community.network.fmgr_fwpol_package – Manages FortiManager Firewall Policies Packages.

Note

This plugin is part of the community.network collection (version 1.3.0).

To install it use: ansible-galaxy collection install community.network.

To use it in a playbook, specify: community.network.fmgr_fwpol_package.

Synopsis

  • Manages FortiManager Firewall Policies Packages. Policy Packages contain one or more Firewall Policies/Rules and are distritbuted via FortiManager to Fortigates.
  • This module controls the creation/edit/delete/assign of these packages.

Parameters

Parameter Choices/Defaults Comments
adom
string
Default:
"root"
The ADOM the configuration should belong to.
central_nat
string
    Choices:
  • enable
  • disable
Central NAT setting.
fwpolicy6_implicit_log
string
    Choices:
  • enable
  • disable
Implicit Log setting for all IPv6 policies in package.
fwpolicy_implicit_log
string
    Choices:
  • enable
  • disable
Implicit Log setting for all IPv4 policies in package.
inspection_mode
string
    Choices:
  • flow
  • proxy
Inspection mode setting for the policies flow or proxy.
mode
string
    Choices:
  • add
  • set
  • delete
Sets one of three modes for managing the object.
name
string / required
Name of the FortiManager package or folder.
ngfw_mode
string
    Choices:
  • profile-based
  • policy-based
NGFW mode setting for the policies flow or proxy.
object_type
string / required
    Choices:
  • pkg
  • folder
  • install
Are we managing packages or folders, or installing packages?
package_folder
string
Name of the folder you want to put the package into.
parent_folder
string
The parent folder name you want to add this object under.
scope_members
string
The devices or scope that you want to assign this policy package to.
scope_members_vdom
string
Default:
"root"
The members VDOM you want to assign the package to.
ssl_ssh_profile
string
if policy-based ngfw-mode, refer to firewall ssl-ssh-profile.

Notes

Note

Examples

- name: CREATE BASIC POLICY PACKAGE
  community.network.fmgr_fwpol_package:
    adom: "ansible"
    mode: "add"
    name: "testPackage"
    object_type: "pkg"

- name: ADD PACKAGE WITH TARGETS
  community.network.fmgr_fwpol_package:
    mode: "add"
    adom: "ansible"
    name: "ansibleTestPackage1"
    object_type: "pkg"
    inspection_mode: "flow"
    ngfw_mode: "profile-based"
    scope_members: "seattle-fgt02, seattle-fgt03"

- name: ADD FOLDER
  community.network.fmgr_fwpol_package:
    mode: "add"
    adom: "ansible"
    name: "ansibleTestFolder1"
    object_type: "folder"

- name: ADD PACKAGE INTO PARENT FOLDER
  community.network.fmgr_fwpol_package:
    mode: "set"
    adom: "ansible"
    name: "ansibleTestPackage2"
    object_type: "pkg"
    parent_folder: "ansibleTestFolder1"

- name: ADD FOLDER INTO PARENT FOLDER
  community.network.fmgr_fwpol_package:
    mode: "set"
    adom: "ansible"
    name: "ansibleTestFolder2"
    object_type: "folder"
    parent_folder: "ansibleTestFolder1"

- name: INSTALL PACKAGE
  community.network.fmgr_fwpol_package:
    mode: "set"
    adom: "ansible"
    name: "ansibleTestPackage1"
    object_type: "install"
    scope_members: "seattle-fgt03, seattle-fgt02"

- name: REMOVE PACKAGE
  community.network.fmgr_fwpol_package:
    mode: "delete"
    adom: "ansible"
    name: "ansibleTestPackage1"
    object_type: "pkg"

- name: REMOVE NESTED PACKAGE
  community.network.fmgr_fwpol_package:
    mode: "delete"
    adom: "ansible"
    name: "ansibleTestPackage2"
    object_type: "pkg"
    parent_folder: "ansibleTestFolder1"

- name: REMOVE NESTED FOLDER
  community.network.fmgr_fwpol_package:
    mode: "delete"
    adom: "ansible"
    name: "ansibleTestFolder2"
    object_type: "folder"
    parent_folder: "ansibleTestFolder1"

- name: REMOVE FOLDER
  community.network.fmgr_fwpol_package:
    mode: "delete"
    adom: "ansible"
    name: "ansibleTestFolder1"
    object_type: "folder"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
api_result
string
always
full API response, includes status code and message


Authors

  • Luke Weighall (@lweighall)
  • Andrew Welsh (@Ghilli3)
  • Jim Huber (@p4r4n0y1ng)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/network/fmgr_fwpol_package_module.html