fmgr_fwpol_package – Manages FortiManager Firewall Policies Packages
New in version 2.8.
Synopsis
- Manages FortiManager Firewall Policies Packages. Policy Packages contain one or more Firewall Policies/Rules and are distritbuted via FortiManager to Fortigates.
- This module controls the creation/edit/delete/assign of these packages.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| adom
-
|
Default:
"root"
|
The ADOM the configuration should belong to.
|
| central_nat
-
|
|
Central NAT setting.
|
| fwpolicy6_implicit_log
-
|
|
Implicit Log setting for all IPv6 policies in package.
|
| fwpolicy_implicit_log
-
|
|
Implicit Log setting for all IPv4 policies in package.
|
| inspection_mode
-
|
|
Inspection mode setting for the policies flow or proxy.
|
| mode
-
|
|
Sets one of three modes for managing the object.
|
| name
- / required
|
Name of the FortiManager package or folder.
|
|
| ngfw_mode
-
|
|
NGFW mode setting for the policies flow or proxy.
|
| object_type
- / required
|
|
Are we managing packages or folders, or installing packages?
|
| package_folder
-
|
Name of the folder you want to put the package into.
|
|
| parent_folder
-
|
The parent folder name you want to add this object under.
|
|
| scope_members
-
|
The devices or scope that you want to assign this policy package to.
|
|
| scope_members_vdom
-
|
Default:
"root"
|
The members VDOM you want to assign the package to.
|
| ssl_ssh_profile
-
|
if policy-based ngfw-mode, refer to firewall ssl-ssh-profile.
|
Notes
Note
- Full Documentation at https://ftnt-ansible-docs.readthedocs.io/en/latest/.
Examples
- name: CREATE BASIC POLICY PACKAGE
fmgr_fwpol_package:
adom: "ansible"
mode: "add"
name: "testPackage"
object_type: "pkg"
- name: ADD PACKAGE WITH TARGETS
fmgr_fwpol_package:
mode: "add"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "pkg"
inspection_mode: "flow"
ngfw_mode: "profile-based"
scope_members: "seattle-fgt02, seattle-fgt03"
- name: ADD FOLDER
fmgr_fwpol_package:
mode: "add"
adom: "ansible"
name: "ansibleTestFolder1"
object_type: "folder"
- name: ADD PACKAGE INTO PARENT FOLDER
fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestPackage2"
object_type: "pkg"
parent_folder: "ansibleTestFolder1"
- name: ADD FOLDER INTO PARENT FOLDER
fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestFolder2"
object_type: "folder"
parent_folder: "ansibleTestFolder1"
- name: INSTALL PACKAGE
fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "install"
scope_members: "seattle-fgt03, seattle-fgt02"
- name: REMOVE PACKAGE
fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "pkg"
- name: REMOVE NESTED PACKAGE
fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestPackage2"
object_type: "pkg"
parent_folder: "ansibleTestFolder1"
- name: REMOVE NESTED FOLDER
fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestFolder2"
object_type: "folder"
parent_folder: "ansibleTestFolder1"
- name: REMOVE FOLDER
fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestFolder1"
object_type: "folder"
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| api_result
string
|
always |
full API response, includes status code and message
|
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Luke Weighall (@lweighall)
- Andrew Welsh (@Ghilli3)
- Jim Huber (@p4r4n0y1ng)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/fmgr_fwpol_package_module.html