fmgr_fwpol_package – Manages FortiManager Firewall Policies Packages
fmgr_fwpol_package – Manages FortiManager Firewall Policies Packages
New in version 2.8.
Synopsis
- Manages FortiManager Firewall Policies Packages. Policy Packages contain one or more Firewall Policies/Rules and are distritbuted via FortiManager to Fortigates.
- This module controls the creation/edit/delete/assign of these packages.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
adom - |
Default: "root" |
The ADOM the configuration should belong to. |
central_nat - |
|
Central NAT setting. |
fwpolicy6_implicit_log - |
|
Implicit Log setting for all IPv6 policies in package. |
fwpolicy_implicit_log - |
|
Implicit Log setting for all IPv4 policies in package. |
inspection_mode - |
|
Inspection mode setting for the policies flow or proxy. |
mode - |
|
Sets one of three modes for managing the object. |
name - / required |
Name of the FortiManager package or folder. | |
ngfw_mode - |
|
NGFW mode setting for the policies flow or proxy. |
object_type - / required |
|
Are we managing packages or folders, or installing packages? |
package_folder - |
Name of the folder you want to put the package into. | |
parent_folder - |
The parent folder name you want to add this object under. | |
scope_members - |
The devices or scope that you want to assign this policy package to. | |
scope_members_vdom - |
Default: "root" |
The members VDOM you want to assign the package to. |
ssl_ssh_profile - |
if policy-based ngfw-mode, refer to firewall ssl-ssh-profile. |
Notes
Examples
- name: CREATE BASIC POLICY PACKAGE
fmgr_fwpol_package:
adom: "ansible"
mode: "add"
name: "testPackage"
object_type: "pkg"
- name: ADD PACKAGE WITH TARGETS
fmgr_fwpol_package:
mode: "add"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "pkg"
inspection_mode: "flow"
ngfw_mode: "profile-based"
scope_members: "seattle-fgt02, seattle-fgt03"
- name: ADD FOLDER
fmgr_fwpol_package:
mode: "add"
adom: "ansible"
name: "ansibleTestFolder1"
object_type: "folder"
- name: ADD PACKAGE INTO PARENT FOLDER
fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestPackage2"
object_type: "pkg"
parent_folder: "ansibleTestFolder1"
- name: ADD FOLDER INTO PARENT FOLDER
fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestFolder2"
object_type: "folder"
parent_folder: "ansibleTestFolder1"
- name: INSTALL PACKAGE
fmgr_fwpol_package:
mode: "set"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "install"
scope_members: "seattle-fgt03, seattle-fgt02"
- name: REMOVE PACKAGE
fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestPackage1"
object_type: "pkg"
- name: REMOVE NESTED PACKAGE
fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestPackage2"
object_type: "pkg"
parent_folder: "ansibleTestFolder1"
- name: REMOVE NESTED FOLDER
fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestFolder2"
object_type: "folder"
parent_folder: "ansibleTestFolder1"
- name: REMOVE FOLDER
fmgr_fwpol_package:
mode: "delete"
adom: "ansible"
name: "ansibleTestFolder1"
object_type: "folder"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
api_result string |
always |
full API response, includes status code and message
|
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Luke Weighall (@lweighall)
- Andrew Welsh (@Ghilli3)
- Jim Huber (@p4r4n0y1ng)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/fmgr_fwpol_package_module.html