key. type: str secret_token: description: - Secret token of Kubernetes service account. type: str server: description: - Server address of the remote SDN connector. type: str server_list: description: - Server address list of the remote SDN connector. elements: dict suboptions: ip: description: - IPv4 address. type: str type: list server_port: description: - Port number of the remote SDN connector. type: int service_account: description: - GCP service account email. type: str status: choices: - disable - enable description: - Enable/disable connection to the remote SDN connector. type: str subscription_id: description: - Azure subscription ID. type: str tenant_id: description: - Tenant ID (directory ID). type: str type: choices: - aci - alicloud - aws - azure - gcp - nsx - nuage - oci - openstack - kubernetes - vmware - sepm - aci-direct - ibm - nutanix - sap description: - Type of SDN connector. type: str update_interval: description: - Dynamic object update interval (30 - 3600 sec). type: int use_metadata_iam: choices: - disable - enable description: - Enable/disable use of IAM role from metadata to call API. type: str user_id: description: - User ID. type: str username: description: - Username of the remote SDN connector as login credentials. type: str vcenter_password: description: - vCenter server password for NSX quarantine. type: str vcenter_server: description: - vCenter server address for NSX quarantine. type: str vcenter_username: description: - vCenter server username for NSX quarantine. type: str verify_certificate: choices: - disable - enable description: - Enable/disable server certificate verification. type: str vpc_id: description: - AWS VPC ID. type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str