fmgr_fwpol_package – Manages FortiManager Firewall Policies Packages

From Get docs
Ansible/docs/2.8/modules/fmgr fwpol package module


fmgr_fwpol_package – Manages FortiManager Firewall Policies Packages

New in version 2.8.


Synopsis

  • Manages FortiManager Firewall Policies Packages. Policy Packages contain one or more Firewall Policies/Rules and are distritbuted via FortiManager to Fortigates.
  • This module controls the creation/edit/delete/assign of these packages.

Parameters

Parameter Choices/Defaults Comments

adom

-

Default:

"root"

The ADOM the configuration should belong to.

central_nat

-

  • enable
  • disable

Central NAT setting.

fwpolicy6_implicit_log

-

  • enable
  • disable

Implicit Log setting for all IPv6 policies in package.

fwpolicy_implicit_log

-

  • enable
  • disable

Implicit Log setting for all IPv4 policies in package.

inspection_mode

-

  • flow

  • proxy

Inspection mode setting for the policies flow or proxy.

mode

-

  • add

  • set
  • delete

Sets one of three modes for managing the object.

name

- / required

Name of the FortiManager package or folder.

ngfw_mode

-

  • profile-based

  • policy-based

NGFW mode setting for the policies flow or proxy.

object_type

- / required

  • pkg
  • folder
  • install

Are we managing packages or folders, or installing packages?

package_folder

-

Name of the folder you want to put the package into.

parent_folder

-

The parent folder name you want to add this object under.

scope_members

-

The devices or scope that you want to assign this policy package to.

scope_members_vdom

-

Default:

"root"

The members VDOM you want to assign the package to.

ssl_ssh_profile

-

if policy-based ngfw-mode, refer to firewall ssl-ssh-profile.



Notes

Examples

- name: CREATE BASIC POLICY PACKAGE
  fmgr_fwpol_package:
    adom: "ansible"
    mode: "add"
    name: "testPackage"
    object_type: "pkg"

- name: ADD PACKAGE WITH TARGETS
  fmgr_fwpol_package:
    mode: "add"
    adom: "ansible"
    name: "ansibleTestPackage1"
    object_type: "pkg"
    inspection_mode: "flow"
    ngfw_mode: "profile-based"
    scope_members: "seattle-fgt02, seattle-fgt03"

- name: ADD FOLDER
  fmgr_fwpol_package:
    mode: "add"
    adom: "ansible"
    name: "ansibleTestFolder1"
    object_type: "folder"

- name: ADD PACKAGE INTO PARENT FOLDER
  fmgr_fwpol_package:
    mode: "set"
    adom: "ansible"
    name: "ansibleTestPackage2"
    object_type: "pkg"
    parent_folder: "ansibleTestFolder1"

- name: ADD FOLDER INTO PARENT FOLDER
  fmgr_fwpol_package:
    mode: "set"
    adom: "ansible"
    name: "ansibleTestFolder2"
    object_type: "folder"
    parent_folder: "ansibleTestFolder1"

- name: INSTALL PACKAGE
  fmgr_fwpol_package:
    mode: "set"
    adom: "ansible"
    name: "ansibleTestPackage1"
    object_type: "install"
    scope_members: "seattle-fgt03, seattle-fgt02"

- name: REMOVE PACKAGE
  fmgr_fwpol_package:
    mode: "delete"
    adom: "ansible"
    name: "ansibleTestPackage1"
    object_type: "pkg"

- name: REMOVE NESTED PACKAGE
  fmgr_fwpol_package:
    mode: "delete"
    adom: "ansible"
    name: "ansibleTestPackage2"
    object_type: "pkg"
    parent_folder: "ansibleTestFolder1"

- name: REMOVE NESTED FOLDER
  fmgr_fwpol_package:
    mode: "delete"
    adom: "ansible"
    name: "ansibleTestFolder2"
    object_type: "folder"
    parent_folder: "ansibleTestFolder1"

- name: REMOVE FOLDER
  fmgr_fwpol_package:
    mode: "delete"
    adom: "ansible"
    name: "ansibleTestFolder1"
    object_type: "folder"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

api_result

string

always

full API response, includes status code and message





Status

Authors

  • Luke Weighall (@lweighall)
  • Andrew Welsh (@Ghilli3)
  • Jim Huber (@p4r4n0y1ng)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/fmgr_fwpol_package_module.html