fmgr_fwpol_package – Manages FortiManager Firewall Policies Packages
New in version 2.8.
Synopsis
- Manages FortiManager Firewall Policies Packages. Policy Packages contain one or more Firewall Policies/Rules and are distritbuted via FortiManager to Fortigates.
- This module controls the creation/edit/delete/assign of these packages.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
adom
-
|
Default:
"root"
|
The ADOM the configuration should belong to.
|
central_nat
-
|
|
Central NAT setting.
|
fwpolicy6_implicit_log
-
|
|
Implicit Log setting for all IPv6 policies in package.
|
fwpolicy_implicit_log
-
|
|
Implicit Log setting for all IPv4 policies in package.
|
inspection_mode
-
|
|
Inspection mode setting for the policies flow or proxy.
|
mode
-
|
|
Sets one of three modes for managing the object.
|
name
- /
required
|
Name of the FortiManager package or folder.
|
|
ngfw_mode
-
|
|
NGFW mode setting for the policies flow or proxy.
|
object_type
- /
required
|
|
Are we managing packages or folders, or installing packages?
|
package_folder
-
|
Name of the folder you want to put the package into.
|
|
parent_folder
-
|
The parent folder name you want to add this object under.
|
|
scope_members
-
|
The devices or scope that you want to assign this policy package to.
|
|
scope_members_vdom
-
|
Default:
"root"
|
The members VDOM you want to assign the package to.
|
ssl_ssh_profile
-
|
if policy-based ngfw-mode, refer to firewall ssl-ssh-profile.
|
Notes
Note
- Full Documentation at https://ftnt-ansible-docs.readthedocs.io/en/latest/.
Examples
- name: CREATE BASIC POLICY PACKAGE fmgr_fwpol_package: adom: "ansible" mode: "add" name: "testPackage" object_type: "pkg" - name: ADD PACKAGE WITH TARGETS fmgr_fwpol_package: mode: "add" adom: "ansible" name: "ansibleTestPackage1" object_type: "pkg" inspection_mode: "flow" ngfw_mode: "profile-based" scope_members: "seattle-fgt02, seattle-fgt03" - name: ADD FOLDER fmgr_fwpol_package: mode: "add" adom: "ansible" name: "ansibleTestFolder1" object_type: "folder" - name: ADD PACKAGE INTO PARENT FOLDER fmgr_fwpol_package: mode: "set" adom: "ansible" name: "ansibleTestPackage2" object_type: "pkg" parent_folder: "ansibleTestFolder1" - name: ADD FOLDER INTO PARENT FOLDER fmgr_fwpol_package: mode: "set" adom: "ansible" name: "ansibleTestFolder2" object_type: "folder" parent_folder: "ansibleTestFolder1" - name: INSTALL PACKAGE fmgr_fwpol_package: mode: "set" adom: "ansible" name: "ansibleTestPackage1" object_type: "install" scope_members: "seattle-fgt03, seattle-fgt02" - name: REMOVE PACKAGE fmgr_fwpol_package: mode: "delete" adom: "ansible" name: "ansibleTestPackage1" object_type: "pkg" - name: REMOVE NESTED PACKAGE fmgr_fwpol_package: mode: "delete" adom: "ansible" name: "ansibleTestPackage2" object_type: "pkg" parent_folder: "ansibleTestFolder1" - name: REMOVE NESTED FOLDER fmgr_fwpol_package: mode: "delete" adom: "ansible" name: "ansibleTestFolder2" object_type: "folder" parent_folder: "ansibleTestFolder1" - name: REMOVE FOLDER fmgr_fwpol_package: mode: "delete" adom: "ansible" name: "ansibleTestFolder1" object_type: "folder"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
api_result
string
|
always |
full API response, includes status code and message
|
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Luke Weighall (@lweighall)
- Andrew Welsh (@Ghilli3)
- Jim Huber (@p4r4n0y1ng)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/fmgr_fwpol_package_module.html